Jobs · Engineering · Massachusetts

Principal IGA / IAM Analyst / Engineer

Berkshire Hathaway Specialty Insurance · Boston, MA · 3 mo ago
Engineering$130k–$170k/yrFull-time

Duties And Responsibilities

  • Act as a subject-matter expert for identity security, collaborating with Security Engineering, IT Operations, and business stakeholders to design and enhance identity access and identity governance capabilities.
  • Further drive our Zero-Trust initiative by treating AI agents, applications, & identities as an entity that must authenticate and have its' activity mapped to a human owner.
  • Design, implement, and maintain Identity & Access Management (IAM) solutions across cloud and hybrid environments with both human and non-human identities.
  • Administer authentication and authorization mechanisms including multi-factor authentication (MFA), Single Sign-On (SSO), and passwordless authentication.
  • Support identity lifecycle management (joiner, mover, leaver processes), including Just-in-time (JIT) privileged access utilizing Microsoft Entra PIM.
  • Develop, maintain, and enforce IAM/IGA documentation, standards, procedures, and operational runbooks.
  • Configure and manage Conditional Access Policies to enforce security controls, including MFA, device compliance, risk-based access, and least-privilege access.
  • Assist with identity-related incident response and forensic investigations.
  • Stay current on identity security trends, emerging threats, and evolving technologies, and recommend improvements to strengthen the organization’s security posture.

Qualifications, Skills, And Experience

  • 5+ years of proven success in Identity & Access Management and Identity Governance with deep hands-on experience in Azure and AWS environments.
  • Strong understanding of authentication and authorization protocols, including SAML, OAuth 2.0, and OpenID Connect, as well as directory services such as Active Directory, Azure AD, and Microsoft Entra ID.
  • Strong experience designing Microsoft Conditional Access policies, along with role-based and attribute-based access control (RBAC/ABAC) models.
  • Strong analytical, troubleshooting skills with the ability to diagnose complex identity and access issues.
  • Exceptional communication skills with the ability to translate complex technical issues into clear, actionable business insights.
  • Industry-recognized certifications such as CIAM, CAMS, CIMP or similar are a plus.

Similar jobs