Job Description

Insight Global is looking for a leader in cybersecurity and risk management, committed to strengthening its security posture through cutting-edge identity and access management (IAM) and privileged access management (PAM) initiatives. We are searching for an IAM & PAM Architect with expertise in large-scale transformations to join a leading Canadian bank on a contract-to-hire basis.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com .

To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .

Skills and Requirements

Identity and Access Management (IAM):

Expertise in IAM concepts, especially in implementing Single Sign-On (SSO) for simplified and secure access management.

Strong knowledge of identity lifecycle management, including provisioning, de-provisioning, and recertification.

Entra ID (formerly Azure AD):

Extensive experience in configuring Entra ID, including application registration, SSO configurations, user/group management, and policy administration.

Proficiency in managing SAML 2.0 authentication flows within Entra ID and integrating these with various applications to support seamless SSO.

Kerberos and Token-Based Authentication:

In-depth understanding of Kerberos authentication mechanisms, including the Ticket-Granting Ticket (TGT) and Service Ticket processes for secure access management.

Expertise in configuring and troubleshooting Kerberos and token-based authentication for applications within enterprise environments.

Security Protocols and Standards:

Proficiency in SAML 2.0, along with familiarity in OAuth 2.0 and OpenID Connect, for broad expertise in authentication standards.

Knowledge of secure token handling and assertion management practices in support of SSO configurations.

Documentation and Technical Writing:

Ability to create clear, concise, and organized technical documentation for IAM architecture, workflows, and integration patterns, using tools like Microsoft Visio and Lucidchart.

Experience developing standardized templates for consistent, professional documentation across IAM projects.

Architecture and Implementation Patterns:

Experience with architecture and design patterns such as just-in-time (JIT) provisioning, role-based access control (RBAC), and zero trust.

Knowledge of policy design and compliance requirements, including NIST, ISO 27001, and GDPR. null

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to HR@insightglobal.com.