Technical IAM Program Lead

Job Title: Technical IAM Program Lead
Location: Toronto, ON (Hybrid)
Estimated Duration: 2 Years

1.0         Description of Assignment
The Technical IAM Program Lead is a senior, cross?functional role responsible for defining the technical and functional requirements for the enterprise Identity & Access Management (IAM) program and ensuring that vendor-delivered IAM solutions align with those requirements. This role provides the technical leadership, architectural expertise, and subject?matter expertise needed across IAM domains—including Governance, Privileged Access Management (PAM), Identity Governance & Administration (IGA), Technical Access for IT & OT, and Identity Analytics.
This role partners with internal stakeholders to define target architecture, articulate an IAM roadmap, prepare comprehensive RFP documentation, participate in vendor evaluation and selection, and then oversee the technical design and implementation performed by vendor-supplied Identity Architects, PAM Leads, and IGA Leads. A Project Manager supports this role throughout the requirements gathering, procurement, contracting, implementation, and transition to operations.
This role is not responsible for performing hands-on configuration or implementation but ensures technical correctness, alignment, and quality throughout the program lifecycle.
Skills and Certifications
Mandatory Requirements/Skills/Certifications

• University degree in Computer Science, information security, Information Technology, Engineering, Cybersecurity, or a related field as well as considerable IAM experience or the equivalent combination of education and experience.
• 10+ years of progressive experience in Identity & Access Management (IAM), covering IAM architecture, Privileged Access Management (PAM), and Identity Governance & Administration (IGA).
• 5+ years of Information Technology experience
• Strong background in enterprise IT and Security Architecture, including cloud, hybrid, and OT/industrial environments
• Deep knowledge of IAM standards and technologies (e.g., SAML, OIDC, OAuth2, SCIM, AD/Azure AD, HRIS integrations).

Any one of the following certifications is required:

• Certified Identity and Access Manager (CIAM)
• Certified Access Management Specialist (CAMS)
• Certified Information Systems Security Professional (CISSP)

Other Skills/Certifications

• Demonstrated experience defining functional and non-functional requirements for large-scale IAM initiatives.
• Experience preparing or contributing to Ontario public sector RFPs, vendor evaluations, and technical scoring.
• Ability to provide technical oversight of vendor Identity Architects, PAM Leads, and IGA Leads without performing hands on implementation
• Strong understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP,  LDAP, SAMLv2, OAuth, and SSL/TLS
• In-depth knowledge of technologies and architecture principles required to secure sophisticated network environments such as: Endpoint Security, DLP, NGFW, Zero Trust, VPN, VLANs, IDS, IPS, ACLs, device authentication, network behavior anomaly detection, SOAR, firewall configuration management, DDoS protection, etc
• Strong skills in technical presentations, solution walkthroughs, and architecture review sessions with engineering teams.
• Proven ability to prepare and deliver executive-level presentations, including clear articulation of risks, dependencies, timelines, and architectural decisions
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
• Demonstrated ability to work collaboratively across various teams in a public sector organization
• An understanding of organizational mission, values, goals and consistent application of this knowledge
• Ability to work in a fast-paced environment managing multiple priorities with proven time management skills.

Additional Skills (Nice to have):

• Extensive experience in IT and Network Infrastructure
• Proven experience conducting Cybersecurity Risk Assessments, control gap analysis, and risk-based prioritization.
• Experience with identity analytics, UEBA, and SOAR integrations.
• Experience in regulated industries or critical infrastructure environments.
• Vendor-specific IAM certifications

Assignment Duties
Requirements Definition & RFP Leadership

• Lead technical and functional requirements gathering workshops with IT, OT, HR, Cybersecurity, Compliance, and Business stakeholders.
• Translate business needs and enterprise risk into actionable functional, non-functional, and architectural requirements.

Develop high-quality RFP documentation for all IAM domains, including:

• IAM governance requirements
• PAM functional needs (IT and OT)
• IGA requirements (identity lifecycle, SoD, role models, workflows)
• Technical Access modernization requirements
• Identity analytics and behavior analytics requirements
• Integration, interoperability, scalability, availability, and security controls
• Define evaluation criteria, scoring matrices, and vendor response templates.
• Collaborate with Procurement and Legal through the entire RFP lifecycle.
• Support vendor Q&A, solution demonstrations, technical scoring, and selection.

Technical Governance & Architecture Oversight

• Act as the enterprise technical authority for IAM throughout the program.
• Maintain alignment with enterprise IT/OT architecture, Zero Trust principles, cybersecurity requirements, and compliance obligations.
• Review and approve solution designs, architecture diagrams, configuration plans, data flows, and integration approaches provided by vendor teams.
• Ensure vendor developed solutions remain consistent with RFP requirements and internal architectural standards.
• Escalate technical risks and design deviations and ensure remediation paths.

Oversight of Vendor Implementation Teams

• Serve as the technical oversight point during PAM, IGA, Access Management, OT access modernization, and Identity Analytics deployments.

Work closely with vendor supplied:

• Identity Architects
• PAM Leads & Engineers
• IGA Leads & Engineers
• Analytics/UEBA/SOAR specialists
• Validate solution design decisions, configuration approaches, and integration patterns.
• Ensure deliverables meet defined requirements, quality standards, and measurable acceptance criteria.
• Coordinate design reviews, technical checkpoints, and solution validation sessions.

Collaboration With the Project Manager

• Provide technical direction, risk mitigation support, and subject matter expertise throughout the project lifecycle.

Support the PM in:

• Key milestone planning
• Dependency management
• Risk and issue tracking
• Change management
• Stakeholder communications

Ensure smooth transition from requirements ? RFP ? vendor selection ? design ? implementation ? operations.
Enterprise Stakeholder Engagement

• Facilitate alignment between Cybersecurity, IT, OT, HR, Application Owners, Compliance, and Architecture teams.
• Communicate technical impacts, options, and constraints in business-friendly language.
• Support operational teams during knowledge transfer and transition activities.

Quality Assurance & Acceptance

• Define technical acceptance criteria for RFP responses, solution designs, and implementation deliverables.
• Validate vendor solutions through design reviews, testing strategies, and security assessments.
• Ensure documentation, runbooks, diagrams, and handover materials meet enterprise standards.

Deliverables
Deliverables include:

• IAM RFP & Requirements Package
• IAM Target Architecture & Governance Framework
• Vendor Design Validation & Oversight Artifacts
• IAM Governance & Operational Readiness Package
• Support other initiatives (e.g. design/architecture reviews, policy/standards refresh, etc)