Role Description We are seeking a Principal Security Consultant for our Cyber Resilience and IAM service offerings to take a leadership role in delivering outcomes across a wide range of global clients. This will be accomplished by engaging with customer leadership to define priorities and outcomes for engagements, expanding the security practice's capabilities and offerings, and delivering consulting engagements in a leadership capacity. The ideal candidate will have strong leadership skills and proven expertise in cybersecurity, with a consulting and/or technical background. Candidates must demonstrate a proven track record of developing, refining, and strategically positioning service offerings and methodologies with senior customer stakeholders. A diversified background is a plus, and expertise in security domains such as strategy, security architecture, vulnerability management, or others is required. Qualifications - 10+ years of progressive experience in information security, with at least 5 years in a consulting or professional-services capacity. - Minimum of a Bachelor’s Degree in Computer Science, Computer Engineering, Computer Information Systems, Information Security, or related field experience. - Deep hands-on expertise in one or more of the following Data Protection platforms: - Commvault (Command Center, HyperScale X, Cloud/SaaS protection) - Cohesity (DataProtect, DataHawk, FortKnox, SmartFiles) - Rubrik (Security Cloud, Cyber Recovery, Sensitive Data Monitoring) - Deep hands-on expertise in one or more of the following IAM platforms: - CyberArk (Privilege Cloud, PAM Self-Hosted, Conjur, Endpoint Privilege Manager) - Okta (Workforce Identity Cloud, Customer Identity, Advanced Server Access) - Proven ability to lead large-scale, multi-workstream engagements from scoping through delivery and post-implementation support. - Demonstrable experience as a project or task lead and working with professionals across organizations. - Experience defining and scoping consulting engagements, including level of effort. - Knowledge of the various industry and government strategies and standards in privacy and cybersecurity. - Extensive ability to perform concurrent tasks in complex environments while adjusting priorities. - Ability to communicate and modify approach, language, and style to different audiences. - Extensive experience in organizing resources, establishing priorities, and leading security initiatives. - Must have excellent communication skills, writing skills, and the ability to work with team members at all levels. - Must be a performance-driven team player with a superior attitude. Requirements - Active vendor certifications such as Commvault Certified Expert, Cohesity Protection Professional, Rubrik Certified Systems Engineer, CyberArk Certified Delivery Engineer (CDE), CyberArk Guardian, or Okta Certified Professional / Administrator / Consultant. - Industry certifications: CISSP, CISM, CCSP, GIAC (GPEN, GCIH), or equivalent. - Prior experience in an OEM vendor environment. Benefits - Health and Wellbeing: Health, Dental, and Vision Care, Onsite Health Centers, Employee Assistance Program, Wellness program. - Financial Benefits: Competitive pay, Profit Sharing, 401k Plan with Company Matching, Life and Disability Insurance, Tuition Reimbursement. - Paid Time Off: PTO and Sick Leave (starting at 20 days per year) & Holidays (10 per year), Parental Leave, Military Leave, Bereavement. - Additional Perks: Nursing Mothers Benefits, Voluntary Legal, Pet Insurance, Employee Discount Program.

• Provide strategic and operational leadership for Cybersecurity, Privacy, and Technology Services • Ensure protection of organizational assets and compliance with regulatory requirements • Lead development and continuous improvement of cybersecurity, privacy, and technology programs • Oversee compliance initiatives, risk assessments, and audit support activities • Manage teams and ensure effective resources and prioritization • Foster collaboration with business and IT leaders on technology initiatives • Provide executive-level reporting on program effectiveness and compliance metrics

• Support the development of a national Maritime Security Strategy that enables partner nation stakeholders to effectively organize, manage, and execute maritime operations. • Focus on maritime threat and gap analysis, stakeholder mapping, and development of a comprehensive strategy that addresses interagency coordination, maritime domain awareness, and maritime security requirements.

