Identity and Access Management (IAM) Engineer
Company: MassMutual
Location: New York City
Posted on: November 27, 2025
|
|
|
Job Description:
Job Description Full Time Hybrid Onsite in Boston, NYC, or
Springfield, MA Job Description The Opportunity The Enterprise
Technology Experience organization seeks an experienced and
detail-oriented Identity and Access Engineer who can assist with
designing and developing the Identity and Access Management
environment (IAM). This is an opportunity for you to work in a fast
paced, innovative, and collaborative environment on exciting
technology directives, directly impacting the way security is
integrated into daily business processes. Ideally, you will have a
deep understanding of identity lifecycle management, directory
services, authentication protocols, and modern IAM platforms. The
Team This role is a part of the IAM Engineering Team, which is a
strategic arm of our Security Platform Engineering organization,
and is crucial for maintaining strong security, compliance to
security controls, and assisting with operatonal efficiency. This
group is responsible for building and maintaining the core identity
platforms for MassMutual, as well as designing and deploying
strategic solutions that will enable access controls to be embedded
into strategic business processes. The Impact As an IAM Engineer,
you will be responsible for leading project delivery work,
partnering with enterprise and solution architects to design and
deploy secure solutions, assisting IAM operational support teams as
needed for troubleshooting. You will partner with vendors to solve
strategic challenges that align with enterprise roadmaps and will
have an opportunity to utilize your experience and expertise to
improve existing processes, patterns, and infrastructure. This
position can be located in our Springfield, MA, Boston, MA, or NYC
office. The Minimum Qualifications 8 years experience in the
following areas web infrastructure and web infrastructure design
concepts working with Federation services and Certificate
management working with protocols such as SAML and OIDC working
with Linux and Windows operating systems supporting Directory
Services (such as Ping, AD, Okta, Entra, etc.) with documentation
and demonstrated ability in operational hand off working on
Security and Operation Incident objectives in audit remediation and
mitigations supporting complex environments designing,
implementing, deploying, and maintaining IGA solutions such as
SailPoint, Saviynt, Okta with Identity Lifecycle Management, Access
Reviews, Intelligence (Analytics), Roles and Rules management, and
Segregation of Duties Must be authorized to work in the United
States without sponsorship both now and in the future The Ideal
Qualifications Bachelor of Science in Computer Science or
Information Management 7-10 years of experience in a complex web
infrastructure environment Understanding of web security concepts
and security in-depth Ability to collaborate across lines of
business to consult and guide projects as needed Ability to grasp
large scale, enterprise class deployments Software system
integration Troubleshooting and triage of complex production
issues, with technical support to operations and supporting teams
Understanding of the Atlassian productivity suite (JIRA,
Confluence, Bitbucket, etc) Excellent Organizational Skills
Excellent written and verbal communication skills. Will be
communicating technical information to non-technical end users
Experience maintaining various web proxies using Security Access
Manager Ability to look at the big picture and recommend designs
based on industry best practice Deep understanding SSO solutions
using Okta, SAM Federations and Auth0 technologies Experience
integrating third party applications with on-prem/AWS deployed
solutions Experience with many of the following: Akamai, NGINX,
AWS, F5, IHS/Apache, Python, NodeJS, netmon/wireshark, Auth0, Okta,
LDAP, Active Directory, IBM ISAM, F5 Understanding of MFA including
RSA adaptive authentication and SecureID Identity tokenization and
underlying standards (SAML, OAuth, Kerberos, etc) Familiarity with
IAM concepts like privileged access, zero trust, and access
governance Familiarity with PKI Familiarity with security
frameworks and regulations (e.g., NIST, GDPR, HIPAA) that impact
identity and access management Comfortable challenging status quo
Ability to support and maintain various LDAP repositories using
Security Directory Server and associated utilities Ability to think
critically under pressure and deliver on time Ability to work
independently with minimal supervision LI-SC1 MassMutual is an
equal employment opportunity employer. We welcome all persons to
apply. If you need an accommodation to complete the application
process, please contact us and share the specifics of the
assistance you need. California residents: For detailed information
about your rights under the California Consumer Privacy Act (CCPA),
please visit our California Consumer Privacy Act Disclosures
page.
Keywords: MassMutual, New York , Identity and Access Management (IAM) Engineer, IT / Software / Systems , New York City, New York
