IAM Engineer – Authentication Management (AM)

Finning•Edmonton, AB

12d•Hybrid

About The Position

As a senior member of Finning’s Global IAM team, you will co-own Authentication Management end-to-end, with a focus on Entra ID, OKTA, ClearPass/NPS, and maintaining healthy On-Prem AD. You will be responsible for overall GPO health and management, and driving operational excellence in a high-paced, results-driven environment.

Requirements

8+ years in IAM, with strong expertise in Active Directory, Entra ID.
Managing and supporting OKTA, ClearPass and NPS an asset.
Direct experience with AD-to-Entra transitions and advanced automation/scripting (PowerShell, Power Automate).
Proven ownership of GPO health.
Deep understanding and experience using authentication technologies.
Microsoft SC-300 or equivalent certification preferred.

Responsibilities

Manage Entra ID configurations for SSO, MFA, and Conditional Access baselines.
Oversee app registrations, Enterprise application approvals, and hygiene.
Manage admin consent governance for Graph/API scopes.
Support Multi-Domain Active Directory and ensure optimized authentication globally.
Maintain overall GPO health and management.
Lead transitions from On-Prem AD to Entra ID.
Enhance authentication capabilities using Fido2 and Phish resistant authentication.
Monitor authentication service health and publish reports.
Implement federation patterns (OIDC/SAML) and SCIM integrations.
Advance Customer IAM journeys and posture integration with ClearPass.
Drive transition projects and collaborate with the broader IAM team.

Benefits

Great people and place to work with a hybrid work opportunity
Career advancement and training opportunities
Pension and employee stock purchase plans with company contributions
Extensive health benefits including group medical and dental benefits, and short-term and long-term disability benefits

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume