We are hiring a Senior IAM Analyst, Information Security! Reporting To IAM Manager, Information Security

Full-Time/Part- Time Full-time

Posting Date May 14, 2025

Closing Date May 30, 2025

Hours Of Work 8:30 a.m. – 5:00 p.m.

Grade Office Location:

14.4

Toronto, ON

Great location! Steps away from the main public transit station

What We Offer Highly competitive compensation package which includes, base salary, bonus, benefits, and career advancement opportunities!

• Eligibility for benefits is dependent on the terms of employment

The Opportunity A strategic and integral member of the Information Security Team, reporting to the IAM Manager (GRC), Information Security is responsible for ensuring the security, integrity, and availability of First National information assets with Identity as a frontier.

The IAM Senior Security Analyst will assist in managing IAM security by supporting the development and implementation of strategies, policies, processes, controls, assessments, reporting, metrics, training, and awareness initiatives. This role helps ensure the protection of digital assets, secure access for authorized users, and compliance with security frameworks and Zero-Trust principles.

How You Will Contribute

• Design and implement advanced IAM concepts and best practices, including privileged account management, access reviews, and lifecycle management, fostering security innovation across platforms.
• Continuously enhance IAM processes to integrate new technologies and methods, ensuring adaptability to future security needs.
• Analyze existing IAM processes, tools, and technologies, identifying gaps and collaborating with cross-functional teams to develop and implement prioritized solutions.
• Assess security risks related to IAM and recommend actions to mitigate potential threats, utilizing critical thinking and problem-solving approaches.
• Document and clearly communicate IAM concepts, process improvements, and security policies to ensure clarity across teams.
• Assist in drafting, reviewing, and communicating security policies, standards, and procedures, ensuring alignment with regulations and industry standards.
• Lead initiatives to maintain and improve identity management processes, ensuring compliance with security protocols across the enterprise.
• Mentor teams in the development of IAM documentation, guiding them through IAM lifecycle management best practices.
• Make informed decisions regarding IAM lifecycle improvements, considering business needs, security requirements, and compliance standards.
• Review and evaluate internal IAM risks and make data-driven recommendations to mitigate potential vulnerabilities.
• Take ownership of implementing and enhancing IAM processes and standards with minimal supervision, driving security improvements independently.
• Manage security-related audit and certification processes autonomously, ensuring timely completion and compliance. `
• Maintain and improve IAM-related processes, ensuring seamless access management across all departments, and enhancing user service experience.
• Oversee and improve the documentation and internal controls related to IAM, ensuring ongoing service excellence and operational continuity.
• Engage actively to perform the following -

• Periodic Access Reviews: Conduct regular reviews of user access rights (Access Recertification) that aligns with our audit expectations. Validate user access levels with department heads or application owners to confirm that permissions are still appropriate.
• Privileged Account Monitoring: Support the continuous monitoring of accounts with elevated privileges to detect any unauthorized or suspicious activity.
• Role-Based Access Control (RBAC) Enforcement: Ensure access is assigned based on predefined roles, preventing excessive permissions.
• Incident Response & Investigation: Support the analysis of failed access attempts or unauthorized privilege escalations to mitigate potential security risks.
• Policy & Compliance Documentation: Maintain thorough records of access reviews and privileged access management for audits and compliance.
• A strong understanding of IAM concepts around Active Directory is an asset, such as but not limited to User & Group Management, Access Control & Permissions through GPOs, Authentication Mechanisms (familiarity with Kerberos, NTLM, SAML, OAuth, and LDAP), Identity Lifecycle Management, AD Security & Hardening, Password Policy Enforcement, AD Certificate Services, etc.

The Experience You Need Technical Experience

• Bachelor’s degree in computer science or the equivalent work experience is required. Graduate degree preferred.
• 4+ years of experience in Identity and Access Management in a medium or large size organization is required.
• 2+ years of experience working with Privileged Access Management.
• Information security certifications, such as CISSP, CISM, ISO27001, CCSP, Security+ or equivalent preferred.
• Experience working with Microsoft Entra Suite (or its components), is an asset
• Certifications in PAM or IGA solutions are preferred.

Additionally

• Strong interpersonal communication, analysis, and writing skills.
• Ability to document processes on Visio and identify gaps causing risk to the Organization.
• Proficient in MS Excel to perform data analysis and make recommendations based on risk identified.
• Ability to work effectively with business unit and IT department managers, including Application Development, Infrastructure, Operations, Network, Technical Support, and others.
• Must be a team player.

Working Environment And Physical Demands Analysis

• Hybrid Office environment
• Periods of high volume with tight timelines
• Long periods of stationary position/sitting
• Prolonged periods of repetitive movement (i.e., using a keyboard and mouse)
• Long periods of time in viewing a computer screen
• Multi-tasking may include speaking to customers on a telephone call while looking up information on a computer program.

Why join First National?

• Competitive Compensation
• Comprehensive benefits program (i.e., Health Spending Account, Maternity and Parental Leave Top Up)
• Hybrid working environment
• Extensive training programs to set our employees up for success
• Modern office environment conducive to collaboration
• Supportive teamwork culture
• Opportunities to give back to the communities and work through events focused on a variety of charities
• Ongoing social events throughout the year

The Team You’ll Join Founded in 1988, First National is one of Canada’s largest non-bank lenders. We provide residential mortgages exclusively through the mortgage broker channel and we are Canada’s largest commercial mortgage lender.

First National has been consistently recognized as a great place to work and we are proud that our employee engagement feedback is higher than our industry partners.

We would like to thank all applications for their interest in this existing vacancy, but only candidates selected for an interview will be contacted. First National is proud to be an equal opportunity employer and is committed to diversity and inclusion regardless of race, color, religion, national origin, age, gender identity, physical or mental disability, sexual orientation and any other category protected by law. First National supports requests for accommodation from applicants with disabilities; please contact Human Resources at [email protected] should you need an accommodation at any point in the recruitment process. #FNLOON

Apply Now