IAM Specialist - Privileged Access Management (PAM)

Description Senior/Lead Identity and Access Management Specialist (PAM focus) 25 Amica Way, Lincoln, RI 02865 Thank you for considering Amica as part of your career journey, where your future is our business. At Amica, we strive to build a culture of belonging where employees are encouraged to share their unique experience to enrich our workplace, strengthen our company’s mission and broaden our vision of what’s possible. We’re focused on creating a workplace that works for all. We’ll continue to provide training, guidance, and resources to make Amica a true place of belonging for all employees. Want to learn more about our commitment to diversity, equity, and inclusion? Visit our DEI page to read about it! As a mutual company, our people are our priority. We seek differences of opinion, life experience and perspective to represent the diversity of our policyholders and achieve the best possible outcomes. This is a full-time position based on a 37.5-hour work week. The starting annual salary is between $94,748 - $145,985 based on the level of previous experience. In addition, hired applicants will be eligible for the company’s annual variable incentive paid based on company performance. This role is open to full-time remote work, or hybrid onsite in our Lincoln, RI office. Our normal business hours are Monday – Friday, 8am – 5pm Eastern Time. This position is open to senior levels of experience. Entry-level candidates are not eligible. This role does not currently offer employment visa sponsorship. This posting is anticipated to be closed on July 12th, 2026. Position Summary Our Lincoln, RI office is seeking a Senior/Lead Identity and Access Management (IAM) Specialist who will support identity and access management operations including application onboarding of user access provisioning (both birthright and requestable roles), access certification campaigns, and privileged access management controls.

Responsibilities

• Handle the implementation, configuration, upgrade, and maintenance of Identity and Access Management platforms that provision access, recertify access, and vault privileged access credentials to support business requirements at an optimum level.
• Lead the installation, deployment and upgrade of CyberArk components, including Vault (EPV), CPM (Central Policy Manager), PVWA, and PSM, across environments (Dev/Test/Prod).
• Manage CyberArk services and components health, including resolving issues with CPM jobs, platform failures, and password reconciliation.
• Gather and document requirements for onboarding applications into IAM platforms.
• Map access models and support integration activities based on requirements for onboarding into IAM platforms.
• Administer user access provisioning and deprovisioning activities in accordance with established IAM policies and procedures.
• Coordinate and execute access recertification campaigns, including tracking completion, resolving issues, and validating results for audit readiness.
• Define, document, and maintain role-based access control (RBAC) models, including roles, entitlements, and inheritance structures.
• Administer privileged access management (PAM) processes, including provisioning, credential management, and validation of elevated access.
• Create, maintain, and validate IAM documentation, including application onboarding artifacts, entitlement definitions, and audit evidence.
• Monitor and manage IAM request queues, ensuring adherence to service level agreements (SLAs) and timely resolution of requests.
• Identify and escalate access control issues or risks.
• Collaborate with application owners, business stakeholders, and security teams to gather requirements and implement access controls.
• Communicate access decisions, risks, and IAM processes clearly and effectively across technical and non-technical stakeholders.
• Share knowledge, document processes, and provide guidance to team members to promote consistency and operational excellence.
• Support and contribute to cross-functional IAM initiatives, ensuring alignment with enterprise security and governance objectives.
• Continuously develop knowledge of IAM tools, technologies, and best practices, applying learnings to daily responsibilities.
• Diagnose and resolve access-related issues, including provisioning errors, entitlement conflicts, and policy violations.
• Identify opportunities to improve IAM processes, workflows, and automation to increase efficiency and reduce risk.
• Apply risk-based analysis to access decisions, ensuring alignment with security policies and regulatory requirements.
• Foster a culture that values learning and creativity both individually and as a team.
• May be called upon to handle other duties as required.

Requirements

• Bachelor's or 6+ years’ experience or, an equivalent combination of education and experience sufficient to successfully perform the essential functions of the job.
• Demonstrates deep expertise in Identity & Access Management (IAM), including access provisioning, RBAC, identity governance, and privileged access management, to successfully perform the essential functions of the job.
• Experience in object-oriented programming and scripting using Java, Python, SQL or PowerShell.
• Experience in PAM with preference of CyberArk.
• Hands-on experience leveraging AI and large language models (LLMs) to automate processes, enhance decision-making, or improve operational efficiency.
• Strong communication and interpersonal skills across all levels of the organization. Able to listen attentively and ask relevant questions with the intention of being able to accurately understand and restate the opinions of others. Focus on the customer and their needs, maintaining effective relationships.
• Excellent problem-solving skills, with the ability to troubleshoot complex platform and pipeline issues.
• Able to take control of difficult situations and handle them across both IT and business units effectively.
• Perseveres even during resistance and setbacks until all tasks are complete.
• Capable of managing large complex assignments and problem resolution with a focus on a successful outcome