Senior PAM Engineering Specialist

Permanent Full Time 

-

We are building a diverse and inclusive workplace where your career and well-being are championed. You’ll have the opportunity to excel in your way, finding new and better ways to deliver exceptional customer and advisor experiences. Our Privilged access and Directory services squad is part of the Identity and Access Management group. This team is responsible for designing, implementing and operating processes and technologies that support Canada life Privileged Access and Directory service solutions.

In this role, you will work closely with your team, as well as architects and technical leads across different technology areas, to design, build, and support privileged access management (PAM) solutions across Canada Life. Your main focus will be on securing application secrets and supporting cloud-based PAM solutions. You will help ensure that sensitive credentials are managed safely and efficiently. As part of daily operations, you will also help handle and resolve complex (Level 3) privileged access requests and issues.

What you will do:

• Design, implement, and maintain enterprise PAM solutions (e.g., CyberArk, BeyondTrust, Delinea, Microsoft Entra ID PIM).
• Develop secure architectures for privileged identity lifecycle management, credential vaulting, session management, and least privilege enforcement.
• Lead PAM platform upgrades, integrations, and modernization initiatives across on-premises and cloud environments.
• Implement role-based, just-in-time (JIT) and Zero Standing Privileges (ZSP) access models to minimize standing privileges.
• Define and enforce PAM standards, patterns, and best practices.
• Develop and maintain automation workflows (scripts, APIs, pipelines) for onboarding accounts, credential rotation, and access provisioning.
• Integrate PAM solutions with enterprise systems including Active Directory, Azure AD / Entra ID, cloud platforms (AWS, GCP), DevOps tools, and applications.
• Provide L3 engineering support for complex PAM incidents and issues.
• Act as a subject matter expert (SME) for PAM within the organization.
• Mentor junior engineers and guide cross-functional teams.
• Collaborate with security, infrastructure, application, and cloud teams to drive PAM adoption.
• Contribute to roadmap planning and strategic initiatives for identity security.

What you will bring:

• 5 years of experience in the administration of PAM solutions is required.
• A degree or equivalent education in a related discipline such as Computer Science, Business Computing, Engineering, or Commerce is required.
• Minimum of 3 years experience in designing, implementing and troubleshooting CyberArk PASM, CyberArk Secret Manager or any other related PAM solution. 
• 2 years experience in implementing Just-in-Time and Zero Standing Privileged Access.
• Good understanding of REST API, Oauth, JWT and experience in setting up applications to retrieve secrets from the vault will be vaulable
• Some experience in scripting (Bash, Python, Pwershell) will be an added advantage.
• Advanced problem-solving and analytical skills.
• Strong communication and stakeholder management abilities.
• Strategic thinking with a hands-on technical mindset.
• Ability to lead initiatives and influence security practices across the organization.
• Attention to detail with a strong focus on security and compliance.

-

The base salary for this position is between $100,800 - $130,800 annually. This represents base salary only and does not represent other variable compensation components of our total compensation ( i.e. annual bonus, commission etc). If you are selected to move forward in our recruitment process, your recruiter will be able to discuss additional details of our total rewards program with you.

Career opportunities will be open a minimum of 5 business days from the date of posting, closing dates will vary depending on the search activity. All applications received will be reviewed on a rolling basis.

Grow with Canada Life 

We’re united by a shared purpose: to improve the financial, physical and mental well-being of Canadians. Our company is trusted by 1 in 3 Canadians and contributes to the strength of communities across the country.  

We’re looking for people who live our values everyday: we step up, we do the right thing, and we deliver – for our customers, communities and each other. Are you someone who always strives to do the right thing, who steps up for themselves and others, and who delivers with impact? Then we want to hear from you! 

What we offer:  

We’re committed to supporting our employees through every stage of their career. Here’s what you can expect as a full-time or part-time permanent team member: 

• Career Development: Opportunities for career advancement, access to industry-leading learning programs and up to $2,000 annually towards education reimbursement. 

• Health & Wellness: Flexible health and dental benefits, plus a $5,000 mental health benefit to support your well-being. 

• Time Off: In addition to regular vacation and personal days, we support community involvement with a volunteer day.  

• Financial Security: Company-matching pension plan, share ownership program and additional investment options. 

• Rewards and Recognition: Employee recognition programs, service milestone celebrations, employee discounts and more!  
• Emphasis on Community: We provide a workplace where employees feel connected and supported through Employee Resource Groups (ERGs), mentorship programs, social clubs and events.  

Learn more about Canada Life.  

We’re committed to removing barriers and ensuring equal access to employment. Applicants requiring reasonable accommodation during the application process may contact  talentacquisitioncanada@canadalife.com. All information provided will be handled in accordance with applicable laws and Canada Life policies.  

Canada Life would like to thank all applicants, however only those who qualify for an interview will be contacted. 

#LI-Hybrid