Senior Azure Identity Engineer

What you'll do

As a Senior Azure Identity Engineer, you will be an integral part of the team responsible for the strategic planning and design of the Canadian Tire Corporation (CTC) technical cloud environment.

Your primary focus will be on designing and implementing robust identity and access management solutions for CTC's cloud infrastructure.

You'll work closely with the Infrastructure DevSecOps and Cloud Operations teams to ensure that security is built into every aspect of CTC's cloud environment.

• Develop and implement cloud architecture patterns for cybersecurity, with a specific focus on identity and access management.
• Define cybersecurity requirements for cloud technology identity solutions, aligning them with Enterprise Security Architecture frameworks and standards.
• Provide architectural leadership and identity consulting to CTC Cloud operational and project teams.
• Lead business identity projects by utilizing security architecture solution building blocks to analyze current state technologies approved for use.
• Stay up-to-date with the latest technology advancements, trends, and directions in cloud security within the banking and retail industries.
• Regularly update Enterprise Cloud Identity standards as required.
• Offer cybersecurity consulting services for cloud identity solutions.
• Participate in project delivery, embracing Agile methodologies and associated toolsets.
• Contribute to security architecture automation and pipeline integration using DevSecOps methodologies.

What you bring

• Minimum 4+ years of progressive experience in cybersecurity, including PCI compliance, with a background in system and network security engineering.
• Extensive knowledge of technology design, implementation, and delivery, preferably with three or more years in addition to cybersecurity experience.
• Ability to understand business requirements and recommend security solutions that meet business objectives.
• Experience building cloud solutions and creating design patterns, as well as identity solution development using DevSecOps practices.
• Strong experience in creating security solutions for Azure and Google Cloud Platform.
• Proficiency in Identity and Access Management (IAM) technologies such as SailPoint, CyberArk, Okta, CA Technologies, BeyondTrust, and RSA.
• Understanding of Single SignOn (SSO) technologies such as OAuth 2.0, SAML 2.0, Kerberos, Open ID Connect, JSON Web Tokens (JWT).
• Deep knowledge of Entra ID Conditional Access Policies.
• Familiar with Zero Trust Security.
• Knowledge of API security best practices.
• Design experience with container security solutions for Docker and Kubernetes.
• Familiarity with security technologies including NGFW, VPN, vulnerability management, WAF, DDoS mitigation, PKI, key management, IDAM, DLP, UEBA, SIEM, endpoint security, and threat intelligence.
• Microsoft Azure certifications SC-300, AZ500, AZ301 / 302 or AZ303 / 304 are significant assets.
• University or College degree in computer science, information assurance, MIS or related field, or equivalent.
• Understanding of Multi-Tenant Organizations and Cross-Tenant Synchronization.
• Understanding of IT security best practices and regulations such as ISO 17799, PCI, SarbanesOxley / C198, HIPAA compliance, CEO / CFO certification.
• Industry recognized certifications such as CISSP, CEH, CCSE, CCSP would be an asset.

Hybrid

We value flexibility. We have adopted a hybrid work model whereby employees use a combination of working in office and virtually in service of outcomes.

Each leader is empowered to decide what work is best achieved in person based on the unique needs of their team.