IAM Engineer

IAM / ISAM Engineer – SSO, SAML, OAuth, OIDC (AWS)

Toronto, Hybrid

6–8 years

We are seeking a skilled IAM / ISAM Engineer with hands-on experience in IBM Security Access Manager (ISAM) and identity management solutions. The ideal candidate will design, configure, and maintain SSO solutions, federated authentication, and advanced access controls, while working closely with cloud and DevOps teams. Exposure to banking domains and online banking applications is a plus.

This role requires strong knowledge of SSO, SAML2.0, OAuth, OIDC, multi-factor authentication, and policy server concepts, along with experience in AWS and DevOps tools.

• Configure and maintain IBM Security Access Manager (ISAM) for SSO solutions.
  

• Implement federated SSO using SAML standards.
  

• Create and manage Junctions, configure policy servers, ACLs, POP, and group imports.
  

• Configure Authorization servers, reverse proxies, and LDAP integration.
  

• Implement multi-factor authentication, OAuth, OIDC, and other authentication mechanisms.
  

  
  

• Apply knowledge of Advanced Access Control and Federation modules.
  

• Support identity management solutions for banking and online business applications.
  

• Ensure compliance with security best practices and IAM policies.
  

  
  

• Support AWS cloud-based security deployments.
  

• Apply automation using Ansible and collaborate with DevOps teams for efficient solution deployment.
  

• Participate in configuration management, CI/CD processes, and system monitoring.
  

  
  

• Maintain system documentation, runbooks, and knowledge transfer materials.
  

• Troubleshoot, debug, and resolve IAM/ISAM issues in live environments.
  

• Collaborate with stakeholders for requirements, solutions design, and implementation guidance.
  

• 6–8 years of hands-on experience in IBM Security Access Manager (ISAM).
  

• Strong understanding of SSO, SAML2.0, OAuth, OIDC, and multi-factor authentication.
  

• Experience with policy server concepts: ACL, POP, junction creation, group imports.
  

• Knowledge of reverse proxy, authorization server, LDAP configuration.
  

• Exposure to AWS cloud security concepts.
  

• Familiarity with Ansible automation and DevOps practices.
  

• Good understanding of identity management concepts and security best practices.
  

• Experience in Banking domains and Online Banking applications.
  

• Exposure to ignio AI or ERP operations.
  

• Hands-on experience in system administration, automation, or CI/CD pipelines.
  

• Knowledge of IAM integration with mission-critical business applications.