Job Title

Join to apply for the IAM Manager, Information Security role at First National Financial LP3 days ago Be among the first 25 applicantsJoin to apply for the IAM Manager, Information Security role at First National Financial LPFirst National is proud to be an equal opportunity employer and is committed to diversity and inclusion regardless of race, color, religion, national origin, age, gender identity, physical or mental disability, sexual orientation and any other category protected by law.First National supports requests for accommodation from applicants with disabilities; please contact Human Resources at should you need an accommodation at any point in the recruitment process.We are hiring an IAM Manager, Information Security!Reporting ToSenior Manager, GRCFull-Time/Part- TimeFull-timePosting DateJune 12, 2025Closing DateJune 27, 2025Hours Of Work8:30 a.m. 5:00 p.m.GradeOffice Location:16.4Toronto, ONGreat location! Steps away from the main public transit stationWhat We OfferHighly competitive compensation package which includes base salary, bonus, benefits, and career advancement opportunities!Eligibility for benefits is dependent on the terms of employmentThe OpportunityA strategic and integral member of the Information Security Team, reporting to the Senior Manager (GRC), Information Security, is responsible for ensuring the security, integrity, and availability of First National information assets.The role will be responsible for the program management and continuous improvement of the IAM Security Program taking into consideration, its strategy, policies, processes, controls, assessments, reporting, metrics, training, and awareness. The role will be critical in guiding First National to protect the organization's digital assets and ensure secure access for authorized users while adhering to the Security frameworks and Zero-Trust principles.This Role Requires The Following SkillsSpecialized knowledge and experience in managing the Identity and Access Management program.Knowledge of Identity Access Management approaches, concepts, tools, techniques, and project management within the IAM realm.Development, maintenance and review of Information Security Policy, Standards, Processes and Procedures related to Identity and Access Management.Knowledge and understanding of current security standards and best practices, particularly ISO 27001.Effective and dynamic communicator.How You Will ContributeResponsible for setting up, developing, implementing, and continually improving an IAM program, to support the governance of access principles and to ensure high security standards & integrity of the companys information systems/data.Design and implement IAM concepts and best practices such as, access & identity management, privileged accounts management, account types (e.g. B2C), access reviews, IAM lifecycle, etc.Design and implement the program across principles of RBAC, ABAC, PBAC, Segregation of duties, least privilege, etc.Identify gaps between existing processes, tools, and technologies and the desired future state, and develop prioritized recommendations to mitigate identified gaps.Spearhead the identification and selection of adequate and appropriate IAM tools.Develop a prioritized roadmap that outlines the steps and resources needed to deploy the necessary IAM Tools and processes.Lead implementation projects around IAM technologies and processes.Drive audit and compliance activities related to IAM by ensuring access controls are well-documented, aligned with regulatory requirements, and verifiable through regular access reviews, reporting, and evidence collection. Collaborate with internal and external auditors to support IAM-related audits and ensure timely remediation of findings.GovernanceAssist in the drafting, review, update, development, and implementation of security policies, standards, and procedures to secure access, ensuring security and compliance with associated risks, contracts, regulations, and industry standards.Create, maintain & enhance processes related to the lifecycle of Identity Access Management and supporting documentation, across the enterprise, including identity governance and administration (IGA), Privileged Access Management (PAM) and Customer identity and Access Management (CIAM).Drive enhancements to IAM security that are both practical and achievable using a balanced approach that considers business needs as well as information security risk.Risk ManagementConduct regular IAM risk assessments and vulnerability assessments, making recommendations for improvements and mitigation strategies, accounting for people, processes, and technology, and associated security controls.Work with management to assess, design, and implement IAM solutions and operating processes to address key and evolving risks.Assist in the third-party risk assessments process to ensure risk identification, transparency and business acceptance and contractual obligations.Compliance ManagementControl monitoring and review of internal security risk assessments associated with the IAM program.Ensure compliance with relevant regulations and industry standards (specifically, ISO 27001).Develop, document, and assess measures, metrics, and internal controls.Audit ManagementAssist in all current and future security related audit and certification processes.Support audit and assessment activities, such as internal and external audit, vendor assessments, benchmarking, etc.Continual ImprovementStay current with industry trends and emerging technologies and identify opportunities to integrate them into the IAM and information security program.Identify new identity and access management requirements through industry resources, research, and consultation with technology subject matter experts.The Experience You NeedBachelors degree in computer science or the equivalent work experience is required. Graduate degree preferred.Information security certifications, such as CISSP, CISM, ISO27001, CCSP or equivalent preferred.Minimum of 5 years of prior experience in Identity and Access Management in a medium or large size organization is required.2 years of experience in managing deployments of at least one of the following IAM vendors suites: Microsoft Entra ID Governance, SailPoint, Saviynt, CyberArk, Okta, BeyondTrust or similar solutions.Management experience in financial services industry is beneficial.Experience with information security management frameworks is preferred.Knowledge of zero-trust security principlesSkills And AttributesStrong interpersonal communication, analysis, and writing skills.Able to align management and leadership strategies when working on projects.Ability to work effectively with business unit and IT department managers, including Application Development, Infrastructure, Operations, Network, Technical Support, and others.Superior verbal and written communication skills.Must be a team player.Ability to successfully lead extended teams through new and complex concepts and processes.Working Environment And Physical Demands AnalysisOffice environmentPeriods of high volume with tight timelinesLong periods of stationary position/sittingProlonged periods of repetitive movement (i.e. using a keyboard and mouse)Long periods of time in viewing a computer screenMulti-tasking may include speaking to customers on a telephone call while looking up information on a computer program.Why join First National?Competitive CompensationComprehensive benefits program (i.e., Health Spending Account, Maternity and Parental Leave Top Up)Hybrid working environment.Extensive training programs to set our employees up for successModern office environment conducive to collaborationSupportive teamwork cultureOpportunities to give back to the communities and work through events focused on a variety of charitiesOngoing social events throughout the yearThe Team Youll JoinFounded in 1988, First National is one of Canadas largest non-bank lenders. We provide residential mortgages exclusively through the mortgage broker channel and we are Canadas largest commercial mortgage lender.First National has been consistently recognized as a great place to work and we are proud that our employee engagement feedback is higher than our industry partners.We would like to thank all applications for their interest in this existing vacancy, but only candidates selected for an interview will be contacted.#FNLOONSeniority levelSeniority levelMid-Senior levelEmployment typeEmployment typeFull-timeJob functionJob functionInformation TechnologyReferrals increase your chances of interviewing at First National Financial LP by 2xSign in to set job alerts for Information Security Manager roles.Senior IT Manager, Operations and SecurityPractice Director, Cyber and Information Security ServicesSecurity Supervisor - Law Society of Ontario - Downtown TorontoSenior Manager, Security GRC & EngineeringSecurity Supervisor - Law Society of Ontario - Downtown TorontoCyber Threat Detection and Prevention Manager, Deloitte Global TechnologyDirector, Cyber and IT Risk Framework Policy and StandardsApplications Development Manager, Security ToolingRichmond Hill, Ontario, Canada 6 days agoSenior Information Security and Compliance ManagerSenior Manager, Information Security & Compliance (CISO)Senior Manager, Cybersecurity OperationsData Security Manager, Information Security, ITCybersecurity Investigator, Enterprise Cybersecurity & Data InvestigationsSenior Manager, Information Security ArchitectureManager, Cyber Resilience & Offensive SecuritySenior Information Security Business ManagerWere unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr