Manager, IAM-Governance, Strategy and Optimization

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Security, Engineering, or related field; or equivalent experience.
• 10+ years in information technology with at least 3 years managing technical teams in security or IAM; experience leading cross‑functional initiatives at scale.
• 3+ years of hands‑on experience with IAM, including modern authentication (OIDC/OAuth2, SAML, FIDO2/WebAuthn/passkeys), token lifecycles, authorization and session management.
• Strong understanding of: IAM concepts: identity lifecycle for customers/partners, federation, RBAC/ABAC, externalized policy engines, provisioning/de‑provisioning, and segregation of duties where applicable.
• Strong understanding of Security and app delivery: cryptographic protocols/TLS, reverse proxies and CDNs/edge, API security, bot mitigation and fraud signals, OWASP Top 10, and secure SDLC practices.
• Strong understanding of Platform engineering: Kubernetes and orchestration, infrastructure‑as‑code, CI/CD, feature flags and safe rollout patterns, observability, zero‑trust principles, and DR/BCP for auth systems.
• Demonstrated portfolio planning, dependency management, and risk mitigation; proven ability to define and track product and reliability metrics.
• Initiative, creativity, and autonomy: proactive in seeking data and stakeholder input, managing expectations, articulating trade‑offs, and driving continuous improvement.
• Excellent communication and influence skills, including executive updates and guidance for engineering teams.
• Strong ethical principles and understanding of security and privacy by design in customer contexts.
• No Canadian work experience required however must be eligible to work in Canada.

Nice To Haves

• Experience with major IAM solutions is an asset (e.g., IBM Security Verify, Okta/Auth0, ForgeRock, Ping, Azure AD/Entra External ID).
• Relevant certifications are an asset (e.g., IAM vendor certs, CISSP, CCSP, cloud, product management).
• French is an asset - For candidates located in Quebec, bilingualism is required considering the necessity to interact on a regular basis with English speaking colleagues across the country.

Responsibilities

• Lead and develop a high-performing team delivering IAM capabilities for brokers, partners, and customers, including coaching, hiring, career development, and performance management.
• Build and manage a multi‑year IAM Strategy and Roadmap (authentication, authorization, identity lifecycle), aligned to business priorities, risk reduction, and regulatory requirements.
• Own operational effectiveness of IAM platforms and services: manage vendors, SLAs, cost, and integrations; establish reference architectures and patterns for application teams.
• Drive platform simplification and modernization (consolidation, vendor rationalization, standards adoption) and cost efficiency without compromising security or user experience.
• Evaluate new capabilities; lead POCs and onboarding, in line with the roadmap (e.g., phishing‑resistant MFA, passkeys/WebAuthn, risk‑based authentication, consent management).
• Guide squads in backlog management, sprint planning, and iterative delivery; define clear OKRs and KPIs.
• Serve as a trusted advisor to product, engineering, security risk, operations, compliance, and business stakeholders; balance conversion and user friction against risk reduction.
• Support projects and programs by decomposing complex initiatives into phased deliverables; manage dependencies and risks; provide transparent status and risk reporting up to senior leadership.
• Ensure services meet SLOs for availability, performance, and resilience; implement robust observability (metrics, logs, traces), synthetic monitoring, alerting, and runbooks; define on‑call and incident response expectations and lead post‑incident reviews.
• Partner with Risk/Compliance to meet financial services regulatory expectations (e.g., SOC 2, ISO 27001, OSFI, and OSC, as applicable); ensure audit readiness and timely findings remediation.

Benefits

• Flexible work arrangements and a hybrid work model
• Possibility to purchase up to 5 extra days off per year
• Multiple benefits offered to support physical and mental wellbeing, including telemedicine, Wellness account and much more
• Share plan & other savings: up to 12% of salary or even more (ask how you could earn guaranteed income for life)
• Annual bonus target, based on the base salary, with a potential payout of up to double the target (subject to personal and company performance): 15%
• Employee Share Purchase Plan (ESPP) – with Intact matching 50% of your net shares.
• Defined benefit pension plan offering guaranteed income for life.