Technical Architect, User Access & Internal Identity (Computer Services Off 4)

 

 

Competition No:        44341 

 

Salary Range:            $3,107.16 - $3,649.33 Bi-Weekly / $80,786.16 - $94,882.58  Annually (PR 17)

 

Position Status:         Permanent

 

Benefits:                     Paid Holidays, Vacation, Family Leave, Health, Dental, and Defined Benefits Pension

 

Location:                    Flexible 

 

Department:               Cyber Security & Digital Solutions 

 

Union Status:             NSGEU - NSPG 

 

Closing Date:             10/25/2024  (Applications are accepted until 11:59 PM Atlantic Time)

 

 

ABOUT THE DEPARTMENT OF CYBER SECURITY AND DIGITAL SOLUTIONS (CSDS)

At the Department of Cyber Security and Digital Solutions (CSDS), we prioritize people and are dedicated to driving digital transformation that meets modern expectations. Our mission is to support government departments and partners in their digital transformation journeys, ensuring that digital services are user-centered, efficient, and impactful for all Nova Scotians. 

 

We don’t just implement digital solutions; we navigate the complexities of digital transformation by modernizing outdated systems and ways of working. Our role is to make a real difference by ensuring that our digital services are accessible and user-friendly. 

 

At CSDS, we celebrate diversity, inclusion, and belonging. We recognize that the people who use government programs and services come from all walks of life, and it’s essential that we reflect the communities we serve. We are committed to creating an environment where diverse perspectives and experiences are valued, and where all talent can thrive. By embracing these values, we deliver better, more accessible, and inclusive public services. 

 

The Mission

In this position, as a Technical Architect for the User Access and Internal Identity Operations team within the Cyber Security and Risk Management (CSRM) division, you will design, implement, and deliver secure digital identity services. You will also provide support in a 24/7 operational environment for the Government and Health sectors in Nova Scotia.

 

You will support government departments, agencies, boards, commissions, and offices, as well as Nova Scotia Health and IWK Health Centre. You will be required to work with clients with varying levels of digital literacy in determining the root cause of their problems and initiating a resolution plan. You must have the ability to use common, non-technical, business language to explain technical solutions. Other key characteristics required for this role include:

 

• Supporting end users in a prompt, polite and friendly manner.

 

• A strong initiative-taking collaborator with the ability to work independently.

 

• Flexibility to work after hours when required.

 

• Analytical thinking with strong troubleshooting skills.

 

• Practice good judgement and make decisions under pressure.

 

• Ability to remain positive and maintain confidence in own abilities.

 

Who You Are

You are passionate about people’s service experience and want to help develop and build solutions as well as resolve technical problems and requests over the phone, in person, and through our ticketing system. You enjoy supporting a 24/7 environment for critical services, working as part of a team, and going the extra mile to provide an amazing user experience. You thrive on supporting a diverse client base. You are flexible and available to work night shifts and on-call rotations.

 

You share our values of respect, integrity, diversity, accountability and the public good, have a passion for service excellence and actively promote and encourage the importance of people, teams, diversity, and culture.

 

Your Role & Its Impact

CSDS is looking for a Computer Services Officer 4 (Technical Architect), who wants to deliver enterprise digital identity and access services for the Province of Nova Scotia.  We are interested in candidates who have a proven track record of using due diligence and data-driven approaches to solve problems, demonstrate objectivity and professionalism, bring a positive and can-do attitude, take ownership of activities, and communicate progress and outcomes proactively and effectively.

 

You will be responsible for providing identity and access management subject matter expertise. You will architect, operationalize, deliver, and continuously improve identity services built around user needs with embedded protections. You will collaborate with clients, vendors, management, and leadership to deliver on your security, technical and non-technical accountabilities.

 

Your responsibilities will also include the following:

• Use the Zero Trust model to protect clients and assets through cloud security, identity and governance solutions.

