Access Full Position Posting
Purpose:
The Identity & Access Management (IAM) Architect is a technology and solution thought leader with deep pragmatic experience and passion for the Identity and Access domain as well as other relevant information security domains. Reporting to the Director, Identity and Access Management, this role provides leadership for designing robust, secure and scalable IAM solutions and architectures that align with the organization's vision and strategic goals surrounding IAM services. The role ensures the institution is always at the forefront of IAM and cybersecurity solutions by maintaining a comprehensive and up-to-date understanding of current and emerging IAM solutions and architectures. This role is instrumental in driving the institution's IAM strategy forward, ensuring that all solutions are secure, innovative and sustainable.As a trusted advisor, the IAM Architect collaborates closely with both technical and non-technical partners, effectively translating the IAM objectives into specific access management workflows enabled by York University's IAM technologies and services. The role builds trust and fosters a collaborative relationship between IAM and teams across the University Information Technology unit to raise awareness and promote the adoption of IAM services within the organization. The role respects diversity and promotes inclusion in the workplace, contributing to an inclusive and diverse, team-based, positive work environment that recognizes diversity of abilities. The role adapts content, tone, medium, and style to the audience to be inclusive. The role demonstrates trust and respect and creates a positive work environment through continually assessment and utilization of the diverse talents of team members. The role is committed to continuous learning and skill-building in diversity, inclusion, and cultural competence. The role also demonstrates a commitment to service excellence, including dealing courteously and effectively with community members at all levels.
Education:
Bachelor's degree in a relevant discipline, such as Computer Science, Information Systems, or Cybersecurity.
Experience:
7 years related experience.
5 years management experience.
Experience with the development, implementation, and operation of identity management systems and related technologies.
Extensive experience designing, implementing, and managing SailPoint IdentityIQ solutions.
Experience integrating SailPoint with directories, applications, and cloud platforms using REST/SOAP APIs.
Experience with scripting using Beanshell, PowerShell, and Python.
Hands-on experience with user provisioning, de-provisioning, and access certification workflows.
Knowledge:
Effective knowledge of IAM principles, practices, and standards as applicable in a multi-faceted organization supported by multi-platform technical environments.
Deep understanding of IAM architecture, lifecycle events, workflows, and connectors.
Familiarity with NIST, CIS, and industry IAM frameworks.
Knowledge of identity threats, zero-trust models, and IAM risk mitigation strategies.
Awareness of IT infrastructure, cloud security, and hybrid IAM deployment models.
Knowledge of relational databases (SQL) and directory services (Active Directory, LDAP) in IAM implementations.
Effective knowledge of Active Directory, LDAP, SSO, MFA, and authentication protocols (SAML, OAuth, OpenID Connect).
Knowledge of managing CI/CD pipelines and automating tasks using tools such as Ansible.
Skills:
Effective communication skills.
Ability to present complex technical materials to non-technical business partners and executives.
Ability to work closely with business and IT teams to align IAM strategies with organizational goals.
Ability to work with operating systems and middleware security software/tools.
Ability to solve large complex IT and business problems that are often ambiguous or with unknowns.
Effective project delivery and leadership skills.
Ability to apply judgment, discretion, technical problem-solving, and analytical skills.
Ability to work as a team member and establish effective working relationships.
Ability to build relationships and bring together individuals with different perspectives and opinions toward a common goal.
Effective interpersonal skills, including listening and questioning skills. Has the ability to build rapport across the institution while quickly and confidently gaining the respect of others.
Ability to maintain strict confidentiality.
Ability to accomplish goals through influence without direct authority.
Ability to motivate and lead change.
Effective relationship management skills with partners.
Ability to interpret regulatory standards and technical specifications.
Ability to design scalable and secure IAM frameworks, policies, and best practices.
Expertise in implementing and managing role-based and attribute-based access models.
Proficiency in Java, Beanshell, PowerShell, or Python for custom connector deployments.
Additional Notes:
Note: Verification of degree(s)/credential(s) is required. Normal office work environment.
Access Full Position Posting
*Compensation:
York's CPM Compensation Framework has a salary grid consisting of 6 or 8 steps (depending on job grade) which is reviewed annually with possible adjustments, and a lump sum Performance Based Recognition Award. Employees will receive the grid adjustment and depending on performance, eligible permanent employees may move to the next step of the grid and may receive a lump sum Performance Based Recognition Award.Visit the CPM Compensation page on the HR Website to find out more about York's CPM Compensation Program.
The University welcomes applications from all qualified individuals, including, but not limited to women, persons with disabilities, visible minorities (racialized), Indigenous Peoples and persons of any gender identity and sexual orientation. York University is committed to a positive, supportive and inclusive environment.
York University offers accommodation for applicants with disabilities in its recruitment processes. If you are contacted by York University regarding a job opportunity or testing, please advise if you require accommodation.
We are committed to enhancing our environmentally and socially responsible practices for the benefit of all members of the York community. Our long term perspective recognizes our responsibility to be innovators and to continually work as a community to reduce our ecological impact.
York University employees must apply to jobs through the Employee Career Portal - YU Hire. If you are a current York University employee and/or are using your rights under a collective agreement to view and/or apply to jobs, you MUST log into YU Hire to access the York University Employee Career Portal.
PLEASE NOTE: This job posting is for an existing vacancy. Applications must be received by 11:55 pm EST on the posted deadline date, if applicable. Posting deadlines can be updated, or modified, at any time based on hiring needs. Please refer to the York U Career Portal when confirming posting deadlines.