Senior IAM Systems Engineer, Passwordless Integration (Global Security)

RBC•Toronto, ON

1d•Onsite

About The Position

The Senior IAM Systems Engineer, Passwordless Integration is responsible for rolling out and integrating the enterprise Passwordless authentication solution across the systems and platforms employees use every day. This role works across the organization — partnering with endpoint, workplace, infrastructure, and access teams — to bring passwordless authentication to Windows and macOS devices, virtual desktop and application delivery platforms, directory services, and other enterprise systems. Sitting within Platform Enablement Engineering and partnering closely with the Authentication team, this engineer bridges identity and the broader enterprise, turning a passwordless capability into a real, organization-wide experience. Passwordless is a strategic pillar of the IAM roadmap — directly improving security posture, reducing credential-related risk, and elevating the user experience. This engineer will shape how the enterprise integrates and scales passwordless across a heterogeneous estate, working at the intersection of authentication, endpoint, and access engineering.

Requirements

7+ years in identity, authentication, endpoint, or platform integration engineering
3+ years of experience with Python or Java with strong OOP design principles, solid understanding of REST API’s, microservices architecture
Experience with Infrastructure-as-code, CI/CD pipelines, containerization (Docker/Kubernetes), cloud platforms
Strong hands-on experience integrating authentication solutions with Windows and macOS endpoints, including credential providers, login flows, and device-bound authentication
Software Hands-on experience integrating authentication with Citrix or equivalent VDI / virtual application delivery platforms
Strong working knowledge of Active Directory, Kerberos, and modern federation protocols (OIDC, OAuth 2.0, SAML, FIDO2 / WebAuthn)
Experience deploying and operating phishing-resistant or passwordless authentication solutions in an enterprise environment
Strong scripting / automation skills (PowerShell, Python, or equivalent) for configuration management and operational tooling
Strong understanding of cryptographic primitives relevant to authentication (public-key cryptography, attestation, key management) and how they apply to endpoint-bound credentials
Deep hands-on expertise with CI/CD platforms (Jenkins, GitHub Actions, GitLab CI)

Nice To Haves

Experience integrating with Entra ID and/or Auth0 authentication flows
Familiarity with enterprise endpoint management platforms (Intune, Jamf, SCCM) and how authentication integrates with managed-device posture
Experience with mobile authentication (iOS / Android platform authenticators, secure enclave) and consumer-style passwordless flows
Familiarity with Zero Trust Architecture and phishing-resistant authentication strategy
Experience leading enterprise-wide authentication rollouts or migrations
Experience automating IAM platforms (Entra ID, Auth0, SailPoint, CyberArk, or equivalent)
Working knowledge of the banking/financial services regulatory landscape (FRB, Part 30, OSFI) and how it shapes authentication controls

Responsibilities

Lead integration of the enterprise passwordless solution with workforce systems, including Windows endpoints, macOS endpoints, Citrix and other VDI / application delivery platforms, Active Directory, and other authentication-consuming systems
Partner with endpoint engineering (Windows, macOS), workplace technology, Citrix / virtualization, and directory services teams to deliver consistent passwordless experiences across the estate
Design and execute integration patterns for federated and non-federated systems, including login flows, fallback behaviors, lifecycle and recovery scenarios
Configure, test, and operationalize passwordless authenticator deployments on managed and unmanaged endpoints
Drive integration with workforce authentication platforms and downstream consumers
Build automation for configuration deployment, policy management, and operational health checks of the passwordless integration footprint
Partner with the Authentication team — who holds product accountability — to deliver against the passwordless roadmap and prioritize integration backlog
Establish observability, alerting, and operational practices for passwordless integrations across systems
Work with Architecture, Security, Risk, and Audit to ensure integration meet regulatory and internal control requirements
Provide deep technical input into rollout planning, change management, and user experience design
Support production operations, incident response, and root cause analysis for passwordless integrations across systems
Document integration patterns, runbooks, and standards for use by partner teams across the enterprise
Build operational automation for the Passwordless toolset—patching, certificate rotation, configuration drift detection, and routine support operations
Integrate with CI/CD pipelines and infrastructure platforms

Benefits

bonuses
flexible benefits
competitive compensation
commissions
stock where applicable
Leaders who support your development through coaching and managing opportunities
Ability to make a difference and lasting impact
Work in a dynamic, collaborative, progressive, and high-performing team
Opportunities to do challenging work and take on progressively greater accountabilities

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume