IAM Engineer

Location: Boston

Time Type: Full time

Job Description

Job Description Summary

For over forty years, HarbourVest has been home to a committed team of professionals with an entrepreneurial spirit and a desire to deliver impactful solutions to our clients and investing partners. As our global firm grows, we continue to add individuals who seek a collaborative, open-door culture that values diversity and innovative thinking.

In our collegial environment that’s marked by low turnover and high energy, you’ll be inspired to grow and thrive. Here, you will be encouraged to build on your strengths and acquire new skills and experiences.

We are committed to fostering an environment of inclusion that promotes mutual respect among all employees. Understanding and valuing these differences optimizes the potential of both the individual and the firm.

HarbourVest is an equal opportunity employer.

This position will be a hybrid work arrangement. You will receive 18 remote workdays per quarter to use at your discretion, subject to manager approval. For example, you may choose to work in the office 4 days per week and take one remote day weekly (typically 13 weeks per quarter), leaving 5 additional remote days to be used as needed.

The Identity and Access Management (IAM) Engineer is responsible for designing, implementing, and maintaining secure identity solutions that protect firm systems. This role ensures effective access controls, supports audits and compliance requirements, and engages closely with technology, security functions, and business teams. The ideal candidate brings a strong security perspective, hands-on IAM/PAM experience, and the ability to operate effectively in a fast-paced private equity environment.

The ideal candidate is someone who is:

• An identity-focused technologist who demonstrates a solid sense of ownership and accountability
• Comfortable functioning in a dynamic, high-trust financial services atmosphere
• Diligent, with a strong appreciation for controls, auditability, and risk management
• Able to collaborate effectively with IT, Security, Compliance, and business partners
• Proactive in identifying gaps, improving processes, and automating where possible
   

What you will do:

• Build, implement, and maintain IAM/PAM solutions supporting employees, clients, and contractors
• Manage identity lifecycle processes including onboarding, offboarding, role changes, and access reviews
• Coordinate and improve identity platforms such as Okta, Auth0, or similar IAM tools
• Implement and maintain Single Sign-On (SSO), Multi-Factor Authentication (MFA), and conditional access policies
• Support and maintain privileged access management (PAM) controls and least-privilege access models
• Support, administer, and optimize enterprise email security platforms, including threat protection, policy configuration, monitoring, and incident response
• Proactively monitor and respond to identity-related security incidents and access anomalies
• Drive continual improvement processes to enhance the end-user experience, increase technology value, and improve security posture
• Document IAM standards, procedures, and technical configurations
• And other responsibilities as required!
   

What you bring:

• Hands-on experience with modern IAM/PAM platforms (Active Directory, Entra ID, Okta, Auth0, Delinea)
• Strong understanding of authentication and authorization concepts (RBAC, SAML, OAuth, OIDC, SCIM)
• Familiarity with cloud-first and SaaS-heavy enterprise environments
• Ability to script or automate IAM processes using PowerShell, Python, or similar tools
• Solid understanding of email security concepts (phishing protection, mail flow controls, authentication protocols) and experience supporting enterprise email platforms
• Clear communication abilities and the capacity to explain technical concepts to collaborators without a technical background
   

Education Preferred:

• Bachelor’s degree or equivalent experience in Information Technology, Computer Science, Cybersecurity, or a related field
• Relevant industry certifications such as CISSP, CISM, CCSP, or GIAC are strongly preferred.
   

Experience:

• 3-5 years of experience handling identity and access management in a corporate environment
• Previous experience in financial services, asset management, or private equity is preferred but not required.
  
  #LI-Hybrid

Salary Range

This USD base salary range represents only one component of total compensation for this role and is provided in accordance with local requirements. This role is eligible for a discretionary annual bonus, which is determined based on individual and overall firm performance. In addition to salary and bonus, total compensation may include eligibility for long-term reward programs and a comprehensive total rewards package that may include retirement, health, insurance, paid time off, and wellness programs. Our total rewards offerings are influenced by several business factors, and eligibility for certain components will vary by position and geography. Please note the posted ranges do not apply outside the U.S. and should not be converted to other currencies as a proxy for compensation in other countries.