Senior Technical Specialist – Identity and Access Management (IAM) Engineering

Definity is the parent company to some of Canada’s most long‑standing and innovative insurance brands, including Economical Insurance, Sonnet Insurance, Family Insurance Solutions, and Petline Insurance. Our ambition is to be one of Canada’s leading and most innovative property and casualty insurers. We can’t do that without our people, so we embrace and encourage a culture that’s collaborative, ambitious, rewarding, and empowering.

We offer a flexible, hybrid work experience where employees work from the office and virtually depending on the type of work they are doing and who they are working with. Bring your true self and be a part of our journey. It’s better here.

• Serve as the IAM engineering authority, providing expert guidance on architecture, integration, and security controls.
• Define and document IAM solutions and cloud IAM controls in alignment with internal security standards and industry best practices.
• Develop and maintain strategic IAM roadmaps to drive maturity and alignment with business and security objectives.
• Assess and recommend optimal IAM architectures across hybrid environments (cloud and on‑prem).
• Lead the integration and automation of SailPoint, including API‑based provisioning using SCIM and other modern protocols.
• Support and enhance IAM services across business units, technical platforms, and security domains.
• Evaluate emerging technologies and propose innovative solutions to strengthen identity protection.
• Resolve complex IAM and cross‑functional technical issues with agility and precision.
• Collaborate with stakeholders to ensure IAM solutions meet business, compliance, and operational needs.
• Work with internal and external auditors to provide evidence of IAM control effectiveness, ensuring accuracy, completeness, and compliance with regulatory and policy requirements.
• Define and track KRIs and KPIs to measure IAM risk exposure, operational performance, and service effectiveness.

• Proven subject matter expertise in IAM engineering, architecture, and operations.
• Hands‑on experience with Microsoft Entra ID (formerly Azure Active Directory), CyberArk Privileged Access Management, SailPoint IdentityIQ, Windows Active Directory, and related IAM technologies.
• Deep understanding of Identity Governance & Administration (IGA), Role‑Based Access Control (RBAC), Authentication, MFA, Authorization, Identity Federation, SSO, Privileged Access Management, Directory Services (Active Directory, LDAP, ADFS, Azure AD), and IAM for IaaS, PaaS, and SaaS environments.
• Experience preparing and presenting audit evidence and supporting compliance reviews.
• Ability to define and execute strategic IAM roadmaps and maturity models.
• Experience developing and reporting on IAM‑related KRIs and KPIs.
• Strong communication, stakeholder engagement, and documentation skills.
• Excellent problem‑solving, analytical, and organizational abilities.

• 5+ years of hands‑on experience in IAM engineering and IGA platform design.
• Post‑secondary degree in Computer Science or related field, or equivalent experience.
• Strong foundational knowledge of cloud technologies and services.
• Industry certifications such as CISSP, CISM, or equivalent are preferred.
• Familiarity with financial services industry regulations is an asset.
• Experience with Unix / Linux / AIX environments is a plus.
• Passion for identity protection, security innovation, and continuous improvement.

We encourage you to apply! We know from experience that a candidate doesn’t need 100% of the qualifications listed to bring incredible value to our team. We’re actively seeking diverse backgrounds and perspectives to help us make insurance better. At Definity, inclusion, diversity, and equity aren’t just “nice to have” — they’re essential to our success.

• Hybrid work schedule for most roles.
• Company share ownership program.
• Pension and savings programs, with company‑matched RRSP contributions.
• Paid volunteer days and company matching on charitable donations.
• Educational resources, tuition assistance, and paid time off to study for exams.
• Focus on inclusion with employee groups, support for gender affirmation surgery, access to BIPOC counsellors, access to programs for working parents.
• Wellness and recognition programs.
• Discounts on products and services.

Actual salary for the role may vary depending on work location of the successful candidate and other factors including but not limited to, skills, education, experience, working conditions and the local labour market. In addition to base pay, eligible employees may participate in various incentive plans which are paid out at the discretion of the company and subject to individual and company performance.

Go ahead and expect a lot — you deserve it.

Our inclusive work environment welcomes diversity and supports accessibility. If you require accommodation at any time during the recruitment process, please let us know by contacting.

This role requires successful clearance of background checks (including criminal checks and leadership references).