Cyber Security IAM & PKI Specialist

Bombardier View all jobs

  • Dorval, QC
  • Permanent
  • Full-time
  • 3 days ago
Bombardier uses cookies to optimize your experience on this site and to offer you services and communications tailored to your interests. You can either accept all cookies (preferences, statistics and marketing) by clicking “Accept all cookies”, reject all cookies by clicking “Reject all cookies”, or click “Cookie Settings” to set your preferences. For more information, visit our . Cookie SettingsReject All Cookies Accept All CookiesSearch JobsJob DescriptionJob Title: Cyber Security IAM & PKI SpecialistPosting Start Date: 2/10/26Job Description:What are your contributions to the team?
  • Identity Architect - Act as the SME (Subject Matter Expert) for the identity technology stack, plan and prioritize the technology roadmap, track deployments.
  • PKI (Public Key Infrastructure) Specialist - Own, develop and drive the current state and future state plan for PKI.
  • Identity Threat Engineer/Specialist - Collaborate with the SOC (Security Operations Centre) to mature and enhance telemetry, processes and response to cyber threats.
How to thrive in this role?
  • You hold a bachelor's degree in cyber security, information security, computer science, or relevant field of study.
  • You have over 6 years of experience with identity lifecycle management (Joiner/Mover/Leaver), access governance, and least-privilege access models.
  • You have a strong knowledge of authentication and authorization protocols (SAML, OAuth 2.0, OpenID Connect, LDAP, Kerberos).
  • You have hands-on experience with enterprise IAM (Identity & Access Management) platforms (e.g., Azure Entra ID, SailPoint, Okta, CyberArk, MFA).
  • You have proven experience designing, operating, and evolving enterprise PKI (Public Key Infrastructure) environments (internal and public CAs).
  • You have a strong understanding of certificate lifecycle management, TLS/SSL, and cryptographic trust models.
  • You have experience securing non-human identities such as applications, services, workloads, and APIs.
  • You have experience with human identities in medium to high trust environments such as formal digital signature of documents and software.
  • You are familiar with key management practices, HSMs (Hardware Security Modules), and cloud-native key services.
  • You have experience integrating IAM (Identity & Access Management) and PKI signals into SIEM/XDR platforms.
  • You have a solid understanding of identity-based attack techniques, including credential abuse, lateral movement, and privilege escalation.
  • You have the ability to define identity-centric detection use cases and collaborate with SOC (Security Operations Center) teams on response and remediation.
  • You have experience securing hybrid and cloud environments (Azure, AWS, Google or partner clouds) using identity-centric security patterns.
  • You possess scripting and automation skills (PowerShell, Python, REST APIs) to reduce manual effort and operational risk.
  • You have a strong architectural mindset with the ability to translate business requirements into scalable, secure identity solutions.
  • You are familiar with Zero Trust principles and modern identity-first security architecture.
© Bombardier 2024×Cookie Consent ManagerCookie SettingsWhen you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. Because we respect your right to privacy, you can choose not to allow some types of cookies. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer. For more information, visit our .Necessary CookiesThese cookies are essential for our websites to function. Without these cookies, you would not be able to navigate our websites or operate their basic functions.Show More DetailsNecessary Cookies Provider Description Enabled
SAP as service providerWe use the following session cookies, which are all required to enable the website to function:
  • "route" is used for session stickiness
  • "careerSiteCompanyId" is used to send the request to the correct data center
  • "JSESSIONID" is placed on the visitor's device during the session so the server can identify the visitor
  • "Load balancer cookie" (actual cookie name may vary) prevents a visitor from bouncing from one instance to another
Preferences CookiesThese cookies store information that you have already entered, such as your language selection and your location, in order for your experience to feel more personalized when you return to our websites. These cookies collect anonymous information and cannot track your movements on other websites.Show More DetailsPreferences Cookies Provider Description Enabled
YouTubeYouTube is a video-sharing service where users can create their own profile, upload videos, watch, like, and comment on videos. Opting out of YouTube cookies will disable your ability to watch or interact with YouTube videos.Statistics and Marketing CookiesThese cookies register your activity on our website. To show you relevant personalized advertising on other sites such as Google and Bing, we use Google Tag Manager. We may allow a limited number of trusted third-party advertising partners to install cookies to build a profile of your interests based on information about you, such as your page views on our website or your information requests. These cookies are also used to limit the display frequency of advertisements and to measure and control the effectiveness of our advertising campaigns.Our website may include links to other websites and social plugins. Social plugins are buttons that let you share your experiences on our websites with other people on social media platforms (Facebook, LinkedIn, Instagram, and YouTube). When you share your experiences through social plugins, social media platforms install their own cookies on your device.We use Google Analytics to collect, analyse, measure, and report data from these cookies to understand our web traffic and page views in order to improve the performance of our websites and your user experience. For example, the cookies record which browser and operating system you used, which parts of the websites you visited, your number of visits, and the average duration of your visits. They do not collect information that would allow us to identify you. The collected information is aggregated and, therefore, remains anonymous.LinkedIn: If you apply for a job via your LinkedIn profile, LinkedIn will install a third-party cookie on the Career and Recruitment site. LinkedIn’s policies are governed by their .Statistics and Marketing cookies do not store information about you, but they uniquely identify your browser and device. Together with other information about you collected by our advertising partners or social media companies, your browser and device information could be used by third parties to identify you.Show More DetailsStatistics and Marketing Cookies Provider Description Enabled
Google Tag ManagerGoogle Tag Manager is a tag management system for conversion tracking, site analytics, remarketing, and more.

Bombardier