Infrastructure Security Specialist - IAM

Established in 2004, we are a tech pioneer offering world-class adult entertainment and games on some of the internet’s safest and most popular platforms. With the support of an international team of dynamic and collaborative innovators, we are on a mission to enable safe user experiences and empower our communities by celebrating diversity, inclusion, and expression — all while maintaining robust trust-and-safety protocols.

We embrace the best of both worlds! Local talent can thrive in our collaborative office space with the flexibility of a hybrid work environment, while remote team members play an integral role in shaping our dynamic culture from afar. We have offices in Montreal (Quebec), Austin (Texas) and Nicosia (Cyprus).

*A select number of positions require full-time in office attendance*

As a member of the Infrastructure Security team, you will report to the Infrastructure Security Lead – IAM, playing a pivotal role in developing and implementing workflows, secure access controls and processes to expand the IAM program’s posture. You’ll collaborate with cross-functional teams to ensure IAM policies align with business needs and regulatory requirements, while proactively identifying and mitigating risks. You will also participate in larger projects and act as a subject matter expert on IAM standards. This role will provide you with the opportunity and autonomy to work in an advanced environment securing a wide range of technologies.

What you’ll be doing:

• Developing IAM architecture and strategy.
• Managing and improving identity lifecycle processes including provisioning, de-provisioning, and access reviews.
• Implementing and maintaining role-based access controls (RBAC), least privilege models, and privileged access management (PAM).
• Integrating IAM solutions with cloud and on-prem infrastructure (e.g., Azure AD, AWS IAM, LDAP, Active Directory).
• Conducting audits and assessments to ensure compliance with internal policies and external regulations.
• Responding to security incidents related to identity and access.
• Mentoring junior team members and contributing to IAM best practices.

What you’ll need to be successful:

Must Haves:

• 5+ years of hands-on experience in IAM and infrastructure security within enterprise environments.
• Expertise in identity protocols such as SAML, OAuth 2.0, OpenID Connect, and Kerberos.
• Proficiency performing IAM in cloud environments (Azure AD, AWS & GCP).
• Strong understanding of directory services including Active Directory, LDAP, and cloud-native directories.
• Experience implementing RBAC and least privilege access models.
• Privileged Access Management (PAM) experience, including Just-in-Time access (JIT), session monitoring, and credential rotation.
• Security incident response experience related to identity compromise or access misuse.
• Audit and compliance expertise, including PCI-DSS, ISO 27001, NIST 800-53, CMMC.
• In-depth knowledge of Windows, Linux, and cloud environments.
• Automation and scripting skills using PowerShell, Python, Bash or similar.
• Strong analytical and troubleshooting skills for resolving complex access and identity issues.
• Excellent communication skills to collaborate with stakeholders, document processes, and present findings.
• Proven experience leading projects between cross-functional team.

Nice to Have:

• Experience in a hybrid cloud environment.
• Hands-on experience with Cloud Native IAM tools such as CIEM.
• Experience with Zero Trust architecture.
• Knowledge of DevSecOps practices and CI/CD pipeline integration.
• Exposure to identity governance and administration (IGA) platforms e.g., SailPoint, Okta, CyberArk.
• Certifications such as CISSP, CISM, or GIAC.

As an equal opportunity employer, we celebrate diversity and are committed to creating an inclusive environment for all employees

In this role you may be exposed to adult content

For privacy-related information, this posting includes a French-language notice to follow. This disclaimer is to notify you that personal data relating to you has been collected by Aylo (the Controller). This includes personal data submitted by you, obtained from publicly available sources, or provided to us by someone with your consent in connection with potential employment. You can withdraw your consent at any time by contacting us.

Your personal data has been collected and will be processed for recruitment purposes, including managing recruitment activities, setting up and conducting interviews and tests, evaluating results, and other purposes needed to evaluate candidacy. Processing is legally permissible under applicable data protection regulations for recruitment purposes. Your data may be shared with Greenhouse Software, Inc., a cloud services provider engaged to manage recruitment. Your data will be retained as long as necessary to evaluate your application, in accordance with the privacy policy. If you would like to know more, please review our privacy policy.