IAM Architect

About The Position

Requirements

• 10+ years in IAM space with 3+ years in an Architect Role.
• 5+ years working with IAM platforms or technologies (Microsoft Entra, ForgeRock, SailPoint, CyberArk, Radiant Logic, Ping Identity)
• 3+ years of hands-on experience with Microsoft Entra ID platform
• Experience developing and documenting IAM directives, standards and policies.
• Experience with designing and implementing authentication and credential management flows based on channel requirements.
• Experience in scoping, sizing and prioritizing solutions for a project.
• Strong understanding of workforce identity lifecycle patterns (SOD) and anti-patterns (toxic combinations)
• Previous exposure to Regulatory, Compliance, Risk and Audit functions

Nice To Haves

• Knowledge of project finance or previous experience working within Banking Sector.
• Experience of preparation of presentation decks and presenting to senior leadership.
• Experience with Azure domain joined or hybrid workstation configurations
• Experience with Java based programming languages (Java, JavaScript, NodeJS)

Responsibilities

• Be responsible for the architecture and design of new features/capabilities that Scotiabank is looking to introduce into the IAM platform (Microsoft Entra ID, ForgeRock, Ping, SailPoint, CyberArk, Radiant Logic)
• Design the technical roadmap to support user identity and application migration from on-premises Identity Provider to Microsoft Entra ID platform.
• Provide subject matter expertise surrounding the various security controls (MFA, Conditional Access Policies, Intune Device Management) within Microsoft platform.
• Oversee the design and modernization of the workforce identity lifecycle platforms and ensure key principles of data ownership, provisioning, observability, and auditing align with risk, compliance, and external regulatory requirements; both on prem and SaaS cloud-based identities
• Configure and validate architectural designs within the Entra Platform to verify solutions and new capabilities proposed for adoption
• Review the business requirements (the “what”) provided by the IAM Product team and provide the overall architectural design (the “how”) to the IAM Engineering team to build into the IAM service.
• Provide required design artifacts to key stakeholders which clearly outlines the solution, components involved, key decisions, and time and cost estimates
• Closely collaborate with IAM Engineering partners in all aspects of the design and ensure alignment and synergy regarding proposed solution.
• Evaluate new authentication capabilities introduced into the ever-changing IAM landscape and account for what is applicable into proposed designs (short-term and long-term)
• Partner with various cross functional architect teams (IAM, security, business channel, fraud, workspace) to solidify design approach which aligns with best practices and strategic direction of the platform
• Collaborate with stakeholders across the Bank - technology, security architecture, security advisory, fraud, compliance and business channel teams – to provide enterprise grade solutions which meet the business and security requirements
• Represent the IAM Architecture team on various governance boards but providing both expertise and the required artifacts necessary to ensure stakeholder approval
• Design based on strong IAM expertise that aligns with industry standards (FIDO, OIDC, OAUTH, SCIM, SPIFFE), best practices (MFA, NIST 800-63), and a forward-looking mentality (Passkeys, VCs, DIDs)

Benefits

• Upskilling through online courses, cross-functional development opportunities, and tuition assistance.
• Competitive Rewards program including bonus, flexible vacation, personal, sick days, and benefits will start on day one.
• Community Engagement - no matter where you choose to work from; we offer opportunities for community engagement & belonging with our various programs.