Senior IAM Systems Engineer, Passwordless Integration (Global Security)

What is the opportunity?

The Senior IAM Systems Engineer, Passwordless Integration is responsible for rolling out and integrating the enterprise Passwordless authentication solution across the systems and platforms employees use every day. This role works across the organization — partnering with endpoint, workplace, infrastructure, and access teams — to bring passwordless authentication to Windows and macOS devices, virtual desktop and application delivery platforms, directory services, and other enterprise systems. Sitting within Platform Enablement Engineering and partnering closely with the Authentication team, this engineer bridges identity and the broader enterprise, turning a passwordless capability into a real, organization-wide experience.
 

Passwordless is a strategic pillar of the IAM roadmap — directly improving security posture, reducing credential-related risk, and elevating the user experience. This engineer will shape how the enterprise integrates and scales passwordless across a heterogeneous estate, working at the intersection of authentication, endpoint, and access engineering.
 

What will you do?

• Lead integration of the enterprise passwordless solution with workforce systems, including Windows endpoints, macOS endpoints, Citrix and other VDI / application delivery platforms, Active Directory, and other authentication-consuming systems

• Partner with endpoint engineering (Windows, macOS), workplace technology, Citrix / virtualization, and directory services teams to deliver consistent passwordless experiences across the estate

• Design and execute integration patterns for federated and non-federated systems, including login flows, fallback behaviors, lifecycle and recovery scenarios

• Configure, test, and operationalize passwordless authenticator deployments on managed and unmanaged endpoints

• Drive integration with workforce authentication platforms and downstream consumers

• Build automation for configuration deployment, policy management, and operational health checks of the passwordless integration footprint

• Partner with the Authentication team — who holds product accountability — to deliver against the passwordless roadmap and prioritize integration backlog

• Establish observability, alerting, and operational practices for passwordless integrations across systems

•  Work with Architecture, Security, Risk, and Audit to ensure integration meet regulatory and internal control requirements

• Provide deep technical input into rollout planning, change management, and user experience design

• Support production operations, incident response, and root cause analysis for passwordless integrations across systems

• Document integration patterns, runbooks, and standards for use by partner teams across the enterprise

• Build operational automation for the Passwordless toolset—patching, certificate rotation, configuration drift detection, and routine support operations

• Integrate with CI/CD pipelines and infrastructure platforms

What do you need to succeed?

Must-have: 

• 7+ years in identity, authentication, endpoint, or platform integration engineering

• Software Development: 3+ years of experience with Python or Java with strong OOP design principles, solid understanding of REST API’s, microservices architecture

• DevOps Infrastructure: Experience with Infrastructure-as-code, CI/CD pipelines, containerization (Docker/Kubernetes), cloud platforms

• Strong hands-on experience integrating authentication solutions with Windows and macOS endpoints, including credential providers, login flows, and device-bound authentication

• Software

• Hands-on experience integrating authentication with Citrix or equivalent VDI / virtual application delivery platforms

• Strong working knowledge of Active Directory, Kerberos, and modern federation protocols (OIDC, OAuth 2.0, SAML, FIDO2 / WebAuthn)

• Experience deploying and operating phishing-resistant or passwordless authentication solutions in an enterprise environment

• Strong scripting / automation skills (PowerShell, Python, or equivalent) for configuration management and operational tooling

• Strong understanding of cryptographic primitives relevant to authentication (public-key cryptography, attestation, key management) and how they apply to endpoint-bound credentials

• Deep hands-on expertise with CI/CD platforms (Jenkins, GitHub Actions, GitLab CI)

Nice-to-have:

• Experience integrating with Entra ID and/or Auth0 authentication flows

• Familiarity with enterprise endpoint management platforms (Intune, Jamf, SCCM) and how authentication integrates with managed-device posture

• Experience with mobile authentication (iOS / Android platform authenticators, secure enclave) and consumer-style passwordless flows

• Familiarity with Zero Trust Architecture and phishing-resistant authentication strategy

• Experience leading enterprise-wide authentication rollouts or migrations

• Experience automating IAM platforms (Entra ID, Auth0, SailPoint, CyberArk, or equivalent)

• Working knowledge of the banking/financial services regulatory landscape (FRB, Part 30, OSFI) and how it shapes authentication controls

What’s in it for you?

We thrive on the challenge to be our best, progressive thinking to keep growing and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference in our communities, and achieving mutual success

• A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable

• Leaders who support your development through coaching and managing opportunities

• Ability to make a difference and lasting impact

• Work in a dynamic, collaborative, progressive, and high-performing team

• Opportunities to do challenging work and take on progressively greater accountabilities
   

#LI-POST

#TECHPJ

Job Skills

Information Technology (IT) Infrastructure, Programming Languages, Software Change Request Management, Software Development Life Cycle (SDLC), Software Engineering, Software Integration Engineering, Software Product Design, Software Product Technical Knowledge, Software Release Management, System Testing Tools

Additional Job Details

16 YORK ST:TORONTOTorontoCanada37.5Full timeTECHNOLOGY AND OPERATIONSRegularSalaried2026-05-142026-06-02

Note: Applications will be accepted until 11:59 PM on the day prior to the application deadline date above

Our Employment Opportunities

At RBC, we are guided by living shared values of Client First, Integrity, Collaboration, Respect and Excellence and winning together as One RBC. We believe an inclusive workplace that has diverse perspectives is core to our continued growth as one of the largest and most successful banks in the world. Maintaining a workplace where our employees feel supported to perform at their best, effectively collaborate, drive innovation, and grow professionally helps to bring our Purpose to life and create value for our clients and communities. RBC strives to deliver this through policies and programs intended to foster a workplace based on respect, belonging and opportunity for all.

RBC is presently inviting candidates to apply for this existing vacancy. Applying to this posting allows you to express your interest in this current career opportunity at RBC. Qualified applicants may be contacted to review their resume in more detail.