IDENTITY AND ACCESS MANAGEMENT ENGINEER
Top Benefits
About the role
IDENTITY AND ACCESS MANAGEMENT ENGINEER
WINNIPEG, MB
Manitoba Hydro is consistently recognized as one of Manitoba's Top Employers!
Great Benefits
- Competitive salary and benefits package.
- Defined-benefit pension plan.
- Nine-day work cycle which normally results in every other Monday off, providing for a balanced approach to work, family life
and community.
- Flex-time and partially remote work schedule (providing the option to work remotely 3 days per 2 week period), depending on
nature of work, operational requirements and work location.
Manitoba Hydro is a leader among energy companies in North America, recognized for providing highly reliable service and
exceptional customer satisfaction. Join our team of Manitoba's best as we continue to build a company that supports innovation,
commitment, and customer service, while actively supporting a diverse, equitable and inclusive workplace.
Under the general direction of the Cyber Security Director (CISO) and reporting to the Enterprise Cyber Security Program
Department Manager, The Identity and Access Management (IAM) Engineer is responsible for the planning, building, delivery and
support of a corporate-wide comprehensive secure by design IAM modernization program. This role will provide direction and
guidance to the development, specifications, and communications of the IAM application(s), technology selection and architecture,
as well as provide in-depth technical consultation to the business units, IT and OT management and assist in developing plans and
direction for the integration of information cybersecurity requirements.
Responsibilities:
- Lead the corporate Identity and Access Modernization Program: Lead the selection and development of technology-based
tools and/or methodologies to review, design and/or implement products and services to support the modernization of
Manitoba Hydro's IAM environment. Deliver IAM modernization roadmap and update policies, standards procedures and
requirements for implementation. Identify the requirements to address impact of current decisions related to user access, data
access and information security.
- Lead IAM Modernization Program Implementation: Lead an IAM vendor selection process, evaluate existing and emerging
technologies and tools in the selection of an IAM service offering for Manitoba Hydro. Develop procurement, implementation
and long-term sustainment strategies including resource requirements to support a modern IAM environment. Coordinate
execution of implementation plans to upgrade IAM systems across the corporation. Work with project management and
technical resources to support the implantation of the roadmap. Provide ongoing management status reporting to include
accomplishments, plans for upcoming activities and overall completion status on a regular basis ensuring all milestones and
deliverables are achieved within communicated deadlines.
- Lead corporate IAM strategy and design architecture: Collaborate with IT and OT infrastructure access control designers to
develop guidelines, policies, strategy and operating procedures for a modern IAM applications and platforms environment.
Balance access with compliance and confidentiality and business requirements, identify and evaluate complex business and
technology risks, internal controls to mitigate risks, and related opportunities for internal control improvement. Create
corporate guidelines to support the lifecycle management of all IAM technologies and its associated infrastructure working
closely with implementation teams in IT and OT. Align IAM processes across the organization and develop and document
standards for organizational use of IAM-related technologies.
- Support modern IAM technology, strategy and governance: As a recognized subject-matter-expert on all IAM disciplines,
provide design support for identity governance and administration, (IGA), Access Management, (SSO, MFA), privileged
access management and identity verification, (ID Proofing, etc.) to access control operations within IT and OT.
- Support cyber security operations where required: Support cyber event incident response and recovery as part of the Incident
Response Team. In the event of a significant cyber security incident, you may be called to support response activities at any
time during a 24-hour period to assure Manitoba Hydro system security and reliability.
- Provide assistance on IAM-related cybersecurity programs including (but not limited to): Threat intelligence, policy
management, incident response and disaster recovery, forensic investigation support and application security.
MANITOBA HYDRO IS COMMITTED TO DIVERSITY AND EMPLOYMENT EQUITY
Reference Code: CO57078913-01
Qualifications:
- Graduate in Engineering from a university of recognized standing, plus a minimum of seven years related experience,
including two years related experience in Cyber Security, Operational Technology, or Information Technology Infrastructure
support.
- Member in good standing with Engineers Geoscientists Manitoba.
- Possess an understanding of Cyber security concepts, controls, frameworks and standards including NIST and ISO.
Knowledge of ICS Cyber Security Risk Management and NERC Critical Information Protection (CIP) Standards, Programs
and Procedures, CIP infrastructure components and CIP cyber assets. Familiarity with compliance standards, evidence
requirements and understanding audits and assessments.
- Identity management familiarity in one or more of the following areas: single sign-on (SSO), data management, identity
federation, enterprise directory architecture and design, including directory schema, directory services, namespace and
replication topology experience, resource provisioning, ITIL, and process integration. Identity and access governance includes
role-based access control, access request and certification, user life cycle management processes, and organizational
change management.
