Overview

Do you want to play a key role in securing identity for thousands of users across cutting-edge CIAM and IGA platforms? As an Identity Specialist II, you'll design and operate modern identity solutions using ForgeRock (Ping Identity), SailPoint, and Microsoft Entra ID, directly influencing how secure access is delivered across the organization This role spans both Customer Identity (CIAM) and Workforce Identity (IGA) with a strong focus on authentication, authorization, user journeys, lifecycle management, and access governance. In this role, you'll work under the direction of the Manager, Cybersecurity Architecture & Compliance, to analyze, design, implement and support new and existing CIAM and IGA platforms. You'll act as a technical consultant to project teams, defining and evaluating new requirements, propose and implement solutions. Additionally, you'll address operational troubleshooting and pursue enhancements and improvements to existing CIAM, IGA and Azure SSO implementations. This role is instrumental in maintaining the security and efficiency of WorkSafeBC' s business applications by safeguarding access to confidential data.

How you'll make a difference: As an Identity Specialist II at WorkSafeBC, you'll be using leading-edge technology to help connect British Columbians to healthy and safe workplaces.

Where you'll work

At WorkSafeBC, we offer a hybrid work model that combines working remotely, and in our offices based on the operational needs of the position.

What you'll do

As an Identity Specialist II you will:

• Design and implement scalable IAM solutions across CIAM and IGA platforms (ForgeRock, SailPoint, Entra ID).
• Partner with project teams to translate business requirements into secure, scalable identity solutions.
• Build and integrate identity lifecycle workflows, APIs, and connectors with enterprise and cloud applications.
• Enhance authentication and authorization controls, including SSO, MFA, privileged access attestation and Entra conditional access policies.
• Perform installation, configuration, troubleshooting, and development of custom APIs, user journeys, and connectors to enhance CIAM services; integrate CIAM solutions with enterprise applications and cloud services.
• Monitor and improve identity security posture using metrics such as Microsoft Secure Score and align controls with NIST security principles.
• Monitor the Incident Management System, report, investigate, and coordinate problem resolution efforts, ensuring documentation for tracking diagnosis and root cause analysis.
• Ensure that WorkSafeBC Identity and Access Management systems meet current and projected business requirements by identifying gaps, researching, evaluating, and making recommendations for the latest developments, participating in business case creation, and coordinating integration with business and technology goals.
• Consistently models the appropriate level of organizational behaviours expected of all WorkSafeBC employees: responsive, respectful, fair, collaborative, accountable, and forward thinking.

Is this a good fit for you?

We're looking for someone who have:

• Strong problem-solving skills in complex identity and authentication scenarios.
• Ability to design secure, scalable identity architectures.
• Experience balancing security, usability, and performance in IAM solutions.
• Effective collaboration with developers, architects, and business stakeholders.
• Continuous learning mindset in evolving identity standards and threats Anticipate, organize, and prioritize work to meet both short- and long-term goals.

Your background and experience:

• A bachelor's degree in computer science or a STEM (science, technology, engineering, math) field
• A minimum of three years of hands-on experience implementing IAM solutions, including:

• SSO integration (SAML, OAuth, OIDC)
• Identity lifecycle and provisioning
• Application integration and connector development

The following requirements are preferable but not mandatory.

• Technical specialist knowledge of the following: IAM platforms: ForgeRock, SailPoint, and Microsoft Entra ID or an equivalent enterprise IAM product
• Authentication protocols: OAuth 2.0, OIDC, SAML 2.0
• Directory services: Active Directory, Entra ID
• Access controls: Conditional Access, MFA, Zero Trust principles
• Privileged access management (PAM) solutions
• API and integration development (REST, JSON)
• Cloud platforms (Azure preferred)
• Security frameworks (NIST, Zero Trust, defense-in-depth)

An IT security-related certification such as CISSP, CISM, or SSCP is preferred.

Learn more: For more information about this position, including the necessary knowledge, skills, and abilities (KSAs); job description; and awareness items, see the job profile on WSN.

Important to know

Before we can finalize any offer of employment, you must:

• Consent to a criminal record check.
• Confirm you're legally entitled to work in Canada.

WorkSafeBC's COVID-19 Employee Mandatory Vaccine Policy (the "Policy") is suspended effective January 9, 2023, however we reserve the right to re-implement it in response to changes in the public health landscape, including public health orders. We are committed to the protection, health, and safety of our employees and our Communicable Disease Prevention Program and related protocols remain in effect.

Who we are

At WorkSafeBC, we promote safe and healthy workplaces across British Columbia. We partner with workers and employers to save lives and prevent injury, disease, and disability. When work-related injuries or diseases occur, we provide compensation and support injured workers in their recovery, rehabilitation, and safe return to work. We're honoured to serve the 2.49 million workers and 263,000 registered employers in our province.

What's it like to work at WorkSafeBC?

It's challenging, stimulating, and rewarding. Our positions offer diversity and opportunities for professional growth. Every day, the work we do impacts people and changes lives. What we do is important, and so are the people we do it for.

Our ability to make a difference relies on building a team with a rich variety of skills, knowledge, backgrounds, abilities, and experiences that reflects the diversity of the people we serve. We are committed to fostering a welcoming, inclusive, and supportive work culture where everyone can contribute as their best, authentic self.

Learn more: Discover who we are .

Our benefits

As a member of our team, you'll have access to services and benefits that help you get the most out of work and life. Along with a competitive salary, your total compensation package includes:

• Defined benefit pension plan that provides you with a lifetime monthly pension when you retire
• 3 weeks of vacation in your first year, with regular increases based on years of service
• Extensive health care and dental benefits
• Optional leave and earned-time-off arrangements
• Development opportunities (tuition reimbursement, leadership development, and more)

Learn more: Find out what we offer .

Salary: $48.46-$58.78/hourly

Want to apply?

• Applications are welcomed immediately, however must be received no later than 4:30 p.m. PST on the closing date.
• Please note that we will be starting assessments prior to the closing date.

We encourage all qualified applicants to apply. If you require an accommodation in the assessment process, please email Recruitment Testing Accommodation (SM) when you submit your application.

Any additional application materials must be received by email to HR Talent Acquisition (SM) by 4:30 p.m. PST on the closing date of the competition.