Title: Senior IAM Engineer - Saviynt (REMOTE OR MA BASED) Location: Worcester, MA, USA Req #19637 Virtual Job Description: For more than 170 years, The Hanover has been committed to delivering on our promises and being there when it matters the most. We live our values every day, demonstrating we CARE through our values, Sustainability initiatives and inclusive corporate culture. We are seeking a highly experienced and skilled Senior IAM Engineer who will be responsible for managing and enhancing Hanover’s identity and access management with a focus on Saviynt, in our Worcester, MA office or remote work arrangement This is a full-time, exempt role. POSITION OVERVIEW: This role supports the development and evolution of secure user life cycle management, Identity Access Governance, and integration of enterprise applications. You will focus on the technical design, engineering, and end‑to‑end implementation of Saviynt Identity Governance and Administration (IGA) solutions. The ideal candidate brings hands‑on technical expertise, strong hands-on experience delivering Saviynt capabilities, strong analytical skills, and experience collaborating with cross‑functional IT, engineering, and business teams. IN THIS ROLE, YOU WILL: - Saviynt technical lead, design & Engineering (Development and Operational support) - Lead the technical design, configuration, and implementation of Saviynt IGA solutions, including workflows, rules, connectors, analytics, roles, and policies. With a configuration first over customization approach. - Architect scalable, sustainable solutions supporting entitlements management, user life cycle management, RBAC, ABAC, access request and approval flows, certifications, and provisioning/de-provisioning. - Design and optimize Saviynt integrations with enterprise platforms such as Active Directory, Entra ID, HCM System, ServiceNow, Oracle EBS, PeopleSoft, and other connected/disconnected systems. - Develop and enhance custom connectors, REST/SOAP integrations, and provisioning logic as needed. - Configure policy and workflow in Saviynt for the intake and pre-processing of identity data, apply the appropriate workflow for the various use cases for incoming new identity or changes to identity, and configure the provisioning flows based on the connections and schedules required Implementation & Automation - Build custom workflows (within parameters that provide for ongoing vendor support), rules, request forms, task definitions, reporting, and risk models within Saviynt. - Automate repetitive IAM functions using appropriate, supportable, sustainable methods. - Create and maintain custom analytical reports, dashboards, and governance insights. - Work with Business Continuity teams to develop disaster recovery planning and testing cycles for IAM and IGA products and services. Identify resource dependencies and their criticality to the sustainability of the service for inclusion in DR planning and reconstitution exercises. Access Governance & Security Controls - Participate in access certification campaigns (user manager, entitlement owner, service accounts) and improve campaign efficiency through design enhancements. - Participate in Threat Model development/review with security team for all new IAM/IGA capabilities. - Collaborate with Enterprise Architecture, Security Architecture, and Engineering teams to drive implementation of SSO and federation standards (SAML, OAuth 2.0, OpenID Connect). - Implement and tune Saviynt policies, Segregation of Duties (SoD) rules, risk scores, and governance models to support least privilege and Zero Trust principles. Platform Operations & Optimization - Monitor and maintain the Saviynt environment for performance, reliability, capacity, and compliance. - Lead platform upgrades, migrations, and new feature rollouts. - Troubleshoot complex technical issues and provide Tier3 support for Saviynt related problems. Leadership, Collaboration & Strategy - Serve as a technical lead, guiding junior engineers and influencing architectural direction. - Engage with stakeholders, business owners, product teams, and security leadership to gather requirements and translate them into technical solutions. - Partner with audit, compliance, and SOX teams to provide evidence and ensure adherence to regulatory standards. - Collaborate with Architecture Team and Security Architecture on, solution designs, documentation, runbooks, SOPs, and operational playbooks. WHAT YOU NEED TO APPLY: - 8+ years of IAM engineering experience; 3+ years specializing in Saviynt. - Bachelor’s degree in Information Security or related field (or equivalent experience). - Must be eligible to work in the US without requiring sponsorship now or in the future (i.e Lawful Permanent Residence or US Citizen) - Expert hands on