Senior IAM Engineer - Saviynt (REMOTE OR MA BASED)

About The Position

Requirements

• 8+ years of IAM engineering experience; 3+ years specializing in Saviynt.
• Bachelor’s degree in Information Security or related field (or equivalent experience).
• Must be eligible to work in the US without requiring sponsorship now or in the future (i.e Lawful Permanent Residence or US Citizen)
• Expert hands on experience with Saviynt IGA, including configuring connectors, workflows, risk models, roles, rules, analytics, provisioning jobs, and certifications.
• Familiarity with Microsoft Identity Manager (MIM), CyberArk, or other IAM/PAM tools.
• Experience leading a technical team or serving as project technical lead.
• User lifecycle management (ULM)
• Entitlements Management and appropriate data correlation
• Collaborate with cross-functional teams to assess correlated data for approach to formation of risk scoring
• RBAC / ABAC design
• SSO and federation (SAML, OAuth 2.0)
• Privileged access governance
• Proficiency PowerShell, Java, REST/SOAP APIs, Active Directory & LDAP
• Cloud directories (Entra ID, AWS IAM, etc.), SQL, JSON, XML scripting fundamentals
• Experience designing IAM architecture in large enterprise or regulated environments.
• Strong understanding of IAM concepts including governance, provisioning, attestation, separation of duties, and compliance frameworks (SOX, NIST, ISO).
• Strong analytical thinker with the ability to translate business needs into technical solutions.
• Excellent communication and documentation skills.
• Comfortable working across multiple teams and managing complex initiatives end-to-end.
• Ability to mentor junior engineers and represent IAM engineering in technical discussions.
• Ability to work independently as well as in a collaborative team environment.
• Capability to manage multiple priorities and tasks simultaneously.
• Easily adapt to new or different changing situations, requirements, or priorities.
• Exhibit a personal drive to continually grow and enhance skills, knowledge, and scope of responsibilities.
• Demonstrate solid verbal/written communication, listening, communication skills with and ability to communicate across all employee and management levels.
• Use strong problem-solving skills to troubleshoot, debug, and optimize software applications.

Responsibilities

• Saviynt technical lead, design & Engineering (Development and Operational support)
• Lead the technical design, configuration, and implementation of Saviynt IGA solutions, including workflows, rules, connectors, analytics, roles, and policies. With a configuration first over customization approach.
• Architect scalable, sustainable solutions supporting entitlements management, user life cycle management, RBAC, ABAC, access request and approval flows, certifications, and provisioning/de-provisioning.
• Design and optimize Saviynt integrations with enterprise platforms such as Active Directory, Entra ID, HCM System, ServiceNow, Oracle EBS, PeopleSoft, and other connected/disconnected systems.
• Develop and enhance custom connectors, REST/SOAP integrations, and provisioning logic as needed.
• Configure policy and workflow in Saviynt for the intake and pre-processing of identity data, apply the appropriate workflow for the various use cases for incoming new identity or changes to identity, and configure the provisioning flows based on the connections and schedules required
• Build custom workflows (within parameters that provide for ongoing vendor support), rules, request forms, task definitions, reporting, and risk models within Saviynt.
• Automate repetitive IAM functions using appropriate, supportable, sustainable methods.
• Create and maintain custom analytical reports, dashboards, and governance insights.
• Work with Business Continuity teams to develop disaster recovery planning and testing cycles for IAM and IGA products and services. Identify resource dependencies and their criticality to the sustainability of the service for inclusion in DR planning and reconstitution exercises.
• Participate in access certification campaigns (user manager, entitlement owner, service accounts) and improve campaign efficiency through design enhancements.
• Participate in Threat Model development/review with security team for all new IAM/IGA capabilities.
• Collaborate with Enterprise Architecture, Security Architecture, and Engineering teams to drive implementation of SSO and federation standards (SAML, OAuth 2.0, OpenID Connect).
• Implement and tune Saviynt policies, Segregation of Duties (SoD) rules, risk scores, and governance models to support least privilege and Zero Trust principles.
• Monitor and maintain the Saviynt environment for performance, reliability, capacity, and compliance.
• Lead platform upgrades, migrations, and new feature rollouts.
• Troubleshoot complex technical issues and provide Tier3 support for Saviynt related problems.
• Serve as a technical lead, guiding junior engineers and influencing architectural direction.
• Engage with stakeholders, business owners, product teams, and security leadership to gather requirements and translate them into technical solutions.
• Partner with audit, compliance, and SOX teams to provide evidence and ensure adherence to regulatory standards.
• Collaborate with Architecture Team and Security Architecture on, solution designs, documentation, runbooks, SOPs, and operational playbooks.

Benefits

• Medical, dental, vision, life, and disability insurance
• 401K with a company match
• Tuition reimbursement
• PTO
• Company paid holidays
• Flexible work arrangements
• Cultural Awareness Day in support of IDE
• On-site medical/wellness center (Worcester only)