IAM Analyst (OKTA)

About us:

Peoples Group is a boutique financial institution with offices located in Vancouver, Calgary, Toronto, and Montreal that has been in the Canadian marketplace for over 35 years. Our mission is to exceed our customers' expectations by providing exceptional customer service backed by extensive product knowledge and experience.

Our culture here at Peoples Group is formed by our values: Trustworthy, Creative, Willing. We believe people don't choose a company to work for, they choose a company to join. We prioritize risk-based practices and procedures in order to remain risk intelligent and compliant. We value people, building relationships, and focusing on strengths; we execute with passion.

About the work environment:

Peoples Group offers a flexible and hybrid work environment. In this role, you will work a combination of in-office and remotely from home. Typically, you'll work regular business hours, Monday through Friday, between 8:00 a.m. and 4:30 p.m., with flexibility around start/end times.

We are hiring for this position out of Toronto. Successful candidates who apply outside of these areas will be expected to relocate and reside in a location that is within a commutable distance.

The role requires the candidate to participate in on-call, acting as an escalation path for critical incidents.

About you: 

We are seeking a highly skilled IAM Analyst to manage, optimize and secure user authentication and authorization processes within Peoples Group, using the Auth0 Platform.  

This role is pivotal in building our next-generation identity and access management (IAM) framework, ensuring seamless, secure, and scalable authentication and authorization for millions of customers. 

About the day-to-day: 

IAM Analyst Responsibilities (Strategic & Design-Focused) 

• Monitor and resolve authentication related issues, such as login failures and token errors
• Provide technical support to developers and end users 
• Ensure Auth0 configurations comply with security best practices and regulatory requirements (e.g.; NIST, GDPR) 
• Optimize Auth0 configurations for scalability and efficiency 
• Document Auth0 configurations, processes and best practices 
• Train developers and end users on how to use the Auth0 platform as per design 
• Participate in cross functional CIAM and Employee IAM projects to improve IAM program 
• Assist in defining authentication and authorization best practices, including OAuth2, OIDC, JWT, SAML, and adaptive authentication strategies. 
• Assist with IAM governance, security policies, and integration models for Auth0 & Microsoft Entra ID (Azure AD). 
• Collaborate with Security, DevOps, Engineering, and Product Teams to align IAM strategy with application security. 

IAM Analyst Responsibilities (Hands-On Implementation & Operations) 

• Configure and deploy Auth0 for user authentication and authorization across applications. 
• Implement OAuth 2.0 and OpenID connect protocols to secure APIs. 
• Configure scopes and permissions to control access to API endpoints. 
• Implement and manage security measures like roles-based access control (RBAC) and anomaly detection. 
• Issue and validate JSON Web Tokens (JWTs) for API access.
• Configure token expiration, signing algorithms, and encryption to ensure token handling.
• Integrate API’s with Auth0 for centralized CIAM Management.
• Use Auth0’s API Authorization features to define and enforce access policies.
• Monitor and revoke compromised or expired tokens.
• Integrate Auth0 with various applications, APIs, and platforms (e.g.; web apps, mobile apps, cloud services) 
• Work with developers to implement Auth0 SDKs and API’s.
• Manage user identities, roles and permissions within Auth0 
• Manage user provisioning, deprovisioning and lifecycle management.
• Monitor Auth0 performance and usage metrics.
• Integrate Auth0 with customer-facing applications (web, mobile, API gateways) using OAuth2, OIDC, and API security best practices. 
• Implement Multi-Factor Authentication (MFA), Passwordless Authentication, and risk-based authentication. 
• Establish and maintain IAM monitoring, logging, and anomaly detection using Auth0 logs, SIEM integration, and UEBA tools. 

About the qualifications:

• 3-5+ years of relevant experience in Information Security. 
• Expertise in IAM, authentication pipelines, custom rules, and extensibility.  
• Postman for testing API endpoints and token flows. 
• Strong knowledge of OAuth2, OpenID Connect (OIDC), JWT, and API security. 
• Experience with API’s, SDK’s, and programming languages (e.g.; JavaScript, Node.js). 
• Experience assisting developers in integrating IAM with customer applications (React, Angular, Python,  .net,C#, etc.)
• Experience with CI/CD pipelines (GitHub Actions, GitLab CI/CD) for IAM automation.
• Proficiency in IAM automation using Terraform and PowerShell. 
• Experience with WebAuthn, FIDO2, Passkeys, and Passwordless authentication. 
• Familiarity with customer identity analytics, fraud detection, and identity risk scoring (e.g., Auth0 Attack Protection, UEBA tools). 
• IAM-related certifications (e.g., Auth0 Certified Expert, Azure Security Engineer, Certified Identity and Access Manager - CIAM). 
• Bachelor’s degree in engineering, computer science or a related field.

Help us get to know you better by answering our application questions! Your participation is expected as an essential part of our selection process. 

NOTE:  This job posting is for an existing vacancy. Peoples Group is an Equal Employment Opportunity employer. Please accept our utmost appreciation for your interest; however, only those applicants under consideration will be contacted.  

We value and celebrate individuality while fostering an inclusive workplace for everyone. If there's any way we can support or accommodate you during the selection process, please don't hesitate to let us know.