experience with Saviynt IGA, including configuring connectors, workflows, risk models, roles, rules, analytics, provisioning jobs, and certifications. - Familiarity with Microsoft Identity Manager (MIM), CyberArk, or other IAM/PAM tools. - Experience leading a technical team or serving as project technical lead. - User lifecycle management (ULM) - Entitlements Management and appropriate data correlation - Collaborate with cross-functional teams to assess correlated data for approach to formation of risk scoring - RBAC / ABAC design - SSO and federation (SAML, OAuth 2.0) - Privileged access governance - Proficiency PowerShell, Java, REST/SOAP APIs, Active Directory & LDAP - Cloud directories (Entra ID, AWS IAM, etc.), SQL, JSON, XML scripting fundamentals - Experience designing IAM architecture in large enterprise or regulated environments. - Strong understanding of IAM concepts including governance, provisioning, attestation, separation of duties, and compliance frameworks (SOX, NIST, ISO). - Strong analytical thinker with the ability to translate business needs into technical solutions. - Excellent communication and documentation skills. - Comfortable working across multiple teams and managing complex initiatives end-to-end. - Ability to mentor junior engineers and represent IAM engineering in technical discussions. - Ability to work independently as well as in a collaborative team environment. - Capability to manage multiple priorities and tasks simultaneously. - Easily adapt to new or different changing situations, requirements, or priorities. - Exhibit a personal drive to continually grow and enhance skills, knowledge, and scope of responsibilities. - Demonstrate solid verbal/written communication, listening, communication skills with and ability to communicate across all employee and management levels. - Use strong problem-solving skills to troubleshoot, debug, and optimize software applications. CAREER DEVELOPMENT: It’s not just a job, it’s a career, and we are here to support you every step of the way. We want you to be successful and fulfilled. Through on-the-job experiences, personalized coaching and our robust learning and development programs, we encourage you – at every level – to grow and develop. BENEFITS: We offer comprehensive benefits to help you be healthy, build financial security, and balance work and home life. At The Hanover, you’ll enjoy what you do and have the support you need to succeed. Benefits include: - Medical, dental, vision, life, and disability insurance - 401K with a company match - Tuition reimbursement - PTO - Company paid holidays - Flexible work arrangements - Cultural Awareness Day in support of IDE - On-site medical/wellness center (Worcester only) - Click here for the full list of Benefits EEO statement: The Hanover values diversity in the workplace and among our customers. The company provides equal opportunity for employment and promotion to all qualified employees and applicants on the basis of experience, training, education, and ability to do the available work without regard to race, religion, color, age, sex/gender, sexual orientation, national origin, gender identity, disability, marital status, veteran status, genetic information, ancestry or any other status protected by law. Furthermore, The Hanover Insurance Group is committed to providing an equal opportunity workplace that is free of discrimination and harassment based on national origin, race, color, religion, gender, ancestry, age, sexual orientation, gender identity, disability, marital status, veteran status, genetic information or any other status protected by law.” As an equal opportunity employer, Hanover does not discriminate against qualified individuals with disabilities. Individuals with disabilities who wish to request a reasonable accommodation to participate in the job application or interview process, or to perform essential job functions, should contact us at:HRServices@hanover.com and include the link of the job posting in which you are interested. Privacy Policy: To view our privacy policy and online privacy statement, click here. Applicants who are California residents: To see the types of information we may collect from applicants and employees and how we use it, please click here. Compensation: The target hiring range for this role may vary based on geographic location and other factors, including merit or performance, demonstrated proficiency, skills for the role, education, travel requirements, and experience. Additional compensation may include an annual bonus (which could take the form of a general bonus, sales incentive, or short-term incentive), long-term incentive or spot recognition awards. The posted range reflects our ability to hire at different position titles and levels depending on background and experience. Job Details Job Family IT - Information Security Job Function Information Technology Pay Type Salary Education Level Bachelor’s Degree Hiring Min Rate 111,000 USD Hiring Max Rate 140,000 USD

