Senior Specialist, Identity & Access Management
Listed on 2026-07-17
-
IT/Tech
Cybersecurity, Information Security
Benefits
- Annual Paid vacation.
- Annual individual performance incentive.
- Defined benefit pension plan.
- Comprehensive group insurance plan to support your well-being from day one.
- Support towards your personal and professional growth with training, mentorship and more.
- An inclusive workplace culture and environment.
- While positions at CMHC require some in‑office presence, alternative work arrangements may be considered for Indigenous candidates.
The Role
Join the IT Security Operations Team, in the Senior Specialist, Identity & Access Management position. In this role you will be responsible for designing, governing, and continuously improving the enterprise Identity and Access Management (IAM) program. You will ensure that digital identities and access rights are appropriately defined, authorized, reviewed, and revoked in alignment with organizational risk tolerance, security policy, and regulatory obligations.
The role provides expert‑level advisory services to senior management and is accountable for the effectiveness and outcomes of IAM controls across the organization.
- Lead IAM strategy, governance, and oversight by owning the enterprise Identity and Access Management (IAM) framework, including policies, standards, and control objectives.
- Define and enforce core IAM principles, including identity lifecycle management, least privilege, role‑based access control (RBAC), segregation of duties, and access exception governance.
- Ensure alignment with security, privacy, and compliance requirements, maintaining auditable and regulatory IAM practices across the enterprise.
- Maintain accountability for IAM service effectiveness, including services delivered through internal teams and third‑party or managed service providers.
- Assess and communicate identity‑ and access‑related risk, advising senior leadership on access risk acceptance, control design trade‑offs, and residual risk exposure.
- Provide expert advisory support on IAM implications for new systems, cloud platforms, and third‑party integrations.
- Define, monitor, and report on IAM KPIs and KRIs, producing executive‑ and board‑level reporting on access risk posture, control effectiveness, and compliance status.
- Provide functional leadership and cross‑enterprise collaboration, mentoring IAM specialists, partnering with IT, security, audit, privacy, and business teams, and representing the organization in audits, regulatory reviews, and access‑related investigations.
- A bachelor’s degree in information technology, Cybersecurity, or a related field. An equivalent combination of education and/or experience may be considered.
- Advanced certification required (e.g., CISSP, CISM, or equivalent IAM certification).
- 7 to 10 years of progressive experience in IAM, cybersecurity, or IT risk management.
- Demonstrated experience advising senior leadership on enterprise‑level access risk.
- Experience designing or governing IAM programs or control frameworks.
We’re committed to employment equity and encourage women, Indigenous Peoples, persons with disabilities, veterans and persons of all races, ethnicities, religions, abilities, sexual orientations, and gender identities and expressions to apply. We also welcome applications from non‑Canadians who are eligible to work in Canada. CMHC is an inclusive workplace where diversity of thought – and of people – are recognized, valued, and considered essential to achieving our mission.
#J-18808-LjbffrTo Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search: