• Support the design, analysis, and implementation of cybersecurity frameworks aligned with EU regulations and certification schemes • Contribute to security evaluations of ICT products and services within frameworks such as Common Criteria and EU cybersecurity certification schemes • Perform risk assessments in line with standards such as ISO/IEC 27005 and contribute to security assurance processes • Provide expertise on EU regulatory landscape, including Cybersecurity Act, NIS2, CRA, DORA, and eIDAS 2.0 • Participate in or lead technical workstreams related to cloud security (EUCS), managed security services (EU MSS), and digital identity frameworks (EUDI Wallet) • Support security assessments related to telecommunications and critical infrastructure (e.g. EU 5G initiatives) • Prepare high-quality technical documentation, reports, and assessments for stakeholders • Collaborate with cross-functional teams and external stakeholders, including regulatory bodies and standardisation groups

About Certora Certora is the security assurance partner trusted by the most advanced teams in Web3. Founded in 2018 by pioneers in programming languages and formal methods, Certora helps leading protocols like Lido, Aave, Uniswap, and Compound secure billions in value with confidence. But we’re not just another auditor. We’re a full-stack security assurance platform, combining best-in-class formal verification tools with expert advisory services, delivered on time and with zero compromise. Whether you’re launching a new protocol, upgrading core infrastructure, or securing a DeFi primitive, Certora doesn’t just look for vulnerabilities. We help you prove correctness, accelerate your development speed, and embed safety into your design from day one. With Certora, you get: - Proven, scalable tooling for checking real deployed code - A deep partnership model with on-demand support - Fast, responsive execution that helps you go-to-market faster For us, security isn’t a checklist, it’s a continuous process. Certora is the most comprehensive and trusted platform to ensure your platform is protected, even under adversarial conditions. From testnet to mainnet, we’re with you. About the role We are looking for brilliant security researchers who understand and can find security bugs in cryptographic primitives such as signatures, encryption, and zero-knowledge cryptography. The ideal candidate also cares about exploring the use of formal verification to secure code. Relevant skills - Experience reviewing cryptographic implementations, especially zero knowledge proof systems and circuits, and including MPC, signatures, and cryptographic libraries - Ability to dive into complex code bases written in Rust, C, C++ and other languages - Mathematically prove security properties of low-level code using state-of-the-art technology, including the Certora Prover and other products. Must-Have Requirements - An undergraduate degree in exact sciences from a strong university - The ability to quickly understand intricate programs, learn new protocols and frameworks, digest cryptography and security publications - Mathematical thinking - Hands-on cryptography understanding: the right candidate must be able to read and write code and come up with proof of concepts to demonstrate and communicate security claims - High integrity Significant Advantage - Previous experience in code auditing or vulnerability research - Expertise in code security and applied cryptography - Deep understanding of Blockchain technology (EVM, Solana) - Exposure to ZK technology: zkVMs, zkSNARKs or other proof systems - Understanding of Rust, Circom, Solidity - Publication of technical reports and blog posts - Participation in CTF’s/audit contests/bug bounties programs - Communication skills - High agency and ability to work independently - A European time zone or Eastern US is preferable Certora People We are Customer Centric, when we commit, the customer knows we will deliver in a quality and timely manner. We Move Fast - we’re looking for people with a bias for action and a sense of urgency to achieve quick results while we also Break Nothing – we have high-quality standards, we are looking for people who are professional and hold themselves accountable. We win as a Team – our teams are distributed around the world. We understand our individual roles and commit to the team's goals. We have a positive “can do” attitude. We support each other and are encouraged to ask for help and advice. We enable people to grow by clarifying expectations and giving candid feedback and on-the-job development opportunities. We welcome collaboration both internally and externally for outstanding delivery. We are Pioneers in DeFi security. We are one of the best companies to help developers and security researchers secure Web3, but we try to stay humble and are always eager to learn more. Why join Certora? Certora provides you a wonderful opportunity to: - Work on cutting-edge technology and challenging problems at the forefront of Web3 applications and technologies - Contribute to securing the web3 ecosystem with the leading provider of end-to-end security for blockchain-based applications - Experience a friendly creative start-up environment with top talent in the domain - Work in a fast-paced and supportive culture: we move fast and break nothing! - Enjoy flexible work (remote / hybrid) - Get competitive compensation & benefits (including equity)

• Lead and mentor the Application Security team, setting priorities, conducting code reviews, and fostering a security-first engineering culture across the organization. • Own the Secure Software Development Lifecycle (SSDLC), embedding security gates—threat modeling, static/dynamic analysis, dependency scanning—into the CI/CD pipeline for the company's product. • Drive vulnerability management end-to-end, from triage and risk-scoring of findings (SAST, DAST, pen tests, bug bounties) through to coordinating remediation timelines with development teams. • Define and maintain application security standards, policies, and guidelines aligned with financial-industry regulations (e.g., PCI DSS, SOC 2, GDPR) and ensure the product stays compliant. • Partner with Product, Engineering, and DevOps leadership to assess security risk of new features and architectural changes, providing pragmatic guidance that balances speed-to-market with risk tolerance. • Plan and oversee regular penetration testing and red-team exercises on the company's product, translating results into actionable roadmap items and reporting risk posture to senior management.

