Location Address: 100 Queens Quay East, 9th Floor, Toronto

Number of Openings: 1

Pay: $81,442.00 - $146,641.00

Job Posting Description: IAM Tech Lead – Senior Identity Engineer

This is a hybrid role We are looking for a Senior Identity Engineer on our platform team who will provide technical leadership and domain expertise for one or more of these key platforms: Windows, Linux, AIX, Citrix, Netapp, VMWare, Commvault and Cisco Unified Computing Systems (UCS) technologies. You will require expertise in one or more of the following cloud services Azure, AWS and GCP Infrastructure Services around identity and authorization.

Reporting directly to the Manager, Infrastructure Platform Service, the Technical Lead will design, develop, implement, maintain a large scope of novel applications and platforms, including overall integration and data transformations ensuring the programming standards and business requirements are met. You will be an important member in leading the LCBO's IT transformation and modernization plans as you will contribute to cross functional continuous improvement initiatives and be an advocate for positive capability transformations.

If you are a proven identity professional and want to take on the challenge of modernizing data center capabilities, while serving as the champion for the LCBO's Platform Services discipline, then this role is for you!

About The Role

• Design, implement, and manage secure and scalable Identity and Access Management solutions across cloud and on-prem environments.
• Define and enforce policies for identity lifecycle, access provisioning/de-provisioning, privileged access, and federated authentication (SSO/SAML/OIDC).
• Integrate IAM with HR systems, directories (Azure AD, AD), SaaS platforms, and critical applications to ensure seamless access control.
• Lead initiatives in privileged access management (PAM), including vaulting, session monitoring, and just-in-time access models.
• Develop and support role- and attribute-based access controls (RBAC, ABAC) and regularly review access entitlements.
• Partner with security, infrastructure, HR, and business teams to ensure access is both secure and productive.
• Implement and automate workflows using tools such as SailPoint, Saviynt, Okta, CyberArk, or Microsoft Identity platforms.
• Participate in audits, respond to findings, and champion compliance across PCI, NIST, and internal risk frameworks.

About You

• University degree in Computer Science, Engineering, Math, or related field.
• 10+ years of experience designing complex infrastructure platforms.
• 5+ years leading projects, overseeing their work, and coaching them.
• A strong identity as a security-first technologist who understands that IAM is about both safety and simplicity.
• 5–10 years of experience in Identity & Access Management roles in enterprise or hybrid environments.
• Hands-on expertise with platforms such as Azure AD, Okta, SailPoint, CyberArk, Ping, or ForgeRock.
• Experience with federated identity (SAML, OIDC, OAuth), directory services (LDAP/AD), and PAM strategies.
• Scripting or automation experience (PowerShell, Python, Terraform) to support IGA/IAM orchestration.
• Familiarity with compliance and governance frameworks like NIST, ISO 27001, CIS, or PCI-DSS.
• A passion for making security usable—balancing strong controls with seamless user experience.

We offer a comprehensive suite of benefits including:

• Health/Dental Benefits
• Access to an Employee & Family Assistance Program
• a Defined Benefit Pension
• Discounts on products and services via Workperks.

There is a world of opportunities at the LCBO… Join an organization where you can be challenged while achieving your true potential. A place where you can make a positive impact supporting Ontario business and communities. Discover a safe, healthy, diverse, inclusive, and accountable workplace where your wellbeing is our top priority. At the LCBO, your contributions are respected and valued. Be part of our journey as we invest in people and technology to transform an organization. There really is a world of opportunities at the LCBO.

We foster a culture of inclusion and belonging, so everyone feels valued, respected, and heard. The LCBO is an equal opportunity employer and committed to providing employment accommodation in accordance with the Ontario Human Rights Code and the Accessibility of Ontarians with Disabilities Act. If contacted for an interview or employment opportunity, please advise if you require an accommodation.

Please submit your resume via Workday by 11:59pm on the deadline date. We appreciate your interest and advise that only those selected for an interview will be contacted.

The LCBO collects and uses the personal information you provide under the authority of the Liquor Control Board of Ontario Act, 2019, SO 2019, c 15, Sch 21, Section 3 and in compliance with the Freedom of Information and Protection of Privacy Act for the sole purpose of processing your job application. When you click “Apply with LinkedIn” you are agreeing to share your information with our service providers engaged by us in connection with recruitment and human resources related activities.

If you have any questions concerning the LCBO’s collection and use of personal information, please contact the Freedom of Information and Privacy Office.

Work Hours: 36.25

Union / Non-Union: Non-Union

Job Posting End Date: July 20, 2025

The LCBO is an equal opportunity employer and committed to providing employment accommodation in accordance with the Ontario Human Rights Code and the Accessibility for Ontarians with Disabilities Act.