Senior IAM Systems Engineer, Authorization (Global Security)

About The Position

Requirements

• 5+ years of experience in DevOps, IAM, or SRE authorization engineering, or related fields.
• Strong programming skills in Python, Go, or Java for policy automation and integration.
• Working knowledge of DevOps/DevSecOps practices, including CI/CD pipelines and infrastructure automation.
• Proficiency in API integrations (REST, GraphQL) and microservices architecture.
• Familiarity with cloud-native authorization solutions (AWS IAM, Azure AD Conditional Access).
• Familiarity with enterprise IAM platforms (e.g., Entra, Auth0, SailPoint, CyberArk, ForgeRock, Okta).
• Strong problem-solving and collaboration skills, with the ability to drive cross-functional initiatives.

Nice To Haves

• Experience with AI/ML frameworks (e.g., TensorFlow, PyTorch) for policy optimization or anomaly detection.
• Hands-on expertise with Open Policy Agent (OPA) and Rego for policy-based access control
• Knowledge of attestation and governance tools (e.g., Saviynt, SailPoint IIQ).
• Understanding regulatory requirements (FRB, OSFI) and compliance frameworks (SOC 2, ISO 27001).
• Certifications (CISSP, CISM, CCSP) or relevant IAM/security credentials.

Responsibilities

• Design and implement enterprise authorization solutions using Open Policy Agent (OPA) with Rego for fine-grained, policy-as-code access control.
• Develop and maintain authorization policies in JSON-structured Rego, ensuring scalability, reusability, and alignment with business and regulatory requirements.
• Integrate Policy Decision Points (PDPs) with Policy Information Points (PIPs) across RBC’s ecosystem (e.g., Workday, Salesforce, Beeline) to centralize entitlement data.
• Build custom authorizers, sidecars, and connectors to extend authorization capabilities to legacy and modern applications.
• Engineer a centralized attestation service by aggregating authorization policies, roles, entitlements, and physical access data into a unified compliance framework.
• Leverage graph database technologies (Neo4j) to model complex relationships between identities, resources, and permissions for advanced access analytics.
• Automate policy deployment, testing, and lifecycle management using CI/CD pipelines (GitHub Actions) and infrastructure-as-code (IaC) principles.
• Collaborate with Security, Risk, and Audit teams to ensure authorization controls meet regulatory standards (FRB, OSFI, Part 30).
• Optimize policy evaluation workflows with custom code and AI/ML frameworks (where applicable) to enhance decision-making efficiency.
• Document integration patterns, runbooks, and standards for enterprise-wide adoption and operational consistency.
• Support incident response, troubleshooting, and root-cause analysis for authorization-related issues.

Benefits

• A comprehensive Total Rewards Program including bonuses and flexible benefits
• competitive compensation
• commissions
• stock where applicable
• Leaders who support your development through coaching and managing opportunities
• Ability to make a difference and lasting impact
• Work in a dynamic, collaborative, progressive, and high-performing team
• Opportunities to do challenging work and take on progressively greater accountabilities