IT Advisor (Identity and Access Management)

BC Hydro

Powered by water… and by people like you

Providing clean electricity to 4 million customers takes a diverse workforce and that’s where you come

in. We need your talent to help us build major projects to meet growing demand. To help our

customers find clean energy solutions for their homes and businesses and to be ready to respond

during storms and outages to keep our system reliable.

Working for BC Hydro is meaningful. And now, the stakes have been raised as we work towards a

solution to climate change while safely providing clean, affordable electricity to our customers.

We offer a healthy work life balance, training opportunities and career progression. We’re proud to be

ranked as one of B.C.’s Top Employers and one of Canada’s Best Diversity Employers. Join us as we

build an even cleaner B.C.



The Identity and Access Management Advisor (IAM Advisor), is responsible for the analysis,

implementation, and maintenance of all components of digital identity, including enrollment and

identity proofing, authentication and lifecycle management, and federation and assertions. They

will provide in-depth technical consultation to projects and IT management and assist in

development, specification, implementation, and communication of IAM applications, processes,

and architecture. The IAM Advisor will protect BC Hydro’s information assets by ensuring that the

right people have access to the right services at the right time for the right reasons.

IAM (Identity and Access Management) Activities:

  • Provides Subject Matter Expertise (SME) for Identity and Access Management (IAM) projects

and capabilities, ensuring alignment with IAM vision and cybersecurity strategies.

  • Monitor the day-to-day operational responsibilities related to IAM including single sign-on,

authentication, multifactor authentication (MFA), identity governance, privileged access

management, and secrets management.

  • Conduct routine audits of IAM applications to ensure compliance with established standards,

policies, and configuration guidelines.

  • Practice continual improvement for IAM practices and participate in activities to identify and

implement improvements including internal measurement KPIs, security practice reviews, and

internal/external audits.

Business Strategy:

  • Works closely with the business units and staff to ensure consistency when delivering IAM

capabilities and outcomes.

  • Aligns IAM processes across the organization and contributes to the development of standards.

  • Fosters an understanding of the need for and application of the IAM system, and facilitates

decision making with the business users.

  • Builds positive working relationships with IAM stakeholders and identifies opportunities to

improve engagement.

Service Delivery Oversight:

  • Oversees service provider delivered IAM services, ensuring that contractual requirements and

service levels are met, and BC Hydro policies and standard are adhered to.

  • Develops, measures, and reports IAM related KPIs

Training and Certifications:

  • Bachelor’s degree in computer science, information systems, cybersecurity, or a related field.

  • Identity management training and experience in one or more of the following areas Privilege

Access Management (PAM), Identity Governance and Administration (IGA), and Digital Identity


  • [5+] years of experience in technology implementation and operation, including: [3+] years of

experience with IGA systems and/or directory services, and [3+] years integrating identity

management, access management, and access governance software into clients’ infrastructure

and applications both on premise and cloud.

  • Preference will be given to applicants with certifications in one or more public cloud platforms

and those who are Certified Information Systems Security Professional (CISSP) and/or Certified

Identity Professional (CIDPRO).

Technical and Business Experience:

  • Expert understanding of IAM concepts, including federation, authentication, authorization,

access controls, access control attacks, and digital identity lifecycle management.

  • Experience with administrating authentication technologies, such as Microsoft Active Directory/

Windows authentication, Azure AD/DS, LDAP, and/or federated identity management.

  • Subject matter expertise for projects in one or more of the following areas: single sign-on (SSO),

identity federation, enterprise directory architecture and design (directory schema, directory

services, namespace and replication topology), resource provisioning, and process integration.

  • Familiarity with Identity and access governance including access controls (RBAC, ABAC, PBAC,

RAdAC), access request and certification, user life cycle management processes, and

organizational change management.

  • Experience auditing IAM infrastructure through account discovery activities with scripting tools,

CMDB systems, PAM discovery tools, stand-alone CIEM tools, CASB tools, and/or SIEM logs.


PN 2025637

We’re always looking for exceptional people to bring new ideas, fresh thinking and the motivation

to help shape the electricity system in B.C. It’s an exciting time to be a part of our team as we

invest in our system and prepare to meet the challenges of tomorrow.

Our values guide our work. Want to join us?

We are safe.

We are here for our customers.

We are one team.

We include everyone.

We act with integrity and respect.

We are forward thinking.

BC Hydro is an equal opportunity employer.

We include everyone. We welcome applications from anyone, including members of visible

minorities, women, Indigenous peoples, persons with disabilities, persons of minority sexual

orientations and gender identities, and others with the skills and knowledge to productively

engage with diverse communities.

We are also happy to provide reasonable accommodations throughout the selection process and

while working at BC Hydro. If you require support applying online because you are a person with a

disability, please contact us at [email protected]

BC Hydro has a COVID-19 Vaccination Policy that requires employees to have a full series of

COVID-19 vaccine and provide proof of vaccination on request. This Policy is currently suspended

but may resume at BC Hydro’s discretion. While the Policy is suspended, all new employees are

required to disclose their vaccination status to BC Hydro.

Flexible work model role definitions


Our four role types identify the degree of flexibility an employee could have to work from home

based on the type of work they do. The flexibility for an individual job is up to the manager for

each position and the operational requirements. Employees also have the right to work full-time

from the office if they prefer. All of our roles require at least some in-person time.

IBEW/Field – No option to work from home

Resident – Works primarily (4+ days per week) in the office.

Hybrid – May be able to work from home up to 3 days per week.

Remote – Works from home 4+ days per week


Don’t forget to update your Candidate Profile with your current resume and copies of your

certifications. If applicable, include your Trades Qualification. This will ensure we have all the

necessary information to assess your application without any delays.

Date Posted:
2022-11-24 Closing Date: 2022-12-16

Quick Apply
To help us track our recruitment effort, please indicate in your cover/motivation letter where ( you saw this job posting.

Leave a Reply