Title: Senior IAM Engineer - Saviynt (REMOTE OR MA BASED) Location: Worcester, MA, USA Req #19637 Virtual Job Description: For more than 170 years, The Hanover has been committed to delivering on our promises and being there when it matters the most. We live our values every day, demonstrating we CARE through our values, Sustainability initiatives and inclusive corporate culture. We are seeking a highly experienced and skilled Senior IAM Engineer who will be responsible for managing and enhancing Hanover’s identity and access management with a focus on Saviynt, in our Worcester, MA office or remote work arrangement This is a full-time, exempt role. POSITION OVERVIEW: This role supports the development and evolution of secure user life cycle management, Identity Access Governance, and integration of enterprise applications. You will focus on the technical design, engineering, and end‑to‑end implementation of Saviynt Identity Governance and Administration (IGA) solutions. The ideal candidate brings hands‑on technical expertise, strong hands-on experience delivering Saviynt capabilities, strong analytical skills, and experience collaborating with cross‑functional IT, engineering, and business teams. IN THIS ROLE, YOU WILL: - Saviynt technical lead, design & Engineering (Development and Operational support) - Lead the technical design, configuration, and implementation of Saviynt IGA solutions, including workflows, rules, connectors, analytics, roles, and policies. With a configuration first over customization approach. - Architect scalable, sustainable solutions supporting entitlements management, user life cycle management, RBAC, ABAC, access request and approval flows, certifications, and provisioning/de-provisioning. - Design and optimize Saviynt integrations with enterprise platforms such as Active Directory, Entra ID, HCM System, ServiceNow, Oracle EBS, PeopleSoft, and other connected/disconnected systems. - Develop and enhance custom connectors, REST/SOAP integrations, and provisioning logic as needed. - Configure policy and workflow in Saviynt for the intake and pre-processing of identity data, apply the appropriate workflow for the various use cases for incoming new identity or changes to identity, and configure the provisioning flows based on the connections and schedules required Implementation & Automation - Build custom workflows (within parameters that provide for ongoing vendor support), rules, request forms, task definitions, reporting, and risk models within Saviynt. - Automate repetitive IAM functions using appropriate, supportable, sustainable methods. - Create and maintain custom analytical reports, dashboards, and governance insights. - Work with Business Continuity teams to develop disaster recovery planning and testing cycles for IAM and IGA products and services. Identify resource dependencies and their criticality to the sustainability of the service for inclusion in DR planning and reconstitution exercises. Access Governance & Security Controls - Participate in access certification campaigns (user manager, entitlement owner, service accounts) and improve campaign efficiency through design enhancements. - Participate in Threat Model development/review with security team for all new IAM/IGA capabilities. - Collaborate with Enterprise Architecture, Security Architecture, and Engineering teams to drive implementation of SSO and federation standards (SAML, OAuth 2.0, OpenID Connect). - Implement and tune Saviynt policies, Segregation of Duties (SoD) rules, risk scores, and governance models to support least privilege and Zero Trust principles. Platform Operations & Optimization - Monitor and maintain the Saviynt environment for performance, reliability, capacity, and compliance. - Lead platform upgrades, migrations, and new feature rollouts. - Troubleshoot complex technical issues and provide Tier3 support for Saviynt related problems. Leadership, Collaboration & Strategy - Serve as a technical lead, guiding junior engineers and influencing architectural direction. - Engage with stakeholders, business owners, product teams, and security leadership to gather requirements and translate them into technical solutions. - Partner with audit, compliance, and SOX teams to provide evidence and ensure adherence to regulatory standards. - Collaborate with Architecture Team and Security Architecture on, solution designs, documentation, runbooks, SOPs, and operational playbooks. WHAT YOU NEED TO APPLY: - 8+ years of IAM engineering experience; 3+ years specializing in Saviynt. - Bachelor’s degree in Information Security or related field (or equivalent experience). - Must be eligible to work in the US without requiring sponsorship now or in the future (i.e Lawful Permanent Residence or US Citizen) - Expert hands on experience with Saviynt IGA, including configuring connectors, workflows, risk models, roles, rules, analytics, provisioning