SailPoint Architect

Why you’ll love working here:

• high-performance, people-focused culture

• our commitment that equity, diversity, and inclusion are fundamental to our work environment and business success, which helps employees feel valued and empowered to be their authentic selves

• learning and development initiatives, including workshops, Speaker Series events and access to LinkedIn Learning, that support employees’ career growth

• membership in HOOPP’s world class defined benefit pension plan, which can serve as an important part of your retirement security

• competitive, 100% company-paid extended health and dental benefits for permanent employees, including coverage supporting our team's diversity and mental health (e.g., gender affirmation, fertility and drug treatment, psychological support benefits of $2,500 per year, parental leave top-up, and a health spending account).

• optional post-retirement health and dental benefits subsidized at 50%

• yoga classes, meditation workshops, nutritional consultations, and wellness seminars

• the opportunity to make a difference and help take care of those who care for us, by providing a financially secure retirement for Ontario healthcare workers

Job Summary

Our Information Security group is looking for an experienced individual who can fill a permanent, fulltime SailPoint Architect, Identity and Access Management role.  The SailPoint Architect, IAM, will report to the Director of Identity Security & Access Management and is responsible for the overall implementation and expansion of HOOPP’s SailPoint system.

This role is directly involved in the strategic direction for Identity Governance & Administration at HOOPP and requires in-depth knowledge of Identity concepts and systems, specifically with SailPoint. The role will provide architectural and technical guidance for the team and ensure that HOOPP’s goals with access management within SailPoint are met.  The Architect must be capable of solving problems within the complex technical solution, guiding, influencing the team to deliver optimal technical solutions, and operationalizing an ongoing rollout of SailPoint. They will ensure that the strategy is executed and delivered contributing to the strategic goals of the organization.

What you will do:

Technical and Operational Support:

• Evaluate an existing SailPoint implementation and analyze gaps, potential opportunities for improvement

•  Research, design, and implement solutions for connecting SailPoint to various custom, SaaS, vendor-managed, commercial, and legacy applications 

• Integrate multiple identity management systems with authoritative sources and target applications 

• Suggest best practices in an IGA and build a roadmap for how to deploy additional value-add features 

• Apply troubleshooting techniques to dissect complex, cross functional issues in a multi-source environment, identify root causes and implement effective solutions 

• Write Transform maps, Web Services and API calls (REST/SOAP) 

• Implement new Lifecycle States, Roles, Access Profiles, as required and as new requirements are discovered 

• Create and maintain custom SailPoint Connectors and integrations using the Java programming language 

• Design and implement Role Based Access Control within the platform 

• Participate in audits around the SailPoint system and controls 

• Operationalize the ongoing onboarding of applications to SailPoint 

• Configure and coordinate SailPoint Certification Campaigns for User Access Reviews 

Leadership and Strategic Vision:

• Provide leadership, architectural and technical guidance for the team and ensure that HOOPP’s goals with access management within SailPoint are met 

• Partner with the Director on the SailPoint and Access Management roadmap. 

• Advocate and participate in the continuous improvement of the SailPoint system. 

• Collaborate with leadership, business, and departmental teams to support operations and deliver projects and services.  

• Partner with the Product/Service Owner to help establish objectives and key results, maintaining focus on high-priority InfoSec and/or organizational priorities.  

• Guide teams through large, ambiguous, and intricate projects, offering innovative solutions with minimal supervision.  

• Effectively communicate complex concepts, encourage diverse perspectives, and facilitate informed decision-making within the team.  

Agile Scrum Practices and Collaboration: 

• Actively participates in Agile Scrum practices including daily standups, backlog refinement, planning, and sprint retrospectives. 

What you bring:

• Minimum of 7 years of experience in Identity Access Management (IAM), including process creation and management, governance, and end-to-end systems implementation 

• Prior experience in leading SailPoint implementations, including connecting authoritative sources, defining identity profiles, creating transform maps, and ensuring  successful data migrations

• Minimum of 3 years in an architecture or development leadership role, gathering requirements, producing technical architecture and design documents, and facilitating workshops with stakeholders from other business units and teams.  Ability to translate business requirements into technical details for implementation as a team. 

• Ability to mentor junior team members with technical guidance and support 

• Deep understanding of IAM technologies and standards (e.g., SAML, OAuth, OpenID Connect).  

• Knowledge of Active Directory, shell scripting, Java, Javascript, 

• Experience working in an agile framework, agile ceremonies, etc  

• Outstanding communication skills with stakeholders and team members, ensuring clear and effective interactions. 

• Innovative, motivated, and a quick thinker.  

• Collaborative team player adept at building relationships.  

• Ability to thrive under pressure and adapt to changing business needs.  

• Passionate about driving growth and supporting business objectives through technical excellence 

• SailPoint Certified IdentityNow Engineer required; Additional security certifications such as CISSP recommended