Sr. IAM Engineer

 Sr. Identity and Access Management (IAM) Engineer - Marlborough, MA - Hybrid

The Sr. IAM Engineer plays a key role in designing and implementing systems and processes for user identity provisioning, maintenance, and de-provisioning. This includes both automated and manual methods across on-prem and cloud platforms. The ideal candidate will contribute to both short-term deliverables and long-term initiatives, helping the team increase efficiency through tool development and process improvements.

This role will also be instrumental in developing and maintaining the company’s Privileged Access Management (PAM) infrastructure. A successful candidate will bring a combination of project leadership, infrastructure-as-code experience, technical implementation capabilities, and the ability to write policies and procedures. The role is best suited to individuals who work well independently in collaborative environments and who can operate effectively within a semi-agile framework. All activities must align with the company’s security standards and industry best practices.

Key Responsibilities Reasonable accommodations may be provided to individuals with disabilities to perform the essential job functions.

• Design and implement identity lifecycle management automation for on-prem and cloud systems
  
  
• Build, maintain, and administer access management solutions using CyberArk or similar technologies
  
  
• Develop and manage CyberArk and AWS IAM infrastructure as code
  
  
• Implement best practices in provisioning, access management, de-provisioning, and digital identity reporting
  
  
• Engineer and oversee user access controls, including design, review, and updates
  
  
• Establish and maintain standards, documentation, and procedures supporting IAM for 100+ systems
  
  
• Deliver training, documentation, and coaching on IAM system configurations with a focus on scalability and resiliency
  
  
• Mentor junior team members and provide technical guidance
  
  
• Lead large-scale projects and contribute to strategic initiatives
  
  
• Author and implement policies and procedural documentation for IAM operations
  
  
• Fulfill other tasks and duties as assigned by leadership
  
  
• Maintain compliance with company policies and required training protocols
  
  
• Support other business or security-related tasks as needed
  
  

• Bachelor’s degree or equivalent experience (5–7 years) in a related field
  
  
• Hands-on experience in IAM and user access lifecycle management in mid-to-large organizations
  
  
• Knowledge of compliance standards and frameworks such as NIST, SCIM, SSO, and Federation
  
  
• Proven experience with IAM and PAM tools—preferably CyberArk, Omada Identity, and Entra AD
  
  
• Experience building infrastructure with Terraform and managing CI/CD pipelines (e.g., GitLab)
  
  
• Familiarity with AWS and Azure, with AWS IAM, Control Tower, Organizations, and CloudFormation experience considered a plus
  
  
• Relevant certifications such as CompTIA Security+, CISA, CISSP, AWS Solutions Architect, AWS Security, or Azure Security are a plus
  
  
• Proficiency in scripting or development (PowerShell, Python, C++) is desirable
  
  

• Adaptability to changes in technology and regulatory environments
  
  
• Strong problem-solving and diagnostic abilities
  
  
• Self-motivated and accountable, able to manage tasks independently
  
  
• Effective communication, collaboration, and project coordination skills
  
  
• Ability to lead discussions, document requirements, and drive initiatives
  
  
• Solid foundational knowledge of IT and network security principles