Senior IAM Systems Engineer

We are At Synechron, we believe in the power of digital to transform businesses for the better. Our global consulting firm combines creativity and innovative technology to deliver industry-leading digital solutions. Synechron’s progressive technologies and optimization strategies span end-to-end Artificial Intelligence, Consulting, Digital, Cloud & DevOps, Data, and Software Engineering, servicing an array of noteworthy financial services and technology firms. Through research and development initiatives in our FinLabs we develop solutions for modernization, from Artificial Intelligence and Blockchain to Data Science models, Digital Underwriting, mobile-first applications and more. Over the last 20 years, our company has been honored with multiple employer awards, recognizing our commitment to our talented teams. With top clients to boast about, Synechron has a global workforce of 14,500, and has 58 offices in 21 countries within key global markets. Our challenge We are seeking an experienced Identity and Access Management (IAM) professional with over 10 years in the field to lead the integration of vendor applications with Entra ID (formerly Azure AD) for secure, efficient authentication using SAML 2.0. The ideal candidate will have deep expertise in IAM solutions, particularly Entra ID, and a comprehensive understanding of Single Sign-On (SSO) principles, along with proven experience in creating and documenting robust IAM architecture and design patterns. Additional Information The base salary for this position will vary based on geography and other factors. In accordance with law, the base salary for this role if filled within Halifax, NS / Toronto, ON is CAD $115k - CAD $130k/year & benefits (see below). The Role Responsibilities: Lead and oversee the onboarding of vendor applications to use Entra ID authentication via SAML 2.0, establishing secure and reliable Single Sign-On (SSO) across applications. Design, implement, and document IAM architecture with a focus on SSO for applications, maintaining alignment with security and compliance standards. Configure, manage, and troubleshoot SAML-based authentication flows within Entra ID, including assertion handling, response/request management, and integration with external vendor systems. Collaborate with internal teams, vendors, and stakeholders to assess IAM requirements and implement solutions that enhance user experience and security. Develop and maintain technical documentation for IAM architecture, including design diagrams, SSO workflows, and data flows tailored for technical and non-technical audiences. Requirements: You are: Experience level 9 years Bachelor’s degree in Computer Science, Information Security, or related field. Relevant certifications (e.g., Microsoft Certified: Identity and Access Administrator Associate, CISSP, CISM) are a plus Identity and Access Management (IAM): Expertise in IAM concepts, especially in implementing Single Sign-On (SSO) for simplified and secure access management. Strong knowledge of identity lifecycle management, including provisioning, de-provisioning, and recertification. Entra ID (formerly Azure AD): Extensive experience in configuring Entra ID, including application registration, SSO configurations, user/group management, and policy administration. Proficiency in managing SAML 2.0 authentication flows within Entra ID and integrating these with various applications to support seamless SSO. Kerberos and Token-Based Authentication: In-depth understanding of Kerberos authentication mechanisms, including the Ticket-Granting Ticket (TGT) and Service Ticket processes for secure access management. Expertise in configuring and troubleshooting Kerberos and token-based authentication for applications within enterprise environments. Security Protocols and Standards: Proficiency in SAML 2.0, along with familiarity in OAuth 2.0 and OpenID Connect, for broad expertise in authentication standards. Knowledge of secure token handling and assertion management practices in support of SSO configurations. Documentation and Technical Writing: Ability to create clear, concise, and organized technical documentation for IAM architecture, workflows, and integration patterns, using tools like Microsoft Visio and Lucidchart. Experience developing standardized templates for consistent, professional documentation across IAM projects. Architecture and Implementation Patterns: Experience with architecture and design patterns such as just-in-time (JIT) provisioning, role-based access control (RBAC), and zero trust. Knowledge of policy design and compliance requirements, including NIST, ISO 27001, and GDPR. It would be great if you also had Stakeholder Communication: Strong ability to explain IAM and SSO concepts to both technical and non-technical audiences, including engaging with vendors and internal teams. Skill in creating end-user and training materials to support SSO implementation and user adoption. Project Management and Documentation: Experience documenting requirements, tracking project milestones, and managing version control for IAM documentation as systems evolve. Familiarity with risk assessment and change management processes to ensure IAM systems align with organizational security policies. Cross-Functional Collaboration: Proven experience in working closely with IT, security, and compliance teams to ensure IAM solutions meet business needs and adhere to internal policies. We can offer you: A multinational organization with 58 offices in 21 countries and the possibility to work abroad 15 days (3 weeks) of paid annual leave plus an additional 10 days of personal leave (floating days and sick days) A comprehensive insurance plan including medical, dental, vision, life insurance, and long-term disability Flexible hybrid policy to fit your schedule RRSP with employer’s contribution up to 4% A higher education certification policy On-demand Udemy for Business for all Synechron employees with free access to more than 5000 curated courses Coaching opportunities with experienced colleagues from our Financial Innovation Labs (FinLabs) and Center of Excellences (CoE) groups Cutting edge projects at the world’s leading tier-one banks, financial institutions and insurance firms A truly diverse, fun-loving and global work culture SYNE CHRON'S DIVERSITY & INCLUSION STATEMENT Diversity and inclusion are fundamental to our culture, and Synechron is proud to be an equal opportunity workplace and is an affirmative-action employer. Our Diversity, Equity, and Inclusion (DEI) initiative ‘Same Difference’ is committed to fostering an inclusive culture – promoting equality, diversity, and an environment that is respectful to all. We strongly believe that a diverse workforce helps build stronger, successful businesses as a global company. We encourage applicants from across diverse backgrounds, race, ethnicities, religion, age, marital status, gender, sexual orientations, or disabilities to apply. We empower our global workforce by offering flexible workplace arrangements, mentoring, internal mobility, learning and development programs, and more. All employment decisions at Synechron are based on business needs, job requirements, and individual qualifications, without regard to the applicant’s gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law.