Senior IAM Engineer – Identity Governance & Administration

The RoleModerna is seeking a Senior IAM Engineer with expertise in Identity Governance & Administration (IGA) to help design, build, and scale our identity governance capabilities across the enterprise.This role combines technical leadership with hands-on engineering, focused on access governance, identity lifecycle management, and provisioning across a complex, highly regulated environment. You will play a key role in establishing scalable and secure identity governance processes and integrating them across Moderna’s technology landscape.You’ll partner closely with IAM, Cybersecurity, Compliance, and application teams to deliver identity solutions that are secure, scalable, and aligned with business needs.Here’s What You’ll Do•  Serve as a senior technical leader and hands-on engineer for Identity Governance & Administration (IGA), contributing to both platform strategy and engineering execution •  Lead and actively contribute to the design, implementation, and continuous improvement of identity governance capabilities, including: Access request and approval workflows Identity lifecycle management (Joiner/Mover/Leaver processes) Access certifications and recertifications Role-based access control (RBAC) and access policies •  Design and implement scalable provisioning and deprovisioning solutions across enterprise systems and applications •  Partner with business stakeholders and application owners to gather requirements and translate them into technical designs and governance models •  Integrate IAM/IGA solutions with enterprise systems, including Active Directory, Entra ID, Okta, and SaaS applications •  Develop and maintain workflows, automation, and integrations using APIs, scripting, and modern identity standards (e.g., SCIM, REST APIs) •  Troubleshoot complex access, provisioning, and identity governance issues across systems and platforms •  Evaluate the current identity governance landscape, identify gaps, and drive improvements in security, scalability, and user experience •  Establish and support governance processes aligned with regulatory and audit requirements (e.g., GxP, SOX), including access reviews and policy enforcement •  Develop documentation, standards, and runbooks to support consistency, scalability, and audit readiness •  Collaborate with cybersecurity, infrastructure, and compliance teams to align identity governance controls with enterprise security strategy •  Stay current with industry trends, emerging technologies, and best practices in IAM and identity governanceHere’s What You’ll Need (Minimum Qualifications)Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience)8+ years of experience in IT, cybersecurity, or identity engineering5+ years of experience in Identity and Access Management (IAM), with strong exposure to Identity Governance & Administration (IGA)Hands-on experience implementing or supporting IGA capabilities such as lifecycle management, provisioning, and access certificationsExperience integrating IAM solutions with enterprise systems and applications (e.g., Active Directory, Entra ID, Okta, SaaS platforms)Experience with identity lifecycle processes, including provisioning, deprovisioning, and role-based access controlExperience working with APIs, automation, and scripting (e.g., PowerShell, JSON, REST APIs)Strong understanding of identity security principles, including least privilege, Zero Trust, and access governanceExperience working in complex, fast-paced environments with the ability to manage multiple prioritiesHere’s What You’ll Bring to the Table (Preferred Qualifications)Experience implementing one or more IGA platforms (e.g., SailPoint, Saviynt, Omada, One Identity)Experience supporting or leading IGA platform selection efforts, including participation in RFP/RFI processes, vendor evaluations, and proof-of-concept (POC) activitiesExperience designing and implementing access certification programs, governance models, and role frameworks (RBAC/ABAC)Experience with ServiceNow or similar platforms for access request workflows and automationFamiliarity with identity architecture in hybrid environments (on-prem and cloud)Experience working in regulated environments (GxP, SOX, or similar)Strong understanding of identity governance best practices and industry frameworksExperience with automation tools and scripting (PowerShell, APIs, etc.)Relevant certifications such as CISSP, CISM, or IAM/IGA-related certificationsStrong analytical, problem-solving, and communication skills, with the ability to influence both technical and non-technical stakeholdersA desire to make an impact as part of a high-growth, transformational company that is Bold, Relentless, Curious, and CollaborativePay & BenefitsAt Moderna, we believe that when you feel your best, you can do your best work.  That’s why our US benefits and global well-being resources are designed to support you—at work, at home, and everywhere in between.Best-in-class healthcare coverage, plus voluntary benefit programs to support your unique needsA holistic approach to well-being, with access to fitness, mindfulness, and mental health supportFamily planning benefits, including fertility, adoption, and surrogacy supportGenerous paid time off, including vacation, volunteer days, sabbatical, global recharge days, and a discretionary year-end shutdownSavings and investment opportunities to help you plan for the futureLocation-specific perks and extrasThe salary range for this role is $130,800.00 - $209,400.00. This is the lowest to highest salary we in good faith believe we would pay for this role at the time of this posting. An individual’s position within the salary range will be based on several factors including, but not limited to, specific competencies, relevant education, qualifications, certifications, experience, skills, performance, and business or organizational needs. The successful candidate may be eligible for an annual discretionary bo