The Identity Security Analyst supports the secure management of digital identities and access across the enterprise and contributes to the organization’s Identity Security program. The role ensures identities, entitlements, authentication, and authorization mechanisms are provisioned, governed, and maintained in alignment with security policies, Zero Trust principles, and Identity Security standards.
HERE’S HOW YOU’LL CONTRIBUTE:
1. Identity Lifecycle & Access Processes – 40%
Ensure the provisioning, modification, and deprovisioning user, service, and privileged accounts across enterprise systems are working as designed.
Ensure joiner, mover, and leaver (JML) processes are conducted in accordance with defined IAM controls.
Assist the Identity team to define and implement manual or automated procedures which perform access requests, approvals, and exception handling using IAM workflows
Ensure accuracy and integrity of identity and entitlement data across systems
Supports management of non-human identities including service accounts, application identities, and system-to-system access, ensuring defined ownership, lifecycle controls, and credential hygiene.
2. IAM Platform Integration – 25%
Working alongside the Identity Security Program Manager,
Participate in initiatives to optimize and enhance existing Identity Security platforms and integrations in alignment with Identity Security standards.
Contribute to the project team delivering application onboarding and integration using defining the requirements for SailPoint IQ to perform provisioning within business application platforms or via standards such as SAML, OAuth, OIDC, and SCIM
Assist with privileged access management (PAM) operations where applicable
Monitor IAM system health, logs, and access-related events
3. Identity Governance, Risk & Compliance – 15%
Define procedures and assist in the automation of periodic access reviews, certifications, and audit activities
Document access controls, role models, and entitlement definitions
Identify access risks and recommend improvements to role design and least-privilege enforcement
Assist with compliance efforts related to regulatory and internal control requirements
Deliver role analysis, role mining, and entitlement rationalization activities to support least-privilege access models.
4. Stakeholder Collaboration & Incident Support – 10%
Partner with IT, application owners, and business teams to align access with business needs
Support incident response activities related to identity misuse or unauthorized access
Escalate access risks or control failures to senior analysts or management
5. Documentation, Metrics & Continuous Improvement – 10%
Partner with IT and Information Security teams to develop IAM procedures, runbooks, and standard operating documentation
Assist in the development of IAM operational metrics and KPIs
Identify opportunities to improve automation, efficiency, and user experience
Participate in training and skill development initiatives
HERE’S WHAT YOU’LL BRING:
3–5 years of experience in information technology or cybersecurity, with 2+ years focused on IAM or identity security
Hands-on experience with IAM technologies such as Active Directory, Entra ID (Azure AD), SSO, MFA, RBAC, and IGA platforms (preferrably SailPoint)
Knowledge of identity protocols and standards (SAML, OAuth, OIDC, SCIM, LDAP, Kerberos)
Familiarity with security governance concepts, access reviews, and audit support
Ability to communicate effectively with both technical and non-technical stakeholders
Experience supporting identity and access controls in cloud environments (e.g., Azure, SaaS applications).
PREFERRED QUALIFICATIONS
Experience with SailPoint, CyberArk, or similar IAM/PAM platforms
Exposure to scripting or automation (PowerShell, Python, Bash)
Knowledge of regulatory frameworks such as OSFI B-13, PCI, SOX, NIST, or ISO standards
Relevant certifications (CISSP, CIAM, Security+, or vendor-specific identity certifications)
Total Direct Compensation (base salary + bonus):
$108,000 to $129,600
Any pay range is in $CAD