Job Description

Identity & Access Management Analyst
Rank P5
Scarborough, ON (Hybrid)
Deadline: This posting will close by December 12, 2025, at 11:59 PM EST.
Toyota Canada Inc. (TCI) currently has an exciting opportunity for an Identity and Access Management Analyst to support our Information Services team. This is a full-time opportunity and will report to the Manager, Enterprise Information Security. This individual will play a critical role in enabling TCI IS autonomy in managing and evolving our customer identity platforms, which are essential to TCI's Customer Experience and Digital Retail strategies. This role focuses on designing, administering and integrating IAM solutions to support secure and seamless access for associates, dealers and customers across TCI's digital ecosystem.
The successful candidate will lead the technical and operational aspects of our IAM platforms for TCI's Workforce, Dealers and Customers, ensuring that access is provided efficiently, managed securely and aligned with compliance and regulatory requirements. This role bridges technology and business, working closely with internal IS teams and external partners to deliver robust identity services that support TCI's evolving digital landscape.
What We'll Bring:
Company & Culture
A hybrid work environment
A work environment built on teamwork, flexibility and respect
Professional growth and development programs to help advance your career
A focus on respect for people and continuous improvement
Summer Hours - condensed work week during the summer
Benefits
Competitive compensation package including bonus
Extended health care and dental benefits effective immediately
Company pension plan with additional employer contributions
Associate vehicle discount program
Reimbursement programs (tuition & fitness)
Paid holiday shutdown and competitive paid time off benefits
Sabbatical leave program
What You'll be Doing:
Identity Platform Management
Act as a subject matter expert for enterprise-wide identity platforms (Okta WIAM, Okta CIS, and Auth0), ensuring secure integration of workforce and customer identities and seamless synchronization of user and dealer access across Salesforce and MuleSoft-based systems to deliver a unified, secure experience
Configure, maintain and optimize IAM solutions to support authentication, authorization and access lifecycle management across workforce, dealer and customer userbase
Contribute to the development of platform roadmaps, ensuring alignment with enterprise security strategy, user experience objectives and evolving business needs.
Collaborate with technical teams to integrate IAM solutions with new and existing systems, supporting initiatives that enable digital transformation securely
Identity Integration & Governance
Ownership of identity flows across critical enterprise systems (e.g., Active Directory, Workday, SAP, Salesforce), ensuring consistent enforcement of access policies and standards
Support and enhance RBAC, MFA and SSO configurations to align with regulatory requirements (e.g., SOX, PIPEDA, privacy legislation) and industry frameworks
Partner with compliance, audit and security teams to identify and implement controls, conduct access reviews and participate in initiatives to strengthen governance practices
Contribute to the development of IAM policies, standards, and Toyota Canada's IAM autonomy framework, ensuring platform configurations and implementations align with global standards while supporting localized governance, compliance, and operational control
Identity Processes & Enablement
Document and implement repeatable IAM processes, ensuring identity operations are secure, efficient and scalable across all user groups
Support access certification campaigns and audit activities, ensuring identity controls meet internal policy and external regulatory obligations
Streamline access request and approval processes, balancing security requirements with business productivity and enabling a better end-user experience
Support initiatives that automate provisioning, deprovisioning and access changes to reduce manual effort and operational risk
Collaborate with Enterprise Data and Privacy teams to ensure identity attributes are synchronized with TCI's Salesforce Data Cloud and Data Access Layer platforms in compliance with Law 25 and data-minimization principles
Vendor & Service Provider Liaison
Serve as the technical liaison with managed service providers (MSPs) and vendors supporting IAM platforms, ensuring technical updates, patches and upgrades align with enterprise roadmaps
Review vendor roadmaps, align them with organizational objectives and communicate platform changes or enhancements to internal stakeholders
Monitor service delivery against SLAs and KPIs, escalating issues and driving continuous improvement with external partners
Operational Support & Continuous Improvement
Provide Tier 2/3 escalation support for IAM-related incidents, service requests and problems, collaborating with operational and security teams to ensure timely resolution
Analyze incident trends, user demands, and operational gaps to inform future improvements, platform enhancements and process refinements
Advocate for a continuous improvement culture, leveraging lessons learned to enhance both security and user experience
Participate in post-incident reviews, contribute to root cause analysis and support proactive measures that strengthen identity security posture
Develop automation scripts and workflows (e.g., Okta Workflows, Terraform) to enhance provisioning, monitoring, and audit readiness. Integrate system logs into centralized observability tools to support proactive incident detection and compliance reporting
What You'll Bring:
University Degree or College Diploma in Computer Science, Cybersecurity, Information Technology or equivalent
Minimum 5 years of progressive experience in IAM-focused roles, supporting and managing enterprise identity platforms (i.e. Okta, Auth0, Azure AD)
At least one relevant IAM and one security certification required; Examples include: IAM: CIAM, Okta Certified Professional/Admin, Auth0 Implementer, Microsoft SC-300
Security: CISSP, CCSP, CISM, CISA, SANS-GIAC, CCSK
Hands-on experience with user lifecycle management, RBAC, access governance and application integrations using identity standards (SAML, OIDC, OAuth, SCIM and Zero Trust principles)
Familiarity with compliance frameworks (e.g. SOX, PIPEDA) and conducting access reviews to support regulatory obligations
Experience supporting incident investigations related to identity systems (i.e. MFA fatigue, account compromise)
Familiarity with NIST Digital Identity Guidelines and IAM best practices for MFA, SSO and privileged access
Experience integrating IAM solutions in cloud and hybrid environments
Strong analytical and communication skills, with the ability to explain complex identity concepts to both technical and business audiences
Proven ability to work collaboratively across security, infrastructure and business teams
About Us
Toyota Canada Inc. is the exclusive Canadian distributor of Toyota and Lexus vehicles. Toyota Canada's head office is in Toronto, with regional offices in Vancouver, Calgary, Montreal and Halifax. Toyota parts and accessories are distributed through TCI's Parts Distribution Centres in Bowmanville and Vancouver. TCI supports over 287 Toyota and Lexus dealers in Canada with services that include training, sales, marketing, environmental and customer satisfaction initiatives.
What Sets Us Apart?
A focus on people, passion for Toyota, innovation and continuous improvement have made us an award-winning company, recognized worldwide for our technological leadership and superior standards of quality, community involvement and environmental responsibility.
What You Should Know:
Our success begins and ends with our people. We embrace diverse perspectives and value unique human experiences. We are proud to be an equal opportunity employer that celebrates the diversity of the communities where we live and do business. Applicants for our positions are considered without regard to race, ethnicity, national origin, sex, sexual orientation, gender identity or expression, age, disability, religion, or any other characteristics protected by law. Please advise us at any point during the recruitment and selection process or your employment if you require accommodation.
#LI-PP1
#LI-Hybrid

Skills Required