Security Identity Consultant (Permanent)

CoreFactor is searching for a Security Identity Consultant on a permanent/full-time basis for a client in the GTA. This position is hybrid and will require the successful incumbent to be in the office four (4) days per week. The Role: As the Security Identity Consultant, you will report to the IAM Manager to help build and grow our cyber practice from the ground up. This is a rare full-time opportunity to join a client on their journey on the forefront of cybersecurity, grow with them, and help shape the future of the security organization. ​ This role requires a motivated self-starter with strong analytical and problem-solving skills combined with an ability to synthetize technical information into clear and concise summaries and recommendations. You will have a deep understanding of Active Directory (on premise and cloud), conditional access policies, privileged identity management, and privilege access management. Preferred candidates will have a solid foundation in IAM identity and access management principles as well as foundational knowledge of industry-specific regulations, standards, and frameworks. You are passionate about security and compliance and believe in due diligence. Snapshot of a Day-in-the-Life: Lead enterprise-wide AD/Entra and overall infrastructure on IAM operations and design Foster process improvement, automation and best practice in our current AD/Entra landscape Proactively identify and remediate process, procedure, and implementation gaps Troubleshoot AD/PAM access issues and document the one time and automated resolutions Support AD controls compliance and visibility through reports and documentation maintenance Design, document and deliver scalable, secure, and highly available AD based solutions Collaborate with the Infrastructure, Database, Security Engineering, User Experience, and Project Office to deliver on projects Participate in identity based risk remediation activities Ensure compliance with policies and procedures to meet requirements and industry regulations Supports control activities throughout the IAM Lifecycle (joiner/leaver/mover/access review) Audit and implement access based on practices of least privilege, segregation of duties Drive scheduled and ad hoc access reviews for user, privileged, and administrative access Ensure continual IAM lifecycle improvements policies, procedures, design, and automation Where applicable, action users, groups, roles and access policies for AD/Entra Perform access and security audits in accordance with regulatory and audit compliance Identify potential IAM risks unique to each situation and help mitigate potential threats Other collaboration, documentation, and implementation work as needed Requirements Skills: Strong analytical skills with high attention to detail and accuracy Risk management, tracking, and resolution cross functionally (e.g Infrastructure, Cloud, Data) Organize, prioritize and track project and operational activities on a day-to-day basis Exceptional verbal and written communication skills at all levels of the organization Working knowledge of large IT organization operations including change management Hands-on ability to work with AD/Azure and underlying technologies (e.g. MS Windows servers) Implementation level knowledge of IAM principles: PAM, SSO, SOD, RBAC, Least Privilege, etc Established ability to interface with architecture in creation of connection kits and patterns Ability to generate reports (e.g. PowerShell) and perform analysis (e.g. Excel and PowerPoint) Exceptional analytical abilities, providing IAM lifecycle and risk context to recommendations Produce and update procedural documents to ensure IAM program success/business continuity Knowledge of local, cloud and hybrid Directory Service architecture Experience supporting security administration, operations, or security architecture Proven clarity in documenting complex problems at senior management level People: Collaborate while balancing business, security, and organizational needs Work cross-functionally with technical teams (Infrastructure, Cloud, Data, Security etc.) Interface with and provide clarity between technical and non-technical teams Manage expectations, solve problems, and actively foster core values Ability to create allies through thorough understanding of business/security value adds Experience: 5+ years of hands on experience in various security and IAM functions (AD, IAM, PAM, etc.) 3+ years of experience in project delivery Extensive practical experience with AD/Azure IAM functions e.g. groups, access policies Some hands-on experience in PAM/IAM tools as well as user lifecycle management Project experience in proactively identifying, tracking and closing risks and issues Comfortable in delivering multiple workstreams accurately and within timelines Familiarity with Zero Trust principles relating to the Identity pillar Certifications & Education: Microsoft certifications on AD/Entra (preferred) IAM product specific certifications such as Delinea, or SailPoint Bachelor’s degree in Information Technology, Engineering or Computer Science Certifications in Information Security such as CIAM, CIMP, CIST, CISSP, CISM, CRISC, CC