**About the Role** As a **Identity and Access Management (IAM) Engineer** , you will play a key role in ensuring secure and efficient access to technology resources across the organization. You will be an integral part of the BFS team, collaborating closely with the Cybersecurity Practice team to support enterprise-wide identity initiatives. **In this role, you will:** + Design, implement, and maintain integrations with identity platforms such as PingFederate, Entra ID, and Azure Identity tools. + Develop and manage secure authentication and authorization solutions using OAuth, OIDC, and SAML. + Provide advanced guidance on identity federation, single sign-on (SSO), and token-based authentication. + Partner with infrastructure and application teams to ensure seamless identity and access flows across systems. + Analyze and resolve identity-related issues, identifying root causes and implementing long-term solutions. **Work model:** We believe hybrid work is the way forward as we strive to provide flexibility wherever possible. Based on this role’s business requirements, this is a hybrid position requiring 2 to 3 days a week in a client or Cognizant office in Toronto, ON. Regardless of your working arrangement, we are here to support a healthy work-life balance though our various wellbeing programs. The working arrangements for this role are accurate as of the date of posting. This may change based on the project you’re engaged in, as well as business and client requirements. Rest assured; we will always be clear about role expectations. **What You’ll Need to Be Considered** + Strong practical experience with OAuth 2.0, OIDC, and SAML, including their application in enterprise environments + Demonstrated experience configuring and integrating PingFederate, including policy management + Proficiency with Microsoft Entra ID (formerly Azure AD) and related Azure identity tools + Working knowledge of identity lifecycle management, federation, and access governance + Ability to effectively communicate identity and access concepts to both technical and non-technical stakeholders **These will help you stand out:** + Experience leading IAM architecture or strategy initiatives + Familiarity with modern identity frameworks and zero trust principles + Exposure to cloud-native IAM solutions beyond Azure (e.g., AWS IAM, Okta) + Relevant certifications (e.g., CISSP, Microsoft Certified: Identity and Access Administrator Associate) We're excited to meet people who share our mission and can make an impact in a variety of ways. Don't hesitate to apply, even if you only meet the minimum requirements listed. Think about your transferable experiences and unique skills that make you stand out as someone who can bring new and exciting things to this role. Cognizant will only consider applicants for this position who are legally authorized to work in Canada without requiring employer sponsorship, now or at any time in the future. **\#LI-KV1 #CB #Ind123** Cognizant is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.