Job DescriptionWhat is the opportunity?The
Senior IAM Systems Engineer is responsible for rolling out and integrating the enterprise AI / non-human identity (NHI) solution across the systems and platforms that consume AI agents, services, and workload identities. This role works across the organization partnering with AI platform, cloud, application, DevOps, and security teams to bring AI identity capabilities to the workloads and environments that need them. Reporting to the Director of NHI / AI Identity Engineering, this engineer bridges identity and the broader enterprise, turning an AI identity capability into a real, organization-wide control.
AI and machine identity is one of the fastest growing identity domains and a central pillar of the IAM strategy. This engineer will shape how the enterprise integrates and scales AI identity across a heterogeneous estate, working at the intersection of identity, cloud, and AI platform engineering directly enabling the safe adoption of AI at scale.
What will you do?- Lead integration of the enterprise AI / NHI identity solution with workloads and platforms across the organization, including AI platforms, cloud environments, container platforms, CI/CD pipelines, and application teams
- Partner with AI platform, cloud, DevOps, application, and security teams to deliver consistent AI identity controls across the estate
- Design and execute integration patterns for AI agents, services, and workloads to consume identity and secrets securely
- Build automation for AI / NHI onboarding, secret rotation, ephemeral credential issuance, and lifecycle management across enterprise systems
- Drive integration with broader IAM capabilities, including PAM, authorization, directory services, and IAM APIs
- Configure, test, and operationalize AI identity deployments across cloud, on-prem, and hybrid environments
- Establish observability, alerting, and operational practices for AI identity integrations across systems
- Work with Architecture, Security, Risk, and Audit to ensure integrations meet regulatory and internal control requirements
- Provide deep technical input into rollout planning, change management, and consumer experience design
- Support production operations, incident response, and root cause analysis for AI identity integrations
- Document integration patterns, runbooks, and standards for use by partner teams across the enterprise
- Build operational automation for the AI identity solution patching, certificate rotation, configuration drift detection, and routine support operations
- Integrate with CI/CD pipelines and infrastructure platforms as needed
What do you need to succeed?Must-have: - 7+ years in identity, security, platform, or DevOps integration engineering, with significant experience in Identity and Access Management
- Strong hands-on experience integrating identity and secret solutions with enterprise workloads and platforms
- Strong understanding of non-human identity concepts: service accounts, workload identity, ephemeral credentials, secret rotation, attestation
- Hands-on experience with Kubernetes workload identity and cloud-native identity patterns (AWS IAM Roles for Service Accounts, Azure Managed Identities, GCP Workload Identity)
- Strong automation and scripting skills (Python, Go, PowerShell, or equivalent), with proficiency in Infrastructure-as-Code (Terraform), CI/CD, and GitOps
- Strong understanding of authentication and authorization standards: OAuth 2.0, OIDC, mTLS, JWT
- Working knowledge of the banking/financial services regulatory landscape (FRB, Part 30, OSFI) and how it shapes machine identity and secrets controls
- Excellent collaboration and communication skills, with a track record of driving cross-team integration initiatives in matrixed environments Excellent collaboration and communication skills, with a track record of driving cross-team integration initiatives in matrixed environments
Nice-to-have:- Hands-on experience with PAM or secrets management platforms (CyberArk, HashiCorp Vault, SPIFFE/SPIRE, or equivalent)
- Experience securing AI / LLM workloads, agentic AI patterns, or MLOps pipelines
- Experience integrating identity controls with API gateways and policy engines
- Familiarity with Zero Trust Architecture and Just-In-Time Access models
- Experience leading enterprise-wide identity or secrets management rollouts and migrations
What's in it for you?- A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable
- Leaders who support your development through coaching and managing opportunities
- Ability to make a difference and lasting impact
- Work in a dynamic, collaborative, progressive, and high-performing team
- Opportunities to do challenging work and take on progressively greater accountabilities
#LIPOST
#TECHPJ
Job SkillsDecision Making, Group Problem Solving, Identity Access Management (IAM), Information Security, Information Technology Security, IT Systems Integration, Negotiation, Software Development, Software Development Life Cycle (SDLC)
Additional Job DetailsAddress:16 YORK ST:TORONTO
City:Toronto
Country:Canada
Work hours/week:37.5
Employment Type:Full time
Platform:TECHNOLOGY AND OPERATIONS
Job Type:Regular
Pay Type:Salaried
Posted Date:2026-04-17
Application Deadline:2026-06-30
Note: Applications will be accepted until 11:59 PM on the day prior to the application deadline date above
