Identity and Access Management (IAM) Engineer

Job Description

The Opportunity

The Enterprise Technology Experience organization seeks an experienced and detail-oriented Identity and Access Engineer who can assist with designing and developing the Identity and Access Management environment (IAM). This is an opportunity for you to work in a fast paced, innovative, and collaborative environment on exciting technology directives, directly impacting the way security is integrated into daily business processes. Ideally, you will have a deep understanding of identity lifecycle management, directory services, authentication protocols, and modern IAM platforms.

The Team

This role is a part of the IAM Engineering Team, which is a strategic arm of our Security Platform Engineering organization, and is crucial for maintaining strong security, compliance to security controls, and assisting with operatonal efficiency. This group is responsible for building and maintaining the core identity platforms for MassMutual, as well as designing and deploying strategic solutions that will enable access controls to be embedded into strategic business processes.

The Impact

As an IAM Engineer, you will be responsible for leading project delivery work, partnering with enterprise and solution architects to design and deploy secure solutions, assisting IAM operational support teams as needed for troubleshooting. You will partner with vendors to solve strategic challenges that align with enterprise roadmaps and will have an opportunity to utilize your experience and expertise to improve existing processes, patterns, and infrastructure.

*** This position can be located in our Springfield, MA, Boston, MA, or NYC office.

The Minimum Qualifications

• 8+ years experience in the following areas
  • web infrastructure and web infrastructure design concepts
  • working with Federation services and Certificate management
  • working with protocols such as SAML and OIDC
  • working with Linux and Windows operating systems
  • supporting Directory Services (such as Ping, AD, Okta, Entra, etc.)
  • with documentation and demonstrated ability in operational hand off
  • working on Security and Operation Incident objectives
  • in audit remediation and mitigations
  • supporting complex environments
  • designing, implementing, deploying, and maintaining IGA solutions such as SailPoint, Saviynt, Okta
  • with Identity Lifecycle Management, Access Reviews, Intelligence (Analytics), Roles and Rules management, and Segregation of Duties
• Must be authorized to work in the United States without sponsorship both now and in the future

The Ideal Qualifications

• Bachelor of Science in Computer Science or Information Management
• 7-10 years of experience in a complex web infrastructure environment
• Understanding of web security concepts and security in-depth
• Ability to collaborate across lines of business to consult and guide projects as needed
• Ability to grasp large scale, enterprise class deployments
• Software system integration
• Troubleshooting and triage of complex production issues, with technical support to operations and supporting teams
• Understanding of the Atlassian productivity suite (JIRA, Confluence, Bitbucket, etc)
• Excellent Organizational Skills
• Excellent written and verbal communication skills. Will be communicating technical information to non-technical end users
• Experience maintaining various web proxies using Security Access Manager
• Ability to look at the big picture and recommend designs based on industry best practice
• Deep understanding SSO solutions using Okta, SAM Federations and Auth0 technologies Experience integrating third party applications with on-prem/AWS deployed solutions
• Experience with many of the following: Akamai, NGINX, AWS, F5, IHS/Apache, Python, NodeJS, netmon/wireshark, Auth0, Okta, LDAP, Active Directory, IBM ISAM, F5
• Understanding of MFA including RSA adaptive authentication and SecureID
• Identity tokenization and underlying standards (SAML, OAuth, Kerberos, etc)
• Familiarity with IAM concepts like privileged access, zero trust, and access governance
• Familiarity with PKI
• Familiarity with security frameworks and regulations (e.g., NIST, GDPR, HIPAA) that impact identity and access management
• Comfortable challenging status quo
• Ability to support and maintain various LDAP repositories using Security Directory Server and associated utilities
• Ability to think critically under pressure and deliver on time
• Ability to work independently with minimal supervision

#LI-SC1

Salary Range:
$134,400.00-$176,400.00

At MassMutual, we focus on ensuring fair equitable pay, by providing competitive salaries, along with incentive and bonus opportunities for all employees. Your total compensation package includes either a bonus target or in a sales-focused role a Variable Incentive Compensation component.

Why Join Us.

We've been around since 1851. During our history, we've learned a few things about making sure our customers are our top priority. In order to meet and exceed their expectations, we must have the best people providing the best thinking, products and services. To accomplish this, we celebrate an inclusive, vibrant and diverse culture that encourages growth, openness and opportunities for everyone. A career with MassMutual means you will be part of a strong, stable and ethical business with industry leading pay and benefits. And your voice will always be heard.

We help people secure their future and protect the ones they love. As a company owned by our policyowners, we are defined by mutuality and our vision to put customers first. It's more than our company structure - it's our way of life. We are a company of people protecting people. Our company exists because people are willing to share risk and resources, and rely on each other when it counts. At MassMutual, we Live Mutual.

MassMutual is an Equal Employment Opportunity employer. We welcome all persons to apply.

If you need an accommodation to complete the application process, please contact us and share the specifics of the assistance you need.

At MassMutual, we focus on ensuring fair, equitable pay by providing competitive salaries, along with incentive and bonus opportunities for all employees. Your total compensation package includes either a bonus target or in a sales-focused role a Variable Incentive Compensation component. For more information about our extensive benefits offerings please check out our Total Rewards at a Glance.