RiseMe
LoginSign Up
Apptoza Inc. logo
Apptoza Inc. Verified
Information Technology & Services, Software Development, Mobile Apps

Identity Security Engineer

Toronto, Ontario, CanadaHybridContractPosted 2 months ago

Is this role right for you?

Upload your resume and get a skill-by-skill breakdown — see exactly where you match, where you're close, and what to highlight. Not a mystery percentage.

Get a tailored resume highlighting what this role needs.

Role summary

This contract role is for an Identity Security Engineer with 7+ years of experience, focusing on IBM Security Access Manager (ISAM) and Java development. The position requires strong expertise in ISAM implementation, including WebSEAL, authentication/authorization policies, and federation protocols (SAML, OIDC, OAuth2). Proficiency in Java, Spring/Spring Boot, and REST APIs is essential, along with a solid understanding of IAM fundamentals like SSO and MFA. Experience with Linux/Unix and network fundamentals is also a must. The role involves working across security, infrastructure, and application teams. Preferred qualifications include experience with IBM Security Verify Access, LDAP, API gateways, containerization (Kubernetes, OpenShift), cloud platforms (Azure, AWS, GCP), CI/CD tools, and financial services domain security/compliance.

Role : IBM Security Access Manager (ISAM +JAVA )

Location : Toronto- 4 days

Duration : Contract

Exp Level : 7+years

"Job Description:

Must-Have

• Strong experience implementing and supporting IBM Security Access Manager (ISAM), including:

o WebSEAL configuration, junctions, ACLs, protected object space (POS)

o Authentication/authorization policies, session and cookie management

o Federation using SAML, OIDC, OAuth2

o Mapping rules / policy scripting (often JavaScript-based in federation flows)

• Solid Java development experience, preferably with:

o Spring / Spring Boot, REST APIs, microservices concepts

o Authentication and authorization patterns in distributed systems

• Strong understanding of IAM fundamentals:

o SSO, MFA concepts, token-based auth, identity lifecycle basics

• Experience with Linux/Unix, troubleshooting, logs, and network fundamentals (HTTP/S, TLS, headers, cookies).

• Strong communication skills and ability to work across security, infrastructure, and application teams.

Nice-to-Have

• Experience with IBM Security Verify Access (ISVA) (newer branding/evolution of ISAM)

• Experience with IBM Security Directory Server / LDAP tuning and troubleshooting

• Exposure to API gateways, WAF, reverse proxy patterns, and mTLS

• Containerization/Cloud knowledge: OpenShift/Kubernetes, Azure/AWS/GCP

• CI/CD tools: Jenkins/GitHub Actions/Azure DevOps, SonarQube, Nexus/Artifactory

• Banking/financial services domain experience and security/compliance familiarity (e.g., SOC2, PCI, PIPEDA).

Regards,

Email: ana@apptoza.com

Phone #: 6788247770

Ready to apply?
You'll be redirected to Apptoza Inc.'s application page.

Similar roles