Senior Customer Identity and Access Management Engineer

Individually we are people, but together we are Aviva. Individually these are just words, but together they are our Values – Care, Commitment, Community, and Confidence.

The Identity and access Management (IAM) team is looking for someone with experience and expertise defining strategy, roadmap and an operating model for authentication services. The ideal candidate will possess technical hands-on experience with implementing a CIAM solution for resiliency, integrating a variety of SSO/M2M applications, establishing federations and building a robust user management model. Strong interpersonal skills will be required to collaborate with technical teams, business stakeholders and Aviva partners.

What you’ll do

• Integrate applications, with authentication protocols and standards like SAML, OIDC, OAuth, Header-Based and SCIM

• Establish federations with a CIAM solution; Microsoft Entra, IBM ISAM, etc.

• Implement and enhanceMulti-Factor Authentication (MFA)andSingle Sign-On (SSO)capabilities

• Build a model for user migrations from legacy CIAM platform to target platform

• Develop action scripts and UI pages within CIAM solution to enhance security and operational effectiveness

• Collaborate with theAccess Management teamto update and align processes withindustry best practices

What you’ll bring

• Bachelor's degree in Computer Science or Computer Engineering, or equivalent experience

• At least 5 years of IAM experience with focus on CIAM implementations

• Experience and expertise defining strategy, roadmap and operating model for authentication services

• Experience driving the adoption and onboarding of applications to centralized authentication services

• Hands on experience in the selection, implementation, and support in one or more of the following CIAM tools : OKTA CIC, Ping Identity, ForgeRock

• Expertise with integration Business to Customer (B2C), Business to Business (B2B) and Machine to Machine (M2M) applications with a CIAM solution

• Outstanding understanding of CIAM technologies, controls, and standard methodologies (LDAP, user directories, certificates, SAML/OAUTH, MFA, SSO, Adaptive Authentication, FIDO, WebAuthN, PKI, Passwordless)

• Experience in scripting automation and integration work using Unix scripting, PowerShell, Java and Ansible Tower

• Ability to effectively employ critical thinking and analysis to determine project scope, prioritization of work, work effort and timelines for the projects

• Outstanding verbal and written communication, interpersonal and collaborative skills – interacting with both internal and external clients and vendors from both technical and non-technical perspectives

• A curiosity about digital/cybersecurity – the desire and openness to upskill as required to stay pace with the current cyber threat landscape

Nice to Have:

• Experience with IGA(SailPoint, Saviynt) implementations and integrating a variety of application/source connectors (Workday, AD, LDAP, SQL, DB2, Web-Service)

• Experience deploying PAM solutions (BeyondTrust,CyberArk) and onboarding various types of assets(servers, databases, networking equipment)

What you’ll get

• Compelling rewards package including base compensation, eligibility for annual bonus, retirement savings, share plan, health benefits, personal wellness, and volunteer opportunities.

• Outstanding Career Development opportunities.

• We’ll support your professional development education.

• Competitive vacation package with the option to purchase 5 extra days off per year.

• Employee driven programs focused on gender, LGBTQ+, origins, diversity, and inclusion.

• Corporate wellness programs to support our employees’ physical and mental health.

• Hybrid flexible work model.

Please note that we may use AI tools to help us through the recruitment process. This is an existing position which has been posted both internally & externally.

Aviva Canada has an accommodation process in place to provide accommodations for employees with disabilities. If upon commencement of employment you require a specific accommodation because of a disability, please contact your Talent Acquisition Partner so that an appropriate accommodation can be arranged. This process applies throughout your career with Aviva Canada.