City of Boston

Senior Identity Access Management Specialist

Req ID
2025-30177
Dept
Dpt of Innovation & Technology
Position
Regular Full-Time
Location
ASD-Mgmt Information Systems
Salary Min
80,959.91
Salary Max
116,704.85
Union
EXM
Openings
1
Posting End Date
11/30/2025
Contact Email
estelle.tshitengesheriff@boston.gov

Overview:

The City of Boston’s Department of Innovation and Technology (DoIT) seeking a Sr. Identity & Access Management Specialist, to enhance its Enterprise Identity & Access Management (IAM) program.  Identity and Access management are foundations of security of our technology and data resources, ensuring only people who have a business purpose in accessing these resources can do so. This program also ensures convenience and efficiency for our workforce, ensuring that they have access to the right resources at the right time.

 

  • Enhance User Experience: To simplify and improve user access to applications and information regardless of where they are connecting from;
  • Reduced Administrative Overhead: Minimize the duplication of effort through streamlined application provisioning  and empower users to engage self-service functionality for account management (not requiring calls to the Service Desk);
  • Protect City Resources: Improve the security posture of the City of Boston through effective and efficient identity lifecycle management, access control and account auditing.

 

The Sr. Identity & Access Management Specialist role will report to the Director of Identity and Access Management while working closely with all other areas of the Cybersecurity Team.

 

Responsibilities:

  • Lead discussions with business stakeholders to ensure that the right people have access to the right resources at the right time.
  • Lead discussions with application owners to analyze and classify access entitlements, refine roles, and define elevated access policies.
  • Assist with the development, implementation and support of RBAC.
  • Configure and support Privileged Access Management (PAM) solutions; including vault management, credential rotation and session monitoring.
  • Enforce segregation of duties (SoD) and monitor for violations or inappropriate access patterns.
  • Maintain accurate and auditable documentation of role definitions, privileged account inventories, and access request workflows.
  • Support regular access reviews and certifications by providing reports and resolving access discrepancies.
  • Troubleshoot and resolve issues related to privileged account usage, RBAC policies, identity governance and access escalations.
  • Collaborate with the required teams to integrate RBAC and PAM controls with existing cloud and on-prem infrastructure.
  • Enforce organizational policies and procedures to ensure only authorized personnel have access to information in compliance with the principle of least privilege.
  • Monitor emerging threats, trends, and advise relevant stakeholders on the appropriate courses of action.
  • Support the system administration of various identity management tools.
  • Keep up to date with security issues and best practices related to identity & access management, cybersecurity and risk management.  
  • Performs other related work as required.

Minimum Entrance Qualifications:

  • Four (4) years of full-time, or equivalent part-time, experience in Information Security, Identity & Access Management or business-related fields. A Bachelor's degree in a related field may be substituted for two (2) years of the required experience. A Master's degree can be substituted for three (3) years of the required experience.
  • Proficiency with IAM tools and technologies (e.g. AD, EntraID, SailPoint Identity Security Cloud, CyberArk, Ping Identity, Crowdstrike Identity Protect, etc.).
  • Strong understanding of identity lifecycle, authentication protocols (e.g. SAML, OAuth, OpenID Connect) and directory services (e.g. LDAP, Active Directory).
  • Excellent analytical, problem-solving, and decision-making skills.
  • Working knowledge of information security & risk management frameworks (e.g. NIST, ISO, etc.).
  • Hands-on experience with IGA, RBAC and PAM implementations.
  • Strong communication, stakeholder management and interpersonal skills.
  • Ability to manage multiple tasks and meet deadlines.
  • Ability to leverage best practices and lessons learned of external organizations and academic institutions dealing with cyber issues.
  • Ability to exercise good judgment and focus on detail as required by the job.  

 

BOSTON RESIDENCY REQUIRED.


Terms:
Salary Plan/Grade: Non-union / MM2-08
Hours per week: 35

Options:

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed