Senior Information Security Engineer - Entra (REMOTE OR MA BASED)

The Hanover Insurance Group•Worcester, MA

1d•Remote

About The Position

For more than 170 years, The Hanover has been committed to delivering on our promises and being there when it matters the most. We live our values every day, demonstrating we CARE through our values, Sustainability initiatives and inclusive corporate culture. Our IT Security team is currently seeking a Senior information Security Engineer in our Worcester, MA location or remote work arrangement. POSITION OVERVIEW: The Senior Information Security Engineer will lead the design, implementation, and management of identity and access solutions using Microsoft Entra (Entra ID/Azure AD, Entra External ID/B2C, and related components). This role ensures secure, scalable, and user-friendly identity experiences across internal and external platforms. This is a full time, exempt role.

Requirements

5+ years in identity engineering, SDLC-based solution development, and Active Directory support.
Bachelor’s degree in computer science, Information Technology, or related field, or the equivalent combination of education, training and experience
Deep knowledge of Microsoft Entra ID and B2C, including custom policy development.
Strong understanding of IAM frameworks, governance, and modern authentication protocols.
Experience with hybrid identity, Active Directory, and troubleshooting multi-tenant environments.
Proficiency in PowerShell, Kusto, Azure CLI, automation, and secure API solutions.
Familiarity with audit, log analytics, DevOps, monitoring, and reporting in Azure/Entra.
Background in architecture, IAM roadmaps, and exposure to AI/ML for technology enhancements.
Strong problem-solving, communication, and documentation skills.
Ability to lead, mentor, and collaborate across teams.
Skilled in presentations, training, and customer-focused troubleshooting.
Must be eligible to work in the US without requiring sponsorship now or in the future (i.e Lawful Permanent Residence or US Citizen)

Nice To Haves

Microsoft certifications (SC-300, SC-100, AZ-500).
Knowledge of CI/CD pipelines, DevSecOps, hybrid identity, and ADFS.

Responsibilities

Identity Architecture & Engineering:
Design and implement scalable identity solutions with Entra ID and B2C.
Integrate cloud and on-prem systems for SSO, MFA, and Just-In-Time provisioning.
Deploy secure authentication flows (OAuth2, OpenID Connect, SAML, Conditional Access).
Custom Policy Development:
Build and maintain custom policies using Identity Experience Framework (IEF).
Manage TrustFrameworkPolicy XML files, REST API integrations, claims transformations, and multi-step authentication.
Customize user journeys (sign-up, sign-in, password reset, profile editing).
Troubleshoot and optimize policies using Application Insights and B2C logs.
Identity Governance & Compliance:
Manage lifecycle processes (provisioning, de-provisioning, access reviews).
Administer Privileged Identity Management (PIM), Access Packages, and Conditional Access.
Ensure compliance with frameworks (NIST, ISO 27001).
Stay current with Microsoft Entra roadmap and IAM technologies.
Collaboration & Leadership:
Partner with application teams and stakeholders to deliver secure identity solutions.
Integrate Entra ID with third-party and on-prem systems.
Provide technical leadership and mentor junior engineers.