IGM Financial Inc. is one of Canada's premier financial services companies, and one of the country's largest managers and distributors of investment funds and other managed asset products, with over $244 billion in total assets under management as of February 28, 2021. Its activities are carried out principally through Investors Group Inc., Mackenzie Financial Corporation and Investment Planning Counsel Inc.
We are focused on the long-term strength and stability of our companies and recognize these as core responsibilities to our clients and shareholders as we adapt and lead in an ever-changing world.
Why should you join the IGM family?
Be part of a winning culture!
Your opportunity to develop and work with smart, highly capable leaders who are passionate and innovative
A genuine commitment to diversity and inclusion, through public goals, a variety of external partnerships/employee groups and an inclusive environment
A fulfilling employee experience – we offer competitive terms, a collaborative/respectful way of working and connect strongly with our community
Role & Responsibility:
The Director of Identity Governance & Administration (IGA) will help lead and scale a team of experienced engineers in the Identity and Access Management, Governance and Administration space. This is a senior leadership role accountable for the strategic direction and governance of the IGA program across IGM. This role directs the planning, design, development, implementation, deployment and operations of the overall IGA team.
The candidate must have hands-on experience in engineering solutions in the Identity Governance & Administration space (Design and Build).
Key Capabilities & Responsibilities:
Develop an enterprise strategy for Identity and Access Management while ensuring scalability, dependability and flexibility of the IGA platform
Responsible for the establishment and maintenance of an IGM Identity, Access, Governance and Audit Management Framework that ensures a comprehensive, requirements-driven approach to planning, implementation, administration, operations, measurement and communication
Work across teams to document and share IGA best practices for clients, employees, partners, and vendors
Ensure overall IT strategy and architecture plans, corporate security and operational standards are translated into IGA services, methods and technologies as they align with leading IGA practices
Lead the planning, design, implementation, deployment and maintenance of the IGA platform
Hire outstanding talent that can work in high performing teams
Manage, coach, lead and develop a staff of IGA personnel and provide leadership to a distributed team of engineers and managers
Advise senior management on IGA-related risks and security posture
Communicate with staff and executives on objectives, priorities, performance targets and standards, plans, unit accomplishments, and budget reports on a regular basis
Deliver subject matter expertise of Microsoft Windows Active Directory and Azure Active Directory with emphasis on architectural design, migration, management and support of implementations
Deliver subject matter expertise of SailPoint IIQ and Identity Governance and Administration lifecycle
Lead in the creation of detailed design and define technical solutions that consider the enterprise architecture strategies, current state environment and constraints
Strong knowledge of security-by-design and privacy-by-design concepts
Hands-on experience to install, configure, test, maintain and troubleshoot Identity, Access, Governance and Audit Management platforms, e.g. SailPoint IIQ, Azure Active Directory, Windows Active Directory,
Deep knowledge of Microsoft M365 Identity platform including Azure Active Directory Identity Protection, Multi-Factor Authentication (2FA, biometric, etc.), Advanced Threat Protection, Microsoft Intune and Conditional Access Policies, etc.
Must have hands-on experience developing and deploying large-scale enterprise Identity Governance & Administration solutions, including Identity Management (Provisioning, Enrolment, De-provisioning), Access Management, Authentication, Authorization, Role Based Access Control (RBAC), Identity Governance(Attestation, Re-certification, Reconciliation), Identity Federation, Single Sign-On (Desktop SSO, Web SSO, eSSO), Privileged Access/User Management (PAM/PUM), Security and IAM management for cloud based solutions, including IaaS, PaaS, SaaS and IDaaS, Social Login, Identity Analytics, Identity Trust Frameworks
Directory Services – Active Directory and associated roles including Domain Services (AD DS), Certificate Services (AD CS), Domain Name System (DNS), Rights Management Services (AD RMS), Federation Services (AD FS), Lightweight Directory Services (AD LDS)
Subject matter expert in the following IAM Technologies: LDAP, SAML, OAuth, OpenID Connect (OIDC), XAML, NAPPS, WS-Fed, FIDO, UMA, SCIM, IWA, etc.