For more than 170 years, The Hanover has been committed to delivering on our promises and being there when it matters the most. We live our values every day, demonstrating we CARE through our values, Sustainability initiatives and inclusive corporate culture. Our IT Security team is currently seeking a Senior information Security Engineer in our Worcester, MA location or remote work arrangement. POSITION OVERVIEW: The Senior Information Security Engineer will lead the design, implementation, and management of identity and access solutions using Microsoft Entra (Entra ID/Azure AD, Entra External ID/B2C, and related components). This role ensures secure, scalable, and user-friendly identity experiences across internal and external platforms. This is a full time, exempt role. IN THIS ROLE, YOU WILL: Identity Architecture & Engineering: - Design and implement scalable identity solutions with Entra ID and B2C. - Integrate cloud and on-prem systems for SSO, MFA, and Just-In-Time provisioning. - Deploy secure authentication flows (OAuth2, OpenID Connect, SAML, Conditional Access). Custom Policy Development: - Build and maintain custom policies using Identity Experience Framework (IEF). - Manage TrustFrameworkPolicy XML files, REST API integrations, claims transformations, and multi-step authentication. - Customize user journeys (sign-up, sign-in, password reset, profile editing). - Troubleshoot and optimize policies using Application Insights and B2C logs. Identity Governance & Compliance: - Manage lifecycle processes (provisioning, de-provisioning, access reviews). - Administer Privileged Identity Management (PIM), Access Packages, and Conditional Access. - Ensure compliance with frameworks (NIST, ISO 27001). - Stay current with Microsoft Entra roadmap and IAM technologies. Collaboration & Leadership: - Partner with application teams and stakeholders to deliver secure identity solutions. - Integrate Entra ID with third-party and on-prem systems. - Provide technical leadership and mentor junior engineers. WHAT YOU NEED TO APPLY: - 5+ years in identity engineering, SDLC-based solution development, and Active Directory support. - Bachelor’s degree in computer science, Information Technology, or related field, or the equivalent combination of education, training and experience - Deep knowledge of Microsoft Entra ID and B2C, including custom policy development. - Strong understanding of IAM frameworks, governance, and modern authentication protocols. - Experience with hybrid identity, Active Directory, and troubleshooting multi-tenant environments. - Proficiency in PowerShell, Kusto, Azure CLI, automation, and secure API solutions. - Familiarity with audit, log analytics, DevOps, monitoring, and reporting in Azure/Entra. - Background in architecture, IAM roadmaps, and exposure to AI/ML for technology enhancements. - Strong problem-solving, communication, and documentation skills. - Ability to lead, mentor, and collaborate across teams. - Skilled in presentations, training, and customer-focused troubleshooting. - Must be eligible to work in the US without requiring sponsorship now or in the future (i.e Lawful Permanent Residence or US Citizen) EXTRA POINTS FOR: - Microsoft certifications (SC-300, SC-100, AZ-500). - Knowledge of CI/CD pipelines, DevSecOps, hybrid identity, and ADFS. CAREER DEVELOPMENT: It’s not just a job, it’s a career, and we are here to support you every step of the way. We want you to be successful and fulfilled. Through on-the-job experiences, personalized coaching and our robust learning and development programs, we encourage you – at every level – to grow and develop. BENEFITS: We offer comprehensive benefits to help you be healthy, build financial security, and balance work and home life. At The Hanover, you’ll enjoy what you do and have the support you need to succeed. Benefits include: - Medical, dental, vision, life, and disability insurance - 401K with a company match - Tuition reimbursement - PTO - Company paid holidays - Flexible work arrangements - Cultural Awareness Day in support of IDE - On-site medical/wellness center (Worcester only) - Click here for the full list of Benefits EEO statement: The Hanover values diversity in the workplace and among our customers. The company provides equal opportunity for employment and promotion to all qualified employees and applicants on the basis of experience, training, education, and ability to do the available work without regard to race, religion, color, age, sex/gender, sexual orientation, national origin, gender identity, disability, marital status, veteran status, genetic information, ancestry or any other status protected by law. Furthermore, The Hanover Insurance Group is committed to providing an equal opportunity workplace that is free of discrimination and harassment based on national origin, race, color, religion, gender, ancestry, age, sexual orientation, gender identity, disability, marital status, veteran status, genetic information or any other status protected by law.” As an equal opportunity employer, Hanover does not discriminate against qualified individuals with disabilities. Individuals with disabilities who wish to request a reasonable accommodation to participate in the job application or interview process, or to perform essential job functions, should contact us at:HRServices@hanover.com and include the link of the job posting in which you are interested. Privacy Policy: To view our privacy policy and online privacy statement, click here. Applicants who are California residents: To see the types of information we may collect from applicants and employees and how we use it, please click here. Compensation: The target hiring range for this role may vary based on geographic location and other factors, including merit or performance, demonstrated proficiency, skills for the role, education, travel requirements, and experience. Additional compensation may include an annual bonus (which could take the form of a general bonus, sales incentive, or short-term incentive), long-term incentive or spot recognition awards. The posted range reflects our ability to hire at different position titles and levels depending on background and experience.