Senior Identity and Access Management Engineer

Senior Identity and Access Management Engineer Join to apply for the Senior Identity and Access Management Engineer role at Boston Consulting Group (BCG) Locations Washington | Boston Who We Are Boston Consulting Group partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG was the pioneer in business strategy when it was founded in 1963. Today, we help clients with total transformation‑inspiring complex change, enabling organizations to grow, building competitive advantage, and driving bottom‑line impact. To succeed, organizations must blend digital and human capabilities. Our diverse, global teams bring deep industry and functional expertise and a range of perspectives to spark change. BCG delivers solutions through leading‑edge management consulting along with technology and design, corporate and digital ventures—and business purpose. We work in a uniquely collaborative model across the firm and throughout all levels of the client organization, generating results that allow our clients to thrive. What You’ll Do The BCG FED Organization is seeking a skilled and detail‑oriented Senior Identity and Access Management (IAM) Engineer to strengthen our enterprise access control strategy across multiple platforms. In alignment with NIST 800‑171, CMMC, and other IT security frameworks, you will help manage and safeguard access to BCG systems and client environments as well as develop a sound IAM data strategy including API Management with BCG Inc systems. Responsibilities Management and enforcement of access control policies across SharePoint, MS Teams, and Azure Active Directory. Management of Identity information through APIs from other company source platforms. Design and implementation of secure permission models for case based collaboration platforms. Oversight of user account creation and access provisioning and de‑provisioning for internal and external employees, temporary and permanent. Develop and maintain IAM workflows and technical documentation to support system audits and compliance initiatives. Partner with Security, Compliance, IT and Engineering teams to define role‑based access and least privilege principles. Implement and maintain access governance rules and enforcement logic. Work with other teams that benefit from case related permissioning data. Conduct periodic access reviews, entitlement reporting, and audit remediation for Microsoft 365 and hybrid AD environments. Provide regular metrics and status updates on IAM operations, incidents, and improvement opportunities. Support identity lifecycle management processes including onboarding, transitions, and offboarding of users. Collaborate with engineering and cloud infrastructure teams to implement IAM controls and federated identity strategies. You’re Good At Navigating complex permission structures and aligning them with security best practices. Working independently and with cross‑functional teams. Managing competing priorities under deadlines while maintaining a high attention to detail. Troubleshooting access‑related issues across cloud and hybrid environments. Communicating clearly with both technical and non‑technical stakeholders. What You’ll Bring U.S. Citizenship required. A Bachelor's degree is required. 5–8+ years of experience in Identity and Access Management or Information Security roles. 3–5+ years of experience with Microsoft SharePoint and Teams permission management. Proficiency with Active Directory and Azure Active Directory (AAD), including Group Policy Objects (GPO) and RBAC. Strong understanding of IAM principles, including authentication, authorization, SSO, and federation. Experience in managing hybrid identity environments and integrating cloud services with on‑premises directories. Familiarity with PowerShell or scripting tools to automate IAM tasks and reporting. Working knowledge of IAM compliance requirements related to NIST 800‑171, CMMC, and IT general controls. Experience with API management. Experience with Microsoft security tools including Defender and Sentinel. Ability to obtain and maintain a Secret Security Clearance (if required). Who You’ll Work With BCG’s information technology group collaboratively delivers cutting‑edge digital solutions that enable our business to scale securely. You’ll work alongside experts in infrastructure, security, collaboration platforms, and identity systems to enforce secure access and protect BCG’s information assets. Additional Information At BCG, our people and relationships are at the heart of everything we do. We believe that in‑person work is essential to our culture, mentorship, and professional development. That’s why we operate on a hybrid model, with the expectation that team members will be in the office 3 to 5 days per week. This role is designed for those who thrive in a dynamic, collaborative environment and is not intended for remote or virtual work. Compensation Information Total compensation for this role includes base salary, annual discretionary performance bonus, retirement contribution, and a market‑leading benefits package described below. The base salary range for this role is $153,000 - $186,000. This is an estimated range and specific base salaries within the range depend on factors such as office location, experience, and skill set. It is not common for new BCG employees to be hired at the high‑end of the salary range. BCG regularly reviews its ranges to ensure market competitiveness. In addition to your base salary, your total compensation will include a discretionary bonus of up to 16% and a generous retirement contribution that starts at 5% and moves to 10% after 2 years. Benefits Zero dollar ($0) health insurance premiums for BCG employees, spouses, and children. Low $10 (USD) copays for trips to the doctor, urgent care visits, and prescriptions for generic drugs. Dental coverage, including up to $5,000 in orthodontia benefits. Vision insurance with coverage for both glasses and contact lenses annually. Reimbursement for gym memberships and other fitness activities. Fully vested retirement contributions made annually, whether you contribute or not, plus the option for employees to make personal contributions to a 401(k) plan. Paid parental leave and other family benefits such as elective egg freezing, surrogacy, and adoption reimbursement. Generous paid time off including 12 holidays per year, an annual office closure between Christmas and New Years, and 15 vacation days per year (earned at 1.25 days per month). Paid sick time on an as needed basis. Employees, spouses, and children are covered at no cost. Employees share in the cost of domestic partner coverage. Boston Consulting Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under national, provincial, or local law, where applicable, and those with criminal histories will be considered in a manner consistent with applicable state and local laws. BCG is an E‑Verify Employer. Click here for more information on E‑Verify. #J-18808-Ljbffr