As an Identity and Access Governance Associate, you will play a critical role in strengthening the organization's access management and cybersecurity posture. You will be responsible for designing, implementing, and maintaining policies, processes, and controls that govern user access across systems and applications, ensuring compliance with internal standards and regulatory requirements. This role combines technical expertise, governance acumen, and compliance knowledge to manage the full lifecycle of identity and access controls in a complex, enterprise-level environment.
Access Governance & Controls
Develop, maintain, and enforce identity and access management (IAM) policies, procedures, and standards.
Design and manage workflows in access provisioning systems, ensuring proper role-based access control.
Lead periodic entitlement and privileged access reviews to ensure compliance and minimize risk.
Monitor and investigate privilege misuse, escalation risks, and incorrect access rights.
Cybersecurity & Risk Management
Collaborate with Cybersecurity, Audit, Compliance, and Legal teams to define access policies and control procedures.
Support internal and external audits, ensuring timely response to access-related findings and requirements.
Maintain ongoing assessment of risks, threats, and vulnerabilities associated with access control.
Identify and respond to access management alerts, perform root-cause analysis, and implement long-term fixes.
Compliance & Governance
Ensure compliance with Quebec labor laws, head office policies, and regulatory standards.
Support continuous monitoring by reporting on Key Risk Indicators (KRIs) and Key Control Indicators (KCIs).
Help drive access control governance across regions, including campaigns initiated by Head Office (Paris).
User Lifecycle Management
Oversee user provisioning, de-provisioning, and transfers (HRM function) via unique user identifiers (UT code).
Perform the Local Entitlement Correspondent (LEC) role for managing access authorizations and requests.
Lead automation of identity-related processes using PowerShell scripting to enhance operational efficiency.
Advisory & Technical Support
Serve as a technical advisor on access-related issues for distributed IAM teams.
Provide guidance on modern IAM practices and contribute to training and awareness initiatives.
Partner with technology vendors (e.g., Varonis) for issue resolution, evaluations, and design improvements.
Bachelors degree in Information Technology or related field (advanced studies in Information Security a plus)
3+ years of experience in Identity & Access Governance or a related cybersecurity field
Familiarity with centralized access management systems, access provisioning tools, and Active Directory
Experience with entitlement and privileged access review processes
Strong understanding of IT security controls, alert monitoring, and compliance frameworks
Proficiency in PowerShell scripting for automation
Experience with Varonis DatAdvantage or similar access monitoring tools
Understanding of Role-Based Access Control (RBAC) models
Certification such as CISSP, CISA, or equivalent (preferred)
Bilingual (English required; French a strong asset)
Strong communication and presentation skills
Ability to work across business units and technical teams
Detail-oriented, analytical, and able to manage multiple priorities
Comfortable working in a high-compliance, fast-paced environment