Senior Security Operations Engineer

 

Description:

As part of the GFL IT Operations team, you will be deeply involved in modernizing IAM/PAM frameworks, securing cloud-hosted platforms, and ensuring that legacy products maintain compliance with security best practices.

 


Key Responsibilities

  • Lead IAM/PAM Initiatives – Design, implement, and maintain Privileged Access Management (PAM) solutions (CyberArk) and Identity Governance & Administration (IGA) platforms (Saviynt, SailPoint).

  • Enhance Zero Trust Security – Implement Zero Trust principles for identity security, including least privilege access, role-based access control (RBAC), and multi-factor authentication (MFA).

  • Conduct IAM/PAM Risk Assessments – Identify security risks in identity workflows, privileged access, and account provisioning, providing recommendations for remediation.

  • IAM Policy & Compliance Enforcement – Ensure IAM/PAM security policies comply with NIST, PCI-DSS, HIPAA, SOC 2, and ISO 27001 frameworks.

  • Automate Identity & Privilege Management – Develop automated access provisioning, deprovisioning, and access review workflows using IAM tools and DevOps pipelines (Terraform, Ansible, GitHub).

  • Harden Cloud-Based IAM Security – Secure AWS IAM configurations, federated access (SAML, OAuth), secrets management, and identity federation across cloud environments.

  • Collaborate with IT & DevOps – Work with cross-functional teams to integrate IAM/PAM security controls within network, cloud, and application environments.

  • Monitor & Respond to Identity Security Incidents – Investigate IAM/PAM-related security incidents, perform root cause analysis, and ensure proper audit logging.

  • Develop IAM/PAM Documentation & Training – Maintain security documentation, including IAM governance policies, role-based access models, and security control standards.

  • Stay Updated on IAM/PAM Security Trends – Continuously research new identity security threats, access control trends, and best practices to strengthen GFL’s security posture.

 

The culture:
GFL is committed to providing everyone with the opportunity to thrive, this means.

  • Our working arrangements can be flexible to accommodate your priorities

  • We have a training budget so you can keep your continuous personal development up to date

  • Volunteering options available to engage with the wider community

  • A respectful and considerate workspace, working alongside colleagues from across the wider business

  • Recognition for a job well done and not just the superhuman push at the end


Requirements

  • Bachelor's degree in computer science, Information Security, or a related field, or equivalent work experience.

  • At least 5 years of experience in network and cloud security, with a strong focus on Identity and Access Management (IAM) and Privileged Access Management (PAM).

  • 3+ years of hands-on experience with IAM/PAM solutions, including Saviynt, SailPoint, and CyberArk.

  • Familiarity with Infrastructure as a Service (IaaS), Infrastructure as Code (IaC), and related concepts on Amazon Web Services (AWS).

  • Experience designing and managing IAM/PAM frameworks, including role-based access control (RBAC), attribute-based access control (ABAC), and Zero Trust security models.

  • Hands-on experience with Saviynt and SailPoint for Identity Governance & Administration (IGA), access certification, provisioning workflows, and automated access reviews.

  • Strong expertise in CyberArk PAM solutions, including Vault, PSM, CPM, EPM, and Privileged Session Management for securing privileged accounts.

  • Knowledge of cloud-based IAM security controls, including AWS IAM, identity federation, SSO, MFA, secrets management, and policy-based access controls.

  • Skilled experience in Cloud Security Architecture and Cloud IAM security best practices, including tenant security, container security, network segmentation, and WAF configurations.

  • Hands-on experience with security tools and technologies, such as SIEM (Splunk, Dynatrace, Sentinel), WAFs (Cloudflare, AWS WAF), vulnerability scanners, and firewalls (Fortinet, Cisco).

  • Familiarity with IT service management processes, including change management, incident management, problem management, and configuration management.

  • Knowledge of compliance frameworks (NIST, PCI-DSS, HIPAA, SOC 2, ISO 27001) and their impact on IAM/PAM security strategies.

  • In-depth understanding of IAM automation with Terraform, Ansible, and DevSecOps pipelines (Azure DevOps, GitHub) for policy enforcement and security automation.

  • Strong analytical, problem-solving, and troubleshooting skills, with the ability to represent technical viewpoints to diverse audiences.

Organization GFL Environmental
Industry Operations Jobs
Occupational Category Senior Security Operations Engineer
Job Location Toronto,Canada
Shift Type Morning
Job Type Full Time
Gender No Preference
Career Level Intermediate
Experience 3 Years
Posted at 2025-02-22 5:40 pm
Expires on 2025-04-08