Senior IAM Engineer

Join Team CARFAX as a Senior IAM Engineer! Isn't it time you bragged about where you work? At CARFAX, we do, every day. We pride ourselves on being mission-focused on helping to grow a brand built on accuracy and integrity. We care deeply about our products and our customers. We’re more than just a company: We help millions of consumers make more informed decisions every day. We know that our teammates are our most valuable asset, and we value a balanced life while tackling challenging projects in a fast-paced environment.  One last thing: Our four-day week continues in Summer 2025!

As a Senior Identity & Access Engineer for CARFAX, you will be at responsible for designing and building our Identity and Access Management solutions. You will help us continue our transition to primarily cloud-based technologies. You will be key to keeping CARFAX secure. Being able to effectively communicate and work with other departments and groups is vital. The candidate should be able to learn new technologies quickly, be a self-starter, and able to accomplish tasks with minimal oversight. This role has an expectation of 2 days in the London, ON office per week, subject to change based on future business needs. What you’ll be doing:

• Develop and maintain IAM policies, procedures, and standards to ensure compliance with organizational and regulatory requirements.
• Lead the integration of IAM solutions with existing applications and systems, including user provisioning, authentication, and authorization.
• Manage Microsoft Active Directory Forests & Domains including Domain Controllers and Group Policy as well as Entra ID.
• Manage Okta Environment, including configuring new applications, managing memberships, updating agents, etc.
• Collaborate with cross-functional teams to understand business requirements and provide IAM solutions that meet security and usability goals.
• Evaluate and recommend new IAM technologies and tools to improve security, efficiency, and user experience.

 What we’re looking for:

• Five years of experience in Identity and Access Management. 
• Expertise managing cloud-based IAM solutions and architectures, such as Okta Identity Engine or Entra ID.
• In-depth knowledge of identity and access management concepts, best practices, and technologies, such as Active Directory, Okta, SSO, and multi-factor authentication (MFA). 
• In-depth knowledge of Active Directory and surrounding technologies
• Experience with leading and managing complex multi-team projects. 
• Strong communication skills with the ability to interact and collaborate with technical and non-technical users.
• Strong experience in designing, implementing, and managing IAM solutions, including user provisioning, role-based access control (RBAC), and access certifications.
• Proficiency in scripting and automation, using languages such as PowerShell, Python, or JavaScript. 
• Understanding of security concepts, including encryption, hashing, and public key infrastructure (PKI). 
• Familiarity with various authentication protocols, such as SAML, OAuth, FIDO, and OIDC.
• Familiarity with relevant regulations and compliance requirements, such as GDPR, SOX, and PCI DSS.
• Industry certifications, such as CISSP, CISM, or vendor-specific certifications from Microsoft or Okta, are highly desirable. 
• General networking knowledge
• General knowledge of Linux and Windows operating systems

 What’s in it for you: 

• Competitive compensation, benefits and generous time-off policies
• 4-Day summer work weeks and a winter holiday break
• 401(k) / DCPP matching
• Annual bonus program
• Casual, dog-friendly, and innovative office spaces
• For a comprehensive list of benefits, please visit our website: https://jobs.jobvite.com/carfax/p/benefits  

 Don’t just take our word for it: 

• 10X Virginia Business Best Places to Work 
• 10X Washington Post Top Workplace 
• 9X Washingtonian Great Places to Work 
• 3X St. Louis Post-Dispatch Best Places to Work