System Engineer II

CBTS serves enterprise and midmarket clients in all industries across the United States and Canada. CBTS combines deep technical expertise with a full suite of flexible technology solutions--including Application Modernization, Managed Hybrid Cloud, Cybersecurity, Unified Communications, and Infrastructure solutions. From developing and deploying modern applications and the secure, scalable platforms on which they run, to managing, monitoring, and optimizing their operations, CBTS delivers comprehensive technology solutions for its clients' transformative business initiatives. For more information, please visit www.cbts.com .

OnX is a leading technology solution provider that serves businesses, healthcare organizations, and government agencies across Canada. OnX combines deep technical expertise with a full suite of flexible technology solutions—including Generative AI, Application Modernization, Managed Hybrid Cloud, Cybersecurity, Unified Communications, and Infrastructure solutions. From developing and deploying modern applications and the secure, scalable platforms on which they run, to managing, monitoring, and optimizing their operations, OnX delivers comprehensive technology solutions for its clients’ transformative business initiatives. For more information, please visit www.onx.com .

GENERAL FUNCTION

The Identity Engineer – Directory Services will be responsible for contributing to the design, development, implementation, and operation of technical solutions that bolster our Directory Services product and service offerings. The Engineer will have a heightened focus on continuously improving the resiliency and security of our service offerings through the continuous, proactive identification, assessment, and implementation of enhancement opportunities. The Engineer will work within, and across, Agile teams to this end – to enable a more secure Enterprise where the right people, have access to the right things, at the right time.

The Engineer is responsible and accountable for risk by openly exchanging ideas and opinions, elevating concerns, and personally following policies and procedures as defined. Accountable for always doing the right thing for customers and colleagues; and ensures that actions and behaviors drive a positive customer experience. While operating within the Bank's risk appetite, achieves results by consistently identifying, assessing, managing, monitoring, and reporting risks of all types.

ESSENTIAL DUTIES AND RESPONSIBILITIES

· Contribute to the design, development, implementation, and operation of technical solutions that bolster the resiliency, usability, observability and/or security of our Directory Services product and service offerings

· Continuously identity, assess, coordinate, and implement opportunities to bolster the security posture of our Directories through the introduction or enhancement of preventative or detective capabilities.

· Draft, improve, and execute Standard Operating Procedures (SOPs) to ensure – or enhance – the nominal operation of Directory Services product offerings.

· Develop deep domain-knowledge while simultaneously developing an understanding of nominal platform operation.

· Diagnose root-cause to deviations from nominal platform operation, as required, with or without guidance from SOPs.

· Engage with infrastructure, platform, and application teams – as required - to drive Directory Services product/service adoption and continuous improvement.

· Function as a member of an Agile Squad, consistent with the Bank’s Ways of Working.

· Maintain effective partnerships with operations and engineering teams to drive service improvement.

· Seeking and maintaining knowledge (cross/up skill) of current and upcoming IT security technologies.

· Support the Bank's operational information security responsibilities, including the development of, maintenance of, and adherence to standards, procedures, and guidelines.

MINIMUM KNOWLEDGE, SKILLS AND ABILITIES REQUIRED

· Bachelor's degree in Computer Science, Information Systems, and/or Engineering; or equivalent experience.

· At least five years’ professional experience within the (Preferred) Directories, (Acceptable) Identity and Access Management, or (Acceptable) Information Security domain(s).

· Experience with Directory technologies including, but not limited to: Active Directory, Entra ID, PingDirectory

· Demonstrable experience in hardening the configuration of Directories through the utilization of scanning tools, attack path analysis, and/or structured, one-off assessments/analyses.

· Nice-to-Have: Experience with Identity technologies, such as: Sailpoint IdentityIQ, Sailpoint IdentityNow

· Nice-to-Have: Experience with identity concepts, such as: SSO, MFA, LDAP, SCIM, SAML, OIDC, and OAuth

· Nice-to-Have: multiple years of software development experience – in a personal, academic, and/or professional capacity. PowerShell experience a plus.

· Must be able to communicate ideas both verbally and in writing to management, business and IT sponsors, and technical resources in language that is appropriate for each group.

· Understanding of Software Development Methodologies.

· Understanding of security best practices.

· Strong problem-solving skills.

· Strong collaboration skills.

· Financial industry experience is a plus.

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, age, disability, religion, sex, sexual orientation, gender identity, gender expression, protected veteran, military status or any other characteristic protected by law.