 

• Design, deploy, and maintain security solutions including but not limited to Microsoft Entra ID Governance, FIDO2 Passwordless Authentication, Conditional Access, and Risk-based Multi-Factor Authentication.

 

• Provide specialized advice and training to users on leveraging directory, identity management, federation, and public key infrastructure services.

 

• Work with customers, business, and technology teams to drive identity-based initiatives through the project lifecycle stages.

 

• Advise the business and service leadership teams on key architectural decisions, including the adoption of new technologies through the evaluation/assessment of new technologies, mapping those to the business requirements and making recommendations on implementation approaches and training requirements.

 

• Ensure deployment, maintenance, security, availability, performance, improvement, and enhancement of the digital identity infrastructure. 

 

• Work on tickets (incidents, service requests, change requests, problems, etc.)

 

• Implement corrective actions to ensure timely resolution of the technical issues.

 

• Take ownership of operational aspects, including but not limited to investigating issues, analyzing evidence, documenting recommendations with rationale, mapping processes, creating procedures and standards, coordinating efforts, and communicating thoroughly and efficiently.

 

• Consistently deliver on accountabilities, and support clients, peers, management and leadership.

 

• Coach and lead teammates and peers on new technologies and processes.

 

• Help create a culture of humility, learning, collaboration, ownership and results.

 

• Show continuous learning and knowledge update by completing or renewing agreed technical certification(s) every year as part of performance metrics.

 

What You Bring to the Table

To be successful in this role, you will have a Bachelor of Science in Computer Science plus a minimum of 5 years’ experience, or graduation from a recognized Information Technology program, plus 5 years and 6 months experience or an acceptable equivalent combination of training and experience.

 

You have completed and earned one or more of the following credentials. Evidence of completion, by way of a Microsoft transcript shared link that shows your legal name, MCID, contact email address and active certifications, is required.
 

• Microsoft Certified: Cybersecurity Architect Expert (SC-100)

 

• Microsoft Certified: Azure Security Engineer Associate (AZ-500)

 

• Microsoft 365 Certified: Administrator Expert (MS-102)

 

• Microsoft Certified: Identity and Access Administrator Associate (SC-300)

 

• Microsoft Certified: Security Operations Analyst Associate (SC-200)

In addition, you have the following required experience:

• Experience with Microsoft 365 Defender/Advanced Threat Protection.

 

• Designing, migrating, implementing, and maintaining enterprise hybrid identity environments.

 

• Implementing, configuring, and maintaining Microsoft Entra ID (Azure Active Directory), Microsoft Entra Domain Services, and Microsoft Entra Business-to-Business (B2B) Collaboration

 

• Implementing, configuring, and maintaining Active Directory Domain Services (AD DS), Active Directory Federation Services (AD FS), and Active Directory Certificate Services (AD CS) in enterprise hybrid identity environments.

 

• Maintaining and supporting Microsoft Identity Manager (MIM) or a comparable identity and access management suite (e.g., PingOne, OneLogin, SailPoint, ForgeRock, etc.).

 

• Operationalizing Micosoft Entra ID, Entra Privileged Identity Management, Identity Protection, Single Sign-On for managed applications, Risk-based Multi-Factor Authentication, Passwordless Authentication, and Advanced Threat Protection.

 

• Maintaining and hardening Active Directory Domain Services and Active Directory Federation Services.

 

• Securing on-premises and cloud applications authenticating to Azure AD protected APIs.

 

• Managing and automating the identity lifecycle management events, user access reviews, license assignments and reclaims in a Microsoft 365 environment.

 

• Managing user and group lifecycle management with Microsoft Graph.

 

• Implementing well-architected framework(s) for security, efficiency, and operational excellence.

 

• Scripting with Active Directory PowerShell, Azure CLI, etc.

 

• Resolving issues related to server monitoring, automation, group policies, directory security, and integration with load balancers.

 

• Creating standard operating procedures and processes.

 

• Undertaking troubleshooting and investigations to resolve incidents and problems.

