IAM Engineer

HarbourVest Partners•Boston, MA

7d•$100,000 - $160,000•Hybrid

About The Position

For over forty years, HarbourVest has been home to a committed team of professionals with an entrepreneurial spirit and a desire to deliver impactful solutions to our clients and investing partners. As our global firm grows, we continue to add individuals who seek a collaborative, open-door culture that values diversity and innovative thinking. In our collegial environment that’s marked by low turnover and high energy, you’ll be inspired to grow and thrive. Here, you will be encouraged to build on your strengths and acquire new skills and experiences. We are committed to fostering an environment of inclusion that promotes mutual respect among all employees. Understanding and valuing these differences optimizes the potential of both the individual and the firm. HarbourVest is an equal opportunity employer. This position will be a hybrid work arrangement. You will receive 18 remote workdays per quarter to use at your discretion, subject to manager approval. For example, you may choose to work in the office 4 days per week and take one remote day weekly (typically 13 weeks per quarter), leaving 5 additional remote days to be used as needed. The Identity and Access Management (IAM) Engineer is responsible for designing, implementing, and maintaining secure identity solutions that protect firm systems. This role ensures effective access controls, supports audits and compliance requirements, and engages closely with technology, security functions, and business teams. The ideal candidate brings a strong security perspective, hands-on IAM/PAM experience, and the ability to operate effectively in a fast-paced private equity environment. The ideal candidate is someone who is: An identity-focused technologist who demonstrates a solid sense of ownership and accountability Comfortable functioning in a dynamic, high-trust financial services atmosphere Diligent, with a strong appreciation for controls, auditability, and risk management Able to collaborate effectively with IT, Security, Compliance, and business partners Proactive in identifying gaps, improving processes, and automating where possible

Requirements

Hands-on experience with modern IAM/PAM platforms (Active Directory, Entra ID, Okta, Auth0, Delinea)
Strong understanding of authentication and authorization concepts (RBAC, SAML, OAuth, OIDC, SCIM)
Familiarity with cloud-first and SaaS-heavy enterprise environments
Ability to script or automate IAM processes using PowerShell, Python, or similar tools
Solid understanding of email security concepts (phishing protection, mail flow controls, authentication protocols) and experience supporting enterprise email platforms
Clear communication abilities and the capacity to explain technical concepts to collaborators without a technical background
3-5 years of experience handling identity and access management in a corporate environment

Nice To Haves

Previous experience in financial services, asset management, or private equity is preferred but not required.
Relevant industry certifications such as CISSP, CISM, CCSP, or GIAC are strongly preferred.

Responsibilities

Build, implement, and maintain IAM/PAM solutions supporting employees, clients, and contractors
Manage identity lifecycle processes including onboarding, offboarding, role changes, and access reviews
Coordinate and improve identity platforms such as Okta, Auth0, or similar IAM tools
Implement and maintain Single Sign-On (SSO), Multi-Factor Authentication (MFA), and conditional access policies
Support and maintain privileged access management (PAM) controls and least-privilege access models
Support, administer, and optimize enterprise email security platforms, including threat protection, policy configuration, monitoring, and incident response
Proactively monitor and respond to identity-related security incidents and access anomalies
Drive continual improvement processes to enhance the end-user experience, increase technology value, and improve security posture
Document IAM standards, procedures, and technical configurations
And other responsibilities as required!