Senior IAM Engineer - Entra (REMOTE OR MA BASED)

Share Salary Not Available Senior IAM Engineer - Entra (REMOTE

OR MA BASED

) The Hanover Insurance Group Inc.

Occupation:

Computer Systems Engineers/Architects

Location:

Worcester, MA - 01612 Positions available: 1 Job #: 19402

Source:

The Hanover Insurance Group Inc.

Posted:

04/21/2026

Web Site:

www.hanover.com Onsite /

Remote:

Work at home all of the time

Job Type:

Full Time (30 Hours or More) Job Requirements and Properties Help for Job Requirements and Properties. Opens a new window. Telework & Remote Full Time Schedule Full Time Job Description Help for Job Description. Opens a new window. Our IT Security team is currently seeking a Senior information Security Engineer in our Worcester, MA location or remote work arrangement.

POSITION OVERVIEW

The Senior Information Security Engineer will lead the design, implementation, and management of identity and access solutions using Microsoft Entra (Entra ID/Azure AD, Entra External ID/B2C, and related components). This role ensures secure, scalable, and user-friendly identity experiences across internal and external platforms. This is a full time, exempt role.

IN THIS ROLE, YOU WILL

Identity Architecture & Engineering:

Design and implement scalable identity solutions with Entra ID and B2C. Integrate cloud and on-prem systems for SSO, MFA, and Just-In-Time provisioning. Deploy secure authentication flows (OAuth2, OpenID Connect, SAML, Conditional Access).

Custom Policy Development:

Build and maintain custom policies using Identity Experience Framework (IEF). Manage TrustFrameworkPolicy XML files, REST API integrations, claims transformations, and multi-step authentication. Customize user journeys (sign-up, sign-in, password reset, profile editing). Troubleshoot and optimize policies using Application Insights and B2C logs.

Identity Governance & Compliance:

Manage lifecycle processes (provisioning, de-provisioning, access reviews). Administer Privileged Identity Management (PIM), Access Packages, and Conditional Access. Ensure compliance with frameworks (NIST, ISO 27001). Stay current with Microsoft Entra roadmap and IAM technologies.

Collaboration & Leadership:

Partner with application teams and stakeholders to deliver secure identity solutions. Integrate Entra ID with third-party and on-prem systems. Provide technical leadership and mentor junior engineers. Additional Information Help for Additional Information. Opens a new window.

WHAT YOU NEED TO APPLY

5+ years in identity engineering, SDLC-based solution development, and Active Directory support. Bachelor's degree in computer science, Information Technology, or related field, or the equivalent combination of education, training and experience Deep knowledge of Microsoft Entra ID and B2C, including custom policy development. Strong understanding of IAM frameworks, governance, and modern authentication protocols. Experience with hybrid identity, Active Directory, and troubleshooting multi-tenant environments. Proficiency in PowerShell, Kusto, Azure CLI, automation, and secure API solutions. Familiarity with audit, log analytics, DevOps, monitoring, and reporting in Azure/Entra. Background in architecture, IAM roadmaps, and exposure to AI/ML for technology enhancements. Strong problem-solving, communication, and documentation skills. Ability to lead, mentor, and collaborate across teams. Skilled in presentations, training, and customer-focused troubleshooting. Must be eligible to work in the US without requiring sponsorship now or in the future (i.e Lawful Permanent Residence or US Citizen)

EXTRA POINTS FOR

Microsoft certifications (SC-300, SC-100, AZ-500). Knowledge of CI/CD pipelines, DevSecOps, hybrid identity, and ADFS.