emergiTEL is hiring a Senior IAM Consultant for our client in the professional services and consulting industry. This is a Contract role.

Compensation: $112 – $140/hour
Location: Ottawa, ON (4 days in office)
Job Description (English)

Engagement Details

• 9-month contract to start with high possibility of extension
• Security Clearance: Secret (eligible for Top Secret)

Overview

We are supporting a large enterprise client on a Google Distributed Cloud (GDC) deployment and are seeking a Senior IAM Consultant to lead key components of the identity workstream.

This role will focus on identity federation, architecture, and secure access design within a disconnected (air-gapped) environment, where systems must operate independently of external cloud services. You will work closely with security, infrastructure, and platform teams to deliver a resilient IAM solution in a highly complex enterprise setting.

Key Responsibilities

IAM Architecture & Federation

• Design and implement end-to-end identity federation across multiple IdPs (Azure AD / Entra ID, Keycloak)
• Define IAM architecture patterns including SSO, MFA, JIT provisioning, and directory synchronization
• Establish trust relationships using SAML 2.0, OIDC, and OAuth 2.0
• Implement RBAC / ABAC models and identity governance standards

Keycloak & Identity Platform Engineering

• Configure and manage Keycloak (realms, clients, authentication flows, identity brokering)
• Integrate Keycloak with Active Directory and external IdPs
• Support hybrid identity models with Azure AD / Entra ID
• Automate IAM configurations using tools such as Terraform, Ansible, or APIs (nice to have)

Google Distributed Cloud (GDC) / Disconnected Environment

• Design IAM solutions for air-gapped or offline environments
• Configure identity services without reliance on external SaaS or public cloud endpoints
• Enable secure identity federation within constrained network environments
• Support application onboarding and identity integration within GDC

Security & Compliance

• Apply Zero Trust principles including least privilege and risk-based access
• Support audit, compliance, and IAM security reviews
• Partner with SOC / SIEM teams for identity monitoring and logging

Required Experience

• 5+ years of hands-on IAM engineering experience
• Strong experience with Active Directory (AD / LDAP integration)
• Strong hands-on experience with Keycloak
• Experience with Azure AD / Microsoft Entra ID
• Experience with IBM Verify or similar IAM platforms
• Deep understanding of identity protocols (SAML, OIDC, OAuth, LDAP)
• Experience in large enterprise environments (50,000+ users)
• Experience designing IAM solutions in complex or disconnected environments
• Proven ability to translate IAM requirements into architecture and implementation

Nice to Have

• Experience with Infrastructure-as-Code tools (Terraform, Ansible, Helm)
• Exposure to PAM solutions (CyberArk, BeyondTrust)
• Experience in regulated or secure environments (government, defense)
• Familiarity with Zero Trust frameworks

Vacancy Status / Statut du poste
This is an active position currently open for hiring. / Ce poste est activement ouvert au recrutement.

Use of Artificial Intelligence / Utilisation de l'intelligence artificielle
No artificial intelligence (AI) is used in the screening or selection process. All applications are reviewed by our recruitment team. / Aucune intelligence artificielle (IA) n'est utilisée dans le processus de présélection ou de sélection. Toutes les candidatures sont examinées par notre équipe de recrutement.

Equal Opportunity / Égalité des chances
emergiTEL is committed to creating a diverse and inclusive workplace. We welcome applications from all qualified individuals regardless of background. Hiring decisions are based solely on skills, experience, and qualifications relevant to the role. / emergiTEL s'engage à créer un milieu de travail diversifié et inclusif. Nous accueillons les candidatures de toutes les personnes qualifiées, quel que soit leur parcours. Les décisions d'embauche sont basées uniquement sur les compétences, l'expérience et les qualifications pertinentes pour le poste.