- Experience with administrating authentication technologies, such as Microsoft Active Directory/Windows authentication,
OpenLDAP, Shibboleth, SimpleSAMLphp, Kerberos, OpenID Connect, OAuth, SAML, SCIM, Azure AD, and federated identity
management.
- Expert understanding of web security standards, architecture, web security best practices and application security best
practices.
- Certification in Information Assurance Management, Certified Information Systems Security Professional, and/or Certified
Information Security Manager is considered an asset.
- Strong written and verbal communication skills with a demonstrated ability to communicate effectively, deliver reports,
recommendations, and presentations, and the ability to build and maintain harmonious working relationships with staff across
the enterprise at all levels.
- Excellent organizational and interpersonal skills, including facilitation, and negotiation.
- Demonstrated creativity in resolving complex information technology issues, implementing new processes and products and
redesigning work processes.
- Demonstrated initiative, and ability to prioritize, and achieve results in a timely manner.
- Possess good analytical skills, be self-motivating, and possess mature judgment with the ability to make and implement sound
decisions.
- Possess a valid Province of Manitoba Driver's Licence.
- Must obtain and maintain a current Personnel Risk Assessment and a "Clear" security rating in accordance with Manitoba
Hydro policy P513.
- Must complete Manitoba Hydro Standards of Conduct training.
- Critical Infrastructure Protection (CIP) Training is required and must be completed prior to transfer date and renewed annually.
Salary Range
Starting salary will be commensurate with qualifications and experience. The range for the classification is $51.34-$70.34 Hourly,
$98,380.88-$134,784.78 Annually.
Apply Now!
Visit www.hydro.mb.ca/careers to learn more about this position and to apply online.
The deadline for applications is AUGUST 5, 2025.
We thank you for your interest and will contact you if you are selected for an interview.
This document is available in accessible formats upon request. Please let us know if you require any accommodations
during the recruitment process.
#IND1
About Manitoba Hydro
As Manitoba’s major energy utility, we: • Generate and distribute electricity around the province. • Distribute natural gas in the province. • Export electricity within Canada and the mid-western United States. • Offer a wide range of energy services and programs.
We are recognized within the industry for our reliability, prudent environmental practices, strong relationships with Indigenous peoples, and outstanding community support. Our employees make all these things possible.
IDENTITY AND ACCESS MANAGEMENT ENGINEER
Top Benefits
About the role
IDENTITY AND ACCESS MANAGEMENT ENGINEER
WINNIPEG, MB
Manitoba Hydro is consistently recognized as one of Manitoba's Top Employers!
Great Benefits
- Competitive salary and benefits package.
- Defined-benefit pension plan.
- Nine-day work cycle which normally results in every other Monday off, providing for a balanced approach to work, family life
and community.
- Flex-time and partially remote work schedule (providing the option to work remotely 3 days per 2 week period), depending on
nature of work, operational requirements and work location.
Manitoba Hydro is a leader among energy companies in North America, recognized for providing highly reliable service and
exceptional customer satisfaction. Join our team of Manitoba's best as we continue to build a company that supports innovation,
commitment, and customer service, while actively supporting a diverse, equitable and inclusive workplace.
Under the general direction of the Cyber Security Director (CISO) and reporting to the Enterprise Cyber Security Program
Department Manager, The Identity and Access Management (IAM) Engineer is responsible for the planning, building, delivery and
support of a corporate-wide comprehensive secure by design IAM modernization program. This role will provide direction and
guidance to the development, specifications, and communications of the IAM application(s), technology selection and architecture,
as well as provide in-depth technical consultation to the business units, IT and OT management and assist in developing plans and
direction for the integration of information cybersecurity requirements.
Responsibilities:
- Lead the corporate Identity and Access Modernization Program: Lead the selection and development of technology-based
tools and/or methodologies to review, design and/or implement products and services to support the modernization of
Manitoba Hydro's IAM environment. Deliver IAM modernization roadmap and update policies, standards procedures and
requirements for implementation. Identify the requirements to address impact of current decisions related to user access, data
access and information security.
- Lead IAM Modernization Program Implementation: Lead an IAM vendor selection process, evaluate existing and emerging
technologies and tools in the selection of an IAM service offering for Manitoba Hydro. Develop procurement, implementation
and long-term sustainment strategies including resource requirements to support a modern IAM environment. Coordinate
execution of implementation plans to upgrade IAM systems across the corporation. Work with project management and
technical resources to support the implantation of the roadmap. Provide ongoing management status reporting to include
accomplishments, plans for upcoming activities and overall completion status on a regular basis ensuring all milestones and
deliverables are achieved within communicated deadlines.