Strong experience with Privileged Access Management Solutions (CyberArk, etc.)
Hands-on experience in implementing security hardening in cloud-based systems, endpoint and cloud infrastructure
Governance, planning and delivery of enterprise-level IAM program based on zero-trust (Identity, access, privileged access, SSO federation, cloud, MFA)
Implementation of SIEM use cases and playbooks and detection and response plans as it relates to IGA
Lead the team is responding to all infrastructure security breaches and support in the investigation of security incidents
Maintain security, backup, and redundancy strategies
Prepare and document standard operating procedures and protocols
Lead in the creation and updates of technical project documentation (i.e. technical and configuration runbook, implementation plan, etc.)
Experience in leading the team in supporting Level 2, 3 and/or 4 escalation for production incidents
8+ years of hands on working experience in the participation of engineering and design of IGA platforms
Passionate about evangelizing standards around identity protection and security
Strong core foundation experience in fundamental cloud technologies and services
Education at the bachelor or master level in Computer Science or equivalent technology related experience
Excellent knowledge and relevant experience in security domains related to Identity and Access Management and Operations.
Superior problem solving and decision-making skills to resolve work issues with the ability to work under pressure in a dynamic environment
Superior leadership, collaboration, and interpersonal skills with a demonstrated ability to work effectively and build consensus in a multi-functional team environment.
Strong communication (verbal/written) and good interpersonal skills to build relationships with internal and external business partners and vendors
Strong desire to implement change and contribute to the organization
Experience of working with new and disruptive technologies would be a definite asset
One or more industry recognized information professional designations (CISSP, CISM, etc.)
Knowledge of the Financial Services industry regulations
Proven ability to establish and build healthy working relations and partnerships with clients, vendors and peers
Possess effective communication and interpersonal skills, and executive presence
Highly credible with senior executives while also able to connect and build trust- based relationships with stakeholders at all levels of an organization
Gain commitment, trust and support from others and will be able to sell ideas inside and outside the organization
Influence & Focus:
Ability to focus/align the organization around critical initiatives, best practices and guiding principles
Exceptional influencing skills and will work transparently and cooperatively with the cross-functional teams, effectively engaging all pertinent stakeholders, both internal and external
The successful candidate will not be afraid to challenge the status quo
Exhibit a mindset of creativity, determination, and an energetic drive to succeed
Have a proven track record of setting and meeting aggressive goals and action plans, both as an individual and with a team
Versatility and Resilience:
Able to oversee multiple projects and excel in a complex and evolving portfolio
Demonstrate appropriate flexibility in all situations and will be comfortable with ambiguity, while pivoting from macro to micro issues, from shaping the technology, innovation, digital, and strategy agenda through to the day-to- day details of operations and compliance issues
Adhere to the highest standards of personal and professional integrity and will set a positive example for others
Provide leadership and effective management of staff
Accountable to influence employee commitment to the organization, to the team, and to their job
Set appropriate context when assigning work to link the employee’s work to organizational/ business unit goals
Lead and build a team and individual capabilities to ensure employees can perform to job requirements
If you are interested in applying for this position please direct applications on-line using the “apply for this job” icon located at the bottom or to the left of the posting. If you would like to refer someone for the position please email the posting using the “email this job” option and have your referral indicate that they were referred by you when completing the application. All resumes should be received by May 13, 2021. If you have any questions regarding this position, please contact Human Resources. Please record your extension number on your resume and cover letter. The career level for this position is L8.
We thank all applicants for their interest in Mackenzie Investments; however only those candidates selected for an interview will be contacted.
Mackenzie Investments offers an exciting and challenging work environment, a competitive base salary, performance-based bonuses, excellent benefits, recognition for your accomplishments, and opportunities for personal and professional growth.
Mackenzie Investments is an equal opportunity employer and is committed to providing employment accommodations in accordance with the Ontario Human Rights Code and the Accessibility of Ontarians with Disabilities Act. Please advise Human Resources if you require an accommodation.