PAM and IGA Engineer

TITLE: Privileged Access Management (PAM) and Identity Governance and Administration (IGA) Engineer
DEPARTMENT: Information Security
LOCATION: Boston, MA

BAIN CAPITAL OVERVIEW

With approximately $185 billion of assets under management, Bain Capital is one of the world’s leading private investment firms. We create lasting impact for our investors, teams, businesses, and the communities in which we live. Over four decades we have strategically grown our platform to focus on Private Equity, Growth & Venture, Capital Solutions, Credit & Capital Markets, and Real Assets. Today, our team includes 1,880+ employees in 24 offices on four continents.

We partner differently to help people and companies embrace possibility and realize potential. Founded as a private partnership in 1984, we have fostered a culture of innovation, entrepreneurialism, and agility, empowering our people to define and own their career trajectories. Today, our partnership approach enables us to pursue strategic growth, build enduring relationships with a robust external network, and collaborate across our integrated platform to connect the deep and diverse expertise that unlocks breakthrough insights.

Our people are the heart of our advantage. Colleagues at all levels have a seat at the table as they tackle business challenges with a principal investor mindset. By asking incisive questions, respectfully challenging one another, and remaining intellectually agile, we work together to achieve exceptional outcomes. 

For more information visit: Bain Capital

DESCRIPTION

The PAM and IGA Engineer will be responsible for managing and advancing Bain Capital’s PAM and Identity Governance and Administration programs. This role will focus on ensuring secure access control to critical systems while implementing governance best practices for identity lifecycle management. The ideal candidate will have deep expertise in PAM technologies such as Delinea (Thycotic) and Okta, along with experience in IGA tools to drive automation and compliance.

This position requires close collaboration with various departments to enhance access security, enforce least privilege policies, and support audit and compliance initiatives. We are seeking a proactive, passionate, and technically skilled individual to join our high-performing Information Security team.

KEY RESPONSIBILITIES

Privileged Access Management (PAM)

• Administer, configure, and maintain Delinea (Thycotic) and Okta to enforce privileged access policies.
• Monitor and manage PAM systems, ensuring security, availability, and optimal performance.
• Support service account, administrator, and application credential management within PAM solutions.
• Implement least privilege access principles across Windows, Linux, cloud, and SaaS environments.
• Automate privilege elevation workflows and integrate PAM solutions with SIEM, ITSM, and other security tools.
• Provide subject matter expertise on PAM strategy, architecture, and improvements.
• Conduct regular audits and access reviews to ensure compliance with security policies and regulatory requirements.

Identity Governance and Administration (IGA)

• Support the implementation and management of IGA processes for user lifecycle automation.
• Maintain role-based access control (RBAC), attribute-based access control (ABAC), and access review processes.
• Manage joiner, mover, leaver (JML) workflows to ensure proper provisioning and deprovisioning of accounts.
• Collaborate with IT and security teams to integrate identity governance into existing applications.
• Monitor and remediate orphaned accounts, access anomalies, and policy violations.
• Develop and maintain reports and dashboards for audit, compliance, and risk analysis.

General IAM & Security Responsibilities

• Partner with IT and Security teams to ensure seamless integration of PAM and IGA solutions.
• Assist with SSO integrations and enforce authentication standards across enterprise applications.
• Provide guidance on IAM best practices, security policies, and regulatory compliance (e.g., SOX, NIST 2.0, CIS).
• Contribute to the roadmap, architecture, and enhancements of the IAM, PAM, and IGA programs.
• Support incident response and forensics activities related to identity-based threats.

QUALIFICATIONS & REQUIREMENTS

• 2-4+ years of experience in Information Security with a focus on Privileged Access Management (PAM) and Identity Governance (IGA).
• Strong hands-on experience with Delinea (Thycotic), Okta, AWS IAM, and other IAM/PAM solutions.
• Experience managing identity lifecycle automation, role-based access control (RBAC), and access certification.
• Solid understanding of authentication protocols such as OAuth, SAML, LDAP, and SCIM.
• Experience integrating PAM and IGA with cloud platforms (AWS and Azure) and enterprise applications.
• Familiarity with compliance frameworks (SOX, ISO 27001, NIST, CIS) and regulatory IAM requirements.
• Scripting and automation skills (e.g., PowerShell, Python, Terraform) are a plus.
• Strong problem-solving, analytical, and communication skills with the ability to work independently and collaboratively.
• Certifications such as CISSP, CISM, GIAC (GCIH, GCIA), or vendor-specific PAM/IAM certifications are highly desirable.