- Lead corporate IAM strategy and design architecture: Collaborate with IT and OT infrastructure access control designers to
develop guidelines, policies, strategy and operating procedures for a modern IAM applications and platforms environment.
Balance access with compliance and confidentiality and business requirements, identify and evaluate complex business and
technology risks, internal controls to mitigate risks, and related opportunities for internal control improvement. Create
corporate guidelines to support the lifecycle management of all IAM technologies and its associated infrastructure working
closely with implementation teams in IT and OT. Align IAM processes across the organization and develop and document
standards for organizational use of IAM-related technologies.
- Support modern IAM technology, strategy and governance: As a recognized subject-matter-expert on all IAM disciplines,
provide design support for identity governance and administration, (IGA), Access Management, (SSO, MFA), privileged
access management and identity verification, (ID Proofing, etc.) to access control operations within IT and OT.
- Support cyber security operations where required: Support cyber event incident response and recovery as part of the Incident
Response Team. In the event of a significant cyber security incident, you may be called to support response activities at any
time during a 24-hour period to assure Manitoba Hydro system security and reliability.
- Provide assistance on IAM-related cybersecurity programs including (but not limited to): Threat intelligence, policy
management, incident response and disaster recovery, forensic investigation support and application security.
MANITOBA HYDRO IS COMMITTED TO DIVERSITY AND EMPLOYMENT EQUITY
Reference Code: CO57078913-01
Qualifications:
- Graduate in Engineering from a university of recognized standing, plus a minimum of seven years related experience,
including two years related experience in Cyber Security, Operational Technology, or Information Technology Infrastructure
support.
- Member in good standing with Engineers Geoscientists Manitoba.
- Possess an understanding of Cyber security concepts, controls, frameworks and standards including NIST and ISO.
Knowledge of ICS Cyber Security Risk Management and NERC Critical Information Protection (CIP) Standards, Programs
and Procedures, CIP infrastructure components and CIP cyber assets. Familiarity with compliance standards, evidence
requirements and understanding audits and assessments.
- Identity management familiarity in one or more of the following areas: single sign-on (SSO), data management, identity
federation, enterprise directory architecture and design, including directory schema, directory services, namespace and
replication topology experience, resource provisioning, ITIL, and process integration. Identity and access governance includes
role-based access control, access request and certification, user life cycle management processes, and organizational
change management.
- Experience with administrating authentication technologies, such as Microsoft Active Directory/Windows authentication,
OpenLDAP, Shibboleth, SimpleSAMLphp, Kerberos, OpenID Connect, OAuth, SAML, SCIM, Azure AD, and federated identity
management.
- Expert understanding of web security standards, architecture, web security best practices and application security best
practices.
- Certification in Information Assurance Management, Certified Information Systems Security Professional, and/or Certified
Information Security Manager is considered an asset.
- Strong written and verbal communication skills with a demonstrated ability to communicate effectively, deliver reports,
recommendations, and presentations, and the ability to build and maintain harmonious working relationships with staff across
the enterprise at all levels.
- Excellent organizational and interpersonal skills, including facilitation, and negotiation.
- Demonstrated creativity in resolving complex information technology issues, implementing new processes and products and
redesigning work processes.
- Demonstrated initiative, and ability to prioritize, and achieve results in a timely manner.
- Possess good analytical skills, be self-motivating, and possess mature judgment with the ability to make and implement sound
decisions.
- Possess a valid Province of Manitoba Driver's Licence.
- Must obtain and maintain a current Personnel Risk Assessment and a "Clear" security rating in accordance with Manitoba
Hydro policy P513.
- Must complete Manitoba Hydro Standards of Conduct training.
- Critical Infrastructure Protection (CIP) Training is required and must be completed prior to transfer date and renewed annually.
Salary Range
Starting salary will be commensurate with qualifications and experience. The range for the classification is $51.34-$70.34 Hourly,
$98,380.88-$134,784.78 Annually.
Apply Now!
Visit www.hydro.mb.ca/careers to learn more about this position and to apply online.
The deadline for applications is AUGUST 5, 2025.
We thank you for your interest and will contact you if you are selected for an interview.
This document is available in accessible formats upon request. Please let us know if you require any accommodations
during the recruitment process.
#IND1
About Manitoba Hydro
As Manitoba’s major energy utility, we: • Generate and distribute electricity around the province. • Distribute natural gas in the province. • Export electricity within Canada and the mid-western United States. • Offer a wide range of energy services and programs.
We are recognized within the industry for our reliability, prudent environmental practices, strong relationships with Indigenous peoples, and outstanding community support. Our employees make all these things possible.