Specialist Identity and Access Management

Canadian National Railway

At CN, we work together to move our company—and North America—forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion.

From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and safely and our employees can focus on value-added tasks. You will be able to develop your skills and career in our close-knit, safety-focused culture working together as ONE TEAM.

The careers we offer are meaningful because the work we do matters. Join us!

Job Summary

The Specialist Identity and Access Management (IAM) acts as a subject matter expert and provides guidelines on integration of new solutions into the IAM practice and tools.

The Specialist IAM will review existing processes and identify opportunities for improvement. This person will coordinate initiatives and projects for the team, working with internal and external partners.

Main Responsibilities

Process Management and Subject Expertise

• Provide subject matter expertise in the IAM domain.

• Organize committee meetings with stakeholders within the domain.

• Ensure IAM policies, standards and procedures for IAM are followed.

• Produce measures/metrics for the function.

• Ensure that auditing procedure and audit reports are executed.

• Review and assess operational processes to identify opportunities for improvement related to provisioning/de-provisioning, privileged access management, authentication/authorization, etc.

• Standardize IAM processes and ensure alignment of IAM processes to the IAM policies and standards.

• Develop, review and maintain strategic and tactical IAM initiatives to reduce risk, increase usability and operational effectiveness.

• Lead and provide guidance in implementing complex IAM projects.

Project management includes prioritization of activities, defining objectives, milestones and overall ensure successful on-time implementation and deployment.

• Transition projects to core operations.

• Direct Operations Support Responsibilities

• Handle all core, project and change requests within the domain; prioritize, analyze requests and engage required teams.

• Execute Identity lifecycle (Hiring, Change, Leave) within the domain.

• Work with stakeholders to gather requirements needed for new system and application integration within IAM.

• Control, monitor, and audit privileged access to systems and applications.

Working Conditions

This role will require off-hour support on a rotational basis.



• Minimum 7 years of relevant work experience

§ Minimum 5 years experience in Identity and Access Management

§ Experience of railway industry

§ Work experience within the IAM domain using a Central Identity & Access Management tool such as IBM Security Identity Manager (ISIM), Sailpoint or Saviynt.


• Bachelor’s degree in Computer Science, Information Systems or other related field, or equivalent work experience

• ITIL Management framework – Identity and Access Management.*

*Any designation for these above would be considered as an asset

General Skills and Competencies

• Ability to organize

• Project Management

• Ability to solve problems in innovative ways

• Collaborate as ONE team: build collaborative relationships with others

• Communicate effectively both orally and in written: adapt to the audience

• Ability to think and act under pressure

• Demonstrate an analytical mindset

• Communicate effectively both orally and in written (French and English).*

*Any skills/attributes for these above would be considered as an asset

Technical Skills/Knowledge

· In Depth Knowledge of privileged access management solution, preferably CyberArk.

· In Depth Knowledge of identity management solutions, preferably Saviynt

· In Depth Knowledge of SSO solutions

· In Depth Knowledge of Active Directory

· In Depth Knowledge of Azure and Google Cloud

· In Depth Knowledge of Conditional Access

· Able to script (Python, PowerShell)

· Terraform experience.

· Working knowledge of ServiceNow

· Knowledge of PKI Management

· Knowledge of Windows/Unix environments

· Detail-oriented self-starter with a high level of commitment and personal motivation

· Team player with great collaboration spirit

· Knack for prioritizing tasks and working in a fast-paced environment.

· Identity Federation and Privileged Access Management

· Knowledge of security in Windows Active Directory, Unix, IDM, Mainframe (ACF2, CICS, Natural) and/or other operating systems

· Knowledge of corporate organization structure: operational environments & processes

Organizational Impact

Decision Making & Impacts

The Specialist Identity and Access Management is a key player within I&T, controlling the quality of technology and service delivered into production.

The Specialist Identity and Access Management make recommendations to the business and I&T team members to assist in decision making (including during projects).

Level of Interaction/Influence

The Specialist interfaces directly with many key stake holders of the organization such as: Change Management, Release Management, Build and Operations Teams, Business and End User, Process Managers and Analysts, Application Support teams, Information Security, Internal Audit and Human Resources.

About CN

As a leading North American transportation and logistics company, CN is a true backbone of the economy. With a team of approximately 25,000 railroaders, our focus is on moving both our company and the economy forward.

We transport US$200 billion worth of goods annually for a wide range of business sectors from resource to manufactured products to consumer goods, across a 20,000-mile network spanning Canada and mid-America. CN is the only Canadian company listed in the Transportation and Transportation Infrastructure sector of the Dow Jones Sustainability World Index (DJSI).

Launched in 1999, the DJSI World represents the gold standard for corporate sustainability. At CN, we work as ONE TEAM, focused on safety, sustainability and our customers, providing operational and supply chain excellence to deliver results.

For internal candidates, note that the grade level of the position will depend on the employee’s experience.

CN requires that all employees be fully vaccinated against COVID-19 and provide proof thereof as a condition of employment.

The Company’s vaccination mandate extends to employees of our wholly owned subsidiaries as well as CN’s contractors, consultants, agents and suppliers and anyone who accesses CN properties in Canada.

CN is an employment equity employer and we encourage all qualified candidates to apply. We thank all applicants for their interest, however, only candidates under consideration will be contacted.

Please monitor your email on a regular basis, as communication is primarily made through email.%143955% %%management%%