IDENTITY AND ACCESS MANAGEMENT SPECIALIST

at  Manitoba Hydro

QUALIFICATIONS:

• A four-year degree in Computer Science or Computer Engineering from a university of recognized standing with a minimum of
  six years of directly related experience in software development.

OR

• A two-year diploma in Computer or Information Programming Technology from an institute of recognized standing with a

minimum of eight years of directly applicable software development.

• Five or more years of directly related experience in IAM governance, security administration, or SecOps.
• Any of the following Cloud certifications; Azure Identity and Access Administrator Associate, Azure Security Engineer

Associate, or similar GCP/AWS certification would be an asset.

• Experience working with cloud security and governance tools, cloud access security brokers (CASBs), and server

virtualization technologies.

• Understanding of IAM related protocols and standards such as SAML, OAuth/OIDC, WS-Fed, SCIM, FIDO, TLS/SSL, RDP,

RADIUS, and Kerberos.

• Knowledge and experience with user authentication (MFA, password-less), single sign-on (SSO), and identity access &

governance (IAG).

• Knowledge of directory services (Active Directory, LDAP, cloud-based directories) would be preferred.
• In-depth experience designing and building complex Authorization Models by making informed decisions using deep

understanding of industry standards such as RBAC/ABAC/PBAC etc.

• Demonstrated experience in architecting IAM solutions within Microsoft Azure and preferably, other cloud providers.
• Experience with user account provisioning and de-provision on a variety of platforms.
• Strong understanding of cloud computing architecture, technical design, and implementations, including Infrastructure as a

Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS) delivery models.

• Any professional security designation or certification would be considered an asset (incl. CISSP, CompTIA Security+,

CompTIA Network+, CEH, CCIE, CISA, CRISC or CCNP).

• Proven ability to scope security technology requirements and objectives as well as effort and difficulty of project tasks.
• Demonstrated ability to coordinate and lead multiple projects or activities with competing priorities.

• Works with cybersecurity, IAM, and access management teams to identify a long-term vision and high-level IAM strategy.
• Develop the IAM roadmap and oversees the implementation of IAM technologies through the lens of security and an

automation first approach.

• Lead access governance by overseeing identity workflows, request/approval workflows, access provisioning workflows, and

required policy management.

• Identifies ways to improve efficiency via documentation, templates, and standardized processes.
• Provides subject matter expertise across all IAM topics as it relates to cloud, hybrid, and on-premises technology and

privileged access management.

• Delivers successful information security projects by working directly with key business stakeholders, executives, and project

teams, and applying industry security practices and principles.

• Conduct security reviews of identity access, assess the risk to these changes, and reduce the overall information risk profile of

Manitoba Hydro.

• Implement or coordinate remediation required by policies, standards, reviews, and audits, documenting exceptions as

necessary.

• Ensures IAM solutions are implemented to support on-premises, hybrid, and cloud applications.
• Leads Active Directory Services Management and is responsible for identity and role management of corporate resources.
• Provide support to application teams for application integration.
• May have direct reports in the future; would be responsible for staff recruitment, performance assessment, training, career

development, and setting clear goal expectations.

• Collaborate with Enterprise Architecture and Cyber Security Office to develop, maintain, and promote technology standards,

technical capability guidelines and/or guardrails.

• Work with Enterprise Architecture and Cyber Security Office to identify and document business and technical capabilities