Our team is growing, and we are actively looking to hire a Senior IAM Security Specialist in our Richmond Hill office!
The Senior Identity & Access Management (IAM) Security Specialist will help facilitate the strategic advancement of company’s IAM program, which includes identity governance administration (IGA) and privileged access management (PAM) solutions.
As part of the broader Information Security organization, this role will participate in a multidisciplinary information security team, applying fundamental systems security understanding, skills, expertise, and experience to maintain and operate complex information systems and security tools that satisfy organizational mission and/or business requirements, including stakeholder protection needs and security requirements. The role will also be responsible for researching, planning, coordinating, and implementing application solutions. The ideal candidate will be self-directed and work effectively in a diverse team environment.
- Provides input to the IAM roadmap as it pertains to our current solution technologies (e.g. SailPoint), as well as future technologies, and align priorities to support the roadmap realization
- Drives IAM initiatives to improve our broader security posture, including integration of critical applications, demonstrated by metrics
- Provides hands-on support, as needed, to initiatives related to our IAM solution technologies
- Engages in continuous technology improvement, process improvement, and quality control
- Oversees access control governance procedures, including periodic access review routines
- Owns the relevant documentation and training required for IAM initiatives and routines
- Reports progress and system health through metrics and KPIs that are risk-driven and/or operational in nature
- Leverages data to drive decision making and advocates for security throughout the organization
- Promotes and delivers with an agile and CI/CD delivery mindset to achieve program objectives
- Addresses ticket queue in timely fashion and follows appropriate change management procedures
- Understands risk-based approach, balancing business needs against potential risks.
- Effectively communicates issues/risks, options, pros/cons, and recommendations to drive change and overcome obstacles
- Consults on regulatory compliance requirements, reporting and enquiries.
- Provides support and consultation for security audits (PCI-DSS, ISO27001) and assists with formulating management responses and appropriate remediation activities.
- Stays current on security trends and industry best practices, providing input and recommendations based on research
Knowledge & Skills:
- Extensive knowledge of identity and access management (IAM) concepts, such as authentication, authorization, account lifecycle (joiner, mover, leaver), password policies, MFA principles, RBAC/ABAC, least privilege, etc.
- Knowledge of LDAP/Active Directory, and relevant IT architecture
- Familiarity with compliance organizations and standards (e.g. PCI-DSS, ISO27001, NIST, SOX etc.)
- Familiarity with scripting languages (e.g. PowerShell etc.) a plus
- Knowledge and understanding of APIs and familiarity with service-oriented architecture and web services integration (SOAP, WSDL, REST) a plus
- Knowledge of web technologies (XML, HTML, SPML/SOAP, etc.), PowerShell, SaaS applications, network operations (networks, security protocols and email [SMTP, POP3]) a plus
- Knowledge of data encryption types and standards
- Knowledge of ticketing and documentation systems (JIRA, Confluence)
- 5+ years of experience with identity management solutions (e.g., active directory), identity governance administration solutions (e.g. SailPoint), or privileged access management solutions (e.g. CyberArk)
- 5+ years of experience with deploying centralized authentication mechanisms, like SSO
- 5+ years of experience as a senior systems specialist / engineer
- 5+ years of experience with performing control routines and providing requested audit and attestation evidence
Education & Certifications:
- Degree in Computer Science, Computer/Data Systems Management, Computer Engineering or equivalent experience.
- Certification in one or more of the following areas is desired:
Certified Information Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), and/or Certified in Governance of Enterprise IT (CGEIT)
What’s in it for you?
Our experience-based salaries are competitive. Plus, there’s a discretionary annual performance bonus.
Your package will include:
- Health and dental insurance for you, your partner and your children (if you all live at the same address)
- $1,900 as congratulations if you have a baby whilst you work for us
- Discounts on local gyms, restaurants and events
- free snacks and catered lunch
- in-house training and development to develop your skills, progressing your career.
What happens next?
If you’re what we’re looking for, next up will be a phone interview. And if that goes well, we’ll meet you for a face-to-face interview.
PokerStars is part of Flutter Entertainment Plc, a global sports betting, gaming and entertainment provider headquartered in Dublin and part of the FTSE 100 index of the London Stock Exchange. Flutter brings together exceptional brands, products and businesses and a diverse global presence in a safe, responsible and ultimately sustainable way.
We are an equal opportunity employer that values diversity. We do not discriminate on any protected characteristic as defined by applicable law.
We will look to provide reasonable accommodation for applicants with disabilities to participate in the job application or interview process. If you need assistance, please contact: email@example.com
Please note we cannot accept general applications; this inbox is just for providing support to those who need it.