Job Description

Role Name: Senior IAM Systems Engineer

Location: 1Toronto, ON , Canada (Onsite)

Visa Type: OWP, CC, PR

Job description:

What is the opportunity?

We seek a highly skilled Senior IAM Systems Engineer to design, develop, and implement our Authorization services leveraging Axiomatics Dynamic Authorization Suite and Open Policy Agent (OPA). In this role, you'll manage fine-grained, policy-based access controls for applications, APIs, microservices, and databases, ensuring alignment with organizational security frameworks, compliance standards, and operational excellence.

What will you do?

Develop and maintain authorization policies using Axiomatics ALFA and OPA Rego languages, translating business requirements into secure, effective, and scalable access controls. Integrate and deploy authorization solutions across various applications, APIs, microservices, and cloud/on-premises platforms, ensuring seamless access policy enforcement. Automate IAM processes through scripting, infrastructure as code (IaC), and continuous integration/continuous delivery (CI/CD) workflows, reducing manual intervention. Troubleshoot and resolve IAM authorization issues, promptly identifying root causes and implementing long-term solutions. Collaborate closely with IAM architects, development teams, and business stakeholders to gather requirements, align strategies, and ensure adequate security controls. Create and maintain comprehensive documentation for authorization policies, processes, and procedures to support audits and ensure ongoing compliance. Monitor and optimize IAM solutions, continuously identifying opportunities for performance improvement and process enhancements.

What do you need to succeed?

Must-have:

Bachelor's degree in Computer Science, Information Technology, or related field. Minimum of 4 years in IAM roles, with strong experience designing and implementing policy-based authorization solutions (Axiomatics and/or OPA). Proven proficiency with ALFA/XACML or OPA Rego policy languages. Strong understanding of Attribute-Based Access Control (ABAC) models. Experience integrating IAM solutions into diverse IT environments, including cloud-native (AWS, Azure, GCP) and on-premises systems. Minimum of 2 years of development or DevOps experience, including scripting/programming (Python, Shell, Java), infrastructure automation (Terraform, Ansible), and CI/CD (GitHub Actions). Excellent problem-solving skills, analytical thinking, and attention to detail. Strong verbal and written communication abilities, capable of articulating technical concepts clearly to diverse stakeholders.

Nice-to-have:

IAM-related certifications (e.g., Certified Identity and Access Manager - CIAM). Experience with API integration (RESTful APIs) and microservices architectures. Familiarity with monitoring, logging, and alerting tools (Splunk, Datadog, ELK Stack). Knowledge of containerization (Docker, Kubernetes) and cloud deployment methodologies. Understanding of compliance frameworks, regulatory requirements, and audit processes. General exposure to networking/security technologies such as load balancers (F5, GTM, LTM), firewalls, SSL certificates, and Single Sign-On (SSO) systems.

Regards

Krishna

Job Type: Full-time

Pay: $70.00-$75.00 per hour

Schedule:

8 hour shift * Monday to Friday