Identity Analyst - Data Access Security

Work Arrangement: Onsite in Downtown Toronto (Monday–Thursday) with Remote Work on Friday.

Role and Responsibilities

• Analyze large sets of access data to identify irregularities or risks with access permissions.
• Implement and manage automated access reviews and periodic attestation campaigns for data repositories across the organization.
• Continuously monitor privileged and sensitive data access and configure real-time alerts for risky activities.
• Identify and remediate access anomalies and risks including over-privileged users, dormant accounts and externally shared data.
• Develop and streamline data access governance workflows to reduce manual effort and support governance.
• Collaborate with business units to designate appropriate data owners and ensure access certifications are completed accurately.
• Utilize data classification and usage insights to prioritize protection of sensitive information.
• Prepare and maintain robust audit reporting and documentation related to data access.
• Collaborate with Data Governance, IAM and compliance teams to integrate governance tools with existing platforms and workflows.

Qualifications

• Bachelors degree in computer science, Information Security or a related field.
• Relevant security certifications such as CISSP, CIAM or SailPoint Certified Identity Security Engineer are a plus.

Preferred Skills

• Strong understanding of IAM principles and data access governance best practices.
• 3+ years of experience in access management, security analysis or IAM roles.
• Familiarity with managing permissions in Microsoft 365 environments (e.g., SharePoint Online, OneDrive) as well as other data repository platforms.
• Understanding of how access is granted and controlled (groups, roles, ACLs) across various systems.
• Experience with identity governance tools (e.g., SailPoint DAS, Microsoft Entra, Microsoft Purview) and scripting for automation.
• Strong analytical and problem-solving skills.
• Excellent communication skills and ability to collaborate with technical and business stakeholders.
• Familiarity with compliance standards (e.g., SOX, GDPR) is a plus.
• Experience with ITSM/ticketing systems like ServiceNow is beneficial.