jobs, and certifications. - Familiarity with Microsoft Identity Manager (MIM), CyberArk, or other IAM/PAM tools. - Experience leading a technical team or serving as project technical lead. - User lifecycle management (ULM) - Entitlements Management and appropriate data correlation - Collaborate with cross-functional teams to assess correlated data for approach to formation of risk scoring - RBAC / ABAC design - SSO and federation (SAML, OAuth 2.0) - Privileged access governance - Proficiency PowerShell, Java, REST/SOAP APIs, Active Directory & LDAP - Cloud directories (Entra ID, AWS IAM, etc.), SQL, JSON, XML scripting fundamentals - Experience designing IAM architecture in large enterprise or regulated environments. - Strong understanding of IAM concepts including governance, provisioning, attestation, separation of duties, and compliance frameworks (SOX, NIST, ISO). - Strong analytical thinker with the ability to translate business needs into technical solutions. - Excellent communication and documentation skills. - Comfortable working across multiple teams and managing complex initiatives end-to-end. - Ability to mentor junior engineers and represent IAM engineering in technical discussions. - Ability to work independently as well as in a collaborative team environment. - Capability to manage multiple priorities and tasks simultaneously. - Easily adapt to new or different changing situations, requirements, or priorities. - Exhibit a personal drive to continually grow and enhance skills, knowledge, and scope of responsibilities. - Demonstrate solid verbal/written communication, listening, communication skills with and ability to communicate across all employee and management levels. - Use strong problem-solving skills to troubleshoot, debug, and optimize software applications. CAREER DEVELOPMENT: It’s not just a job, it’s a career, and we are here to support you every step of the way. We want you to be successful and fulfilled. Through on-the-job experiences, personalized coaching and our robust learning and development programs, we encourage you – at every level – to grow and develop. BENEFITS: We offer comprehensive benefits to help you be healthy, build financial security, and balance work and home life. At The Hanover, you’ll enjoy what you do and have the support you need to succeed. Benefits include: - Medical, dental, vision, life, and disability insurance - 401K with a company match - Tuition reimbursement - PTO - Company paid holidays - Flexible work arrangements - Cultural Awareness Day in support of IDE - On-site medical/wellness center (Worcester only) - Click here for the full list of Benefits EEO statement: The Hanover values diversity in the workplace and among our customers. The company provides equal opportunity for employment and promotion to all qualified employees and applicants on the basis of experience, training, education, and ability to do the available work without regard to race, religion, color, age, sex/gender, sexual orientation, national origin, gender identity, disability, marital status, veteran status, genetic information, ancestry or any other status protected by law. Furthermore, The Hanover Insurance Group is committed to providing an equal opportunity workplace that is free of discrimination and harassment based on national origin, race, color, religion, gender, ancestry, age, sexual orientation, gender identity, disability, marital status, veteran status, genetic information or any other status protected by law.” As an equal opportunity employer, Hanover does not discriminate against qualified individuals with disabilities. Individuals with disabilities who wish to request a reasonable accommodation to participate in the job application or interview process, or to perform essential job functions, should contact us at:HRServices@hanover.com and include the link of the job posting in which you are interested. Privacy Policy: To view our privacy policy and online privacy statement, click here. Applicants who are California residents: To see the types of information we may collect from applicants and employees and how we use it, please click here. Compensation: The target hiring range for this role may vary based on geographic location and other factors, including merit or performance, demonstrated proficiency, skills for the role, education, travel requirements, and experience. Additional compensation may include an annual bonus (which could take the form of a general bonus, sales incentive, or short-term incentive), long-term incentive or spot recognition awards. The posted range reflects our ability to hire at different position titles and levels depending on background and experience. Job Details Job Family IT - Information Security Job Function Information Technology Pay Type Salary Education Level Bachelor’s Degree Hiring Min Rate 111,000 USD Hiring Max Rate 140,000 USD