Assets

• Experience with Windows Server operations, including installation, configuration, and system administration.

 

• Experience with REST APIs, JSON, OAuth 2.0, OData, OpenID Connect, and Microsoft identities.

 

• Practical understanding of identity/authentication standards and protocols: Kerberos, SAML2, OAuth2, WS-Federation, WS-Security and OpenID Connect.

 

• Practical understanding of Public Key Infrastructure (PKI).

 

• Coaching and mentoring staff on new processes and technologies.

 

• Experience working in a health care or public sector environment.

 

• Experience supporting mission critical, enterprise environments, 24 x 7 x 365.

Equivalency

We recognize that everyone brings different skills and experiences to the table.
If you don’t “check all the boxes”, we encourage you to apply anyway and tell us why you’re the right fit for the job.

 

We value diversity of thought and believe that the best teams are those that bring together people with a range of experiences and perspectives.

 

Working Conditions

You will be required to work outside normal business hours (08:00-16:30) to provide service and be on-call to work non-traditional shifts, including weekends, to support a 24/7 critical service and environment.

 

Selection Process

One or more methods that include a technical assessment, oral presentation, interview(s), references, background checks, and more, can be used to assess your candidacy.

 

Benefits & Perks

At the CSDS with the Government of Nova Scotia, we are committed to providing a fulfilling work environment with numerous benefits and opportunities:

 

• Work-Life Balance: Maintain a healthy work-life balance with a 35-hour work week.

 

• Secure Your Future: Take advantage of our defined benefits pension plan for a stable retirement.

 

• Generous Time Off: Enjoy vacation, all national/civic holidays.

 

• Flexible Work Arrangements: Accommodate your needs with various options for flexibility, such as hybrid schedules.

 

• Employee and Family Support: Access our Employee and Family Assistance Programs for resources and guidance.

 

• Support in Times of Need: Access to our EAP.

 

• Cross-Sector Collaboration: Experience the power of collaboration as you engage with various government departments. Unlock a world of knowledge, expertise, and connections, contributing to the betterment of our province.

 

• Growth & Development: Open doors to professional growth within the department and beyond. Explore diverse career paths in specialized areas such as digital service design, cybersecurity, enterprise risk, digital platform services, and mission IT.

 

• Lifelong Learning: Continuously expand your knowledge and skills through training and development programs.

 

• Professional Advancement: Immerse yourself in the government landscape and discover endless opportunities for learning, advancement, and making a meaningful impact.

Join the Department of Cyber Security & Digital Solutions and experience the benefits of a fulfilling career, supported by comprehensive perks, career development opportunities, and a diverse range of paths to explore within our department and across the government.

 

Pay Grade:  PR 17  

Salary Range:  $3,107.16 - $3,649.33 Bi-Weekly

 

Employment Equity Statement:

Our goal is to be a diverse workforce that is representative, at all job levels, of the citizens we serve.  The Government of Nova Scotia has an Employment Equity Policy, and we welcome applications from Indigenous People, African Nova Scotians and Other Racially Visible Persons, Persons with Disabilities and Women in occupations or positions where they are under-represented.  If you are a member of one of these equity groups, you are encouraged to self-identify on your electronic application.

 

This is a bargaining unit position initially restricted to current civil service employees represented by the Nova Scotia Government Employees Union (NSGEU). If applying from outside a government office, employees must apply correctly via this link:

 

 

 Failure to apply correctly means that your application will not be given first consideration as a bargaining unit applicant, and will only be included if external applications are pursued. 

 

External applicants and current casual employees will only be considered if there are no qualified civil service bargaining unit candidates. PLEASE NOTE: Candidates will not be considered for an interview if applications are incomplete or are missing information. 

 

Offer of employment is conditional upon the completion of all applicable background checks and confirmation of credentials, the results of which must be satisfactory to the employer. We thank all applicants for the interest, however, only those selected for an interview will be contacted. All questions and concerns may be directed to Competitions@novascotia.ca.