• Provides technical strategy and Marketplace security reference architectures, evaluates and enables enterprise security tools/services, designs reusable security patterns and guardrails, advises engineering teams, and drives integration of security requirements into delivery roadmaps. • Develops and maintains Marketplace security reference architectures and implementation playbooks that engineering teams can apply consistently, reducing manual overhead (“build once ? reuse everywhere” as the broader team value proposition). • Performs architecture reviews and technical design advisories that incorporate CMS ARS minimum controls and policy expectations into system designs. • Coordinates with enterprise security service providers to consume and properly integrate shared security platforms (e.g., logging, scanning, identity) while respecting contract guardrails (no duplicate SOC/monitoring). • Aligns security architecture work to Agile roadmaps and PI planning cycles, ensuring delivery teams have actionable guardrails and backlog-ready requirements. • Guides Marketplace adoption of federal Zero Trust principles and architectures: NIST SP 800-207 defines Zero Trust Architecture components and transition steps; OMB M-22-09 sets federal agency Zero Trust expectations; and TIC 3.0 guidance supports modern network boundary/security approaches in federal environments. • Supports cybersecurity risk reduction patterns such as Continuous Diagnostics and Mitigation (CDM). • Applies systems security engineering principles to architect defensible, survivable systems, consistent with NIST SP 800-160’s emphasis on engineering-driven security across system life cycles. • Ensures forensic readiness and investigative support enablement by designing for audit logging, traceability, and evidence preservation needs described in the operational investigative approach.

• Leads and is accountable for Marketplace security and privacy support contract outcomes across the full task portfolio. • Serves as the primary interface to the CMS COR and ensuring delivery coordination, PI/OE integration, and executive reporting. • Overall accountability, governance of scope/cost/schedule, cross-team prioritization, executive reporting, and alignment of all workstreams to Marketplace and Open Enrollment milestones. • Maintains a governance and execution cadence that integrates security work into Marketplace planning cycles. • Ensures operational rhythm for high meeting volume and action tracking. • Oversees on-time delivery of contract-wide reporting and metrics.

Role Description Looking for Hawaii IT techs wanting a career in Cybersecurity. Are you a local IT tech with a knack for problem-solving and you've seen the cybersecurity headlines and thought to yourself, "that's what I want to do!" Are you feeling stuck in your current tech support role? We offer a chance for you to pivot into a rewarding cybersecurity position and join a team where your dedication gets the recognition it deserves! Whether you're in the office or working remotely, we ensure that you're surrounded by like-minded professionals who share your passion. If you value excellence, like to learn and want to make a difference in protecting the community, you may have found your tribe. We are hiring for a technical person to help with investigating and troubleshooting problems with computer networks and implementing best practices for local companies. As we are a security-first company, this could be a rare opportunity for a technician such as yourself to grow into a Cybersecurity professional. Qualifications - Proficiency in Windows (workstation, server), Mac OS, and Microsoft Office applications. - Experience with Microsoft 365, Google Workspace, Azure, Intune, and Microsoft cloud systems. - Ability to resolve virus and malware threats. - Solid networking skills, with adeptness in configuring firewalls, routers, switches, and wi-fi points. - Eagerness to learn and adapt to emerging IT security technologies. - Stellar documentation, organizational, and time management capabilities. - A growth mindset, characterized by self-initiated learning and skill enhancement. Requirements - Must be a resident of Oahu. - Consistency, punctuality, and precise written communication. - Professional demeanor and presentation. - Availability during standard business hours (8 am-5 pm). - Must possess a car, reside around the Oahu area and be capable of lifting up to 50lbs unaided. Benefits - 401(k) company contribution. - Health insurance. - Paid time off. - Professional development assistance.