Senior Identity & Access Management Engineer

Northeastern University•Boston, MA

About The Position

The Senior Identity & Access Manager (IAM) Engineer is responsible for designing, implementing, and managing the identity and access management framework within Northeastern University. This role requires a deep understanding of IAM technologies, security protocols, and best practices to ensure the protection of sensitive information and compliance with regulatory requirements. The engineer will leverage identity systems including Microsoft Active Directory, Entra, Savyint, Grouper, and Shibboleth, providing senior operational support for Single Sign-On (SSO), User Provisioning, Privileged Access Management, and Role-Based Access Control (RBAC). The position involves making recommendations for and leading the implementation of changes through a formal change management process, working with cross-functional teams to align IAM initiatives with business objectives. This role is critical in shaping the security posture of the organization, involving cutting-edge technologies and leading initiatives that significantly impact user experience, operations, and security. Applicants must be authorized to work in the United States, as the University is unable to sponsor for this role.

Requirements

Bachelor's degree in computer science, Information Technology, or relevant experience
Minimum of 7 years of experience in Sr. IAM Engineering and implementation roles.
Extensive platform knowledge and experience working with Entra ID, Microsoft Active Directory, Entra Connect, Grouper, Shibboleth and Savyint, or equivalent tools.
Extensive Experience with security protocols and standards (e.g., SAML, OAuth, OpenID Connect)
Advanced proficiency in scripting tools, such as bash, SQL, PowerShell, and Jenkins or GitHub Actions, for automation and management tasks.
Excellent technical and communication skills, with the ability to articulate complex IAM concepts to non-technical stakeholders.
Strong analytical and problem-solving abilities.
Proven track record of working in complex production environments.

Nice To Haves

Knowledge and experience of working with Shibboleth, Incommon Federation, or SailPoint, LDAP are nice-to-haves
Experience with automation tools and frameworks relevant to IAM is a plus

Responsibilities

Lead the deployment and integration of IAM technologies, leveraging Microsoft Active Directory (on-premises and Entra).
Evaluate, select, and guide development of appropriate IAM tools and solutions to enhance security and user experience.
Create and implement operational best practices to ensure ongoing availability of identity systems.
Work closely with IT, security, and business teams to understand access requirements and implement appropriate controls.
Provide expert guidance and mentorship to IAM team members and other IT staff.
Oversee the development of automation scripts and workflows (e.g., using PowerShell) to streamline provisioning and de-provisioning processes.
Optimize existing IAM processes for efficiency and effectiveness.
Act as the highest escalation point for complex access issues not resolved by the IT Service Desk.
Oversee the resolution of IAM-related incidents and problems.