Engineer

Berkshire Hathaway Specialty Insurance•Boston, MA

7d•$130,000 - $170,000

About The Position

Berkshire Hathaway Specialty Insurance (BHSI) is seeking a seasoned technologist in the Identity Access Management (IAM) and Identity Governance Administration (IGA) arena. This role will play a critical part in securing enterprise access across cloud and hybrid environments while balancing strong security controls with business productivity. As a key member of our cybersecurity team, you will lead and coach teammates driving how we control and manage access to our network in the age of Artificial Intelligence. You will be an integral part of the strategy and design of our identity security posture management in this new and exciting role. If you are passionate about securing identities, both human and non-human, as well as securely accessing networks and applications, we would be excited and interested in speaking with you.

Requirements

5+ years of proven success in Identity & Access Management and Identity Governance with deep hands-on experience in Azure and AWS environments.
Strong understanding of authentication and authorization protocols, including SAML, OAuth 2.0, and OpenID Connect, as well as directory services such as Active Directory, Azure AD, and Microsoft Entra ID.
Strong experience designing Microsoft Conditional Access policies, along with role-based and attribute-based access control (RBAC/ABAC) models.
Strong analytical, troubleshooting skills with the ability to diagnose complex identity and access issues.
Exceptional communication skills with the ability to translate complex technical issues into clear, actionable business insights.

Nice To Haves

Industry-recognized certifications such as CIAM, CAMS, CIMP or similar are a plus.

Responsibilities

Act as a subject-matter expert for identity security, collaborating with Security Engineering, IT Operations, and business stakeholders to design and enhance identity access and identity governance capabilities.
Further drive our Zero-Trust initiative by treating AI agents, applications, & identities as an entity that must authenticate and have its’ activity mapped to a human owner.
Design, implement, and maintain Identity & Access Management (IAM) solutions across cloud and hybrid environments with both human and non-human identities.
Administer authentication and authorization mechanisms including multi-factor authentication (MFA), Single Sign-On (SSO), and passwordless authentication.
Support identity lifecycle management (joiner, mover, leaver processes), including Just-in-time (JIT) privileged access utilizing Microsoft Entra PIM.
Develop, maintain, and enforce IAM/IGA documentation, standards, procedures, and operational runbooks.
Configure and manage Conditional Access Policies to enforce security controls, including MFA, device compliance, risk-based access, and least-privilege access.
Assist with identity-related incident response and forensic investigations.
Stay current on identity security trends, emerging threats, and evolving technologies, and recommend improvements to strengthen the organization’s security posture.