Job Description

Job Overview

The

Cybersecurity Engineer (PAM / IAM / Cloud Security)

is responsible for implementing, managing, and securing identity and access systems across on-premises and cloud environments. This role ensures that privileged accounts, user access, and cloud resources are properly secured, monitored, and compliant with organizational policies and regulatory standards.

Key Responsibilities1. PAM (Privileged Access Management)

Implement, configure, and manage

PAM solutions

(e.g., CyberArk, BeyondTrust, Thycotic, Delinea, Azure PIM). Define and enforce

least privilege principles

and privileged session management. Monitor and audit privileged account activity to detect and prevent misuse. Automate password rotation, vaulting, and credential management processes. Conduct periodic privileged access reviews and compliance audits.

2. IAM (Identity and Access Management)

Design and maintain

IAM frameworks

aligned with Zero Trust principles. Manage

user provisioning, de-provisioning, and access lifecycle

using tools like

Okta, Azure AD, Ping Identity, SailPoint, or One Identity

. Integrate IAM systems with cloud and enterprise applications (SSO, MFA, RBAC, SCIM). Develop and enforce

access control policies, authentication mechanisms, and identity governance

. Work with HR and IT to ensure access alignment during employee onboarding/offboarding.

3. Cloud Security

Secure cloud environments (

AWS, Azure, GCP

) by enforcing

Identity & Access controls (IAM roles, policies)

. Implement

cloud-native security tools

(e.g., Azure Defender, AWS IAM, GuardDuty, Security Hub). Perform

configuration reviews, vulnerability assessments, and threat monitoring

for cloud resources. Support

incident response, risk mitigation, and compliance

within the cloud infrastructure. Collaborate with DevOps teams to integrate

security into CI/CD pipelines (DevSecOps)

.

4. Security Operations & Compliance

Assist in

incident investigation and response

related to identity breaches or cloud threats. Develop and maintain

security documentation, policies, and runbooks

. Ensure compliance with frameworks such as

ISO 27001, SOC 2, NIST, GDPR, or HIPAA

. Provide

technical guidance and training

to internal teams on PAM, IAM, and Cloud Security best practices.

Required Skills and ExperienceTechnical Skills

Strong knowledge of

Identity Governance, PAM, and MFA technologies

. Hands-on experience with tools such as

CyberArk, BeyondTrust, Thycotic, Delinea, SailPoint, Okta, Azure AD

. Familiarity with

Azure / AWS security models

and

Zero Trust architecture

. Understanding of

Active Directory, LDAP, SSO, OAuth, SAML, SCIM, and OpenID Connect

. Experience with

PowerShell, Python, or Bash scripting

for automation. Good grasp of

network security

,

firewalls

, and

endpoint protection

concepts.

Soft Skills

Strong analytical and problem-solving skills. Excellent communication and teamwork abilities. Detail-oriented with a focus on risk mitigation and compliance. Ability to manage multiple priorities in a fast-paced environment.

Education & Certifications

Bachelor's degree

in Computer Science, Information Security, or related field.

Preferred Certifications:

CompTIA Security+, CySA+, or CASP+ Microsoft Certified: Azure Security Engineer Associate AWS Certified Security - Specialty Certified Identity and Access Manager (CIAM) Certified Information Systems Security Professional (

CISSP

) CyberArk / SailPoint / Okta certification (preferred)
Job Type: Full-time

Pay: $66,171.36-$153,517.28 per year

Ability to commute/relocate:

Toronto, ON (Toronto District): reliably commute or plan to relocate before starting work (required)
Application question(s):

What is your monthly current salary? What is your monthly expected salary? What is your notice period?
Education:

Bachelor's Degree (preferred)
Experience:

Cybersecurity Engineer: 3 years (required)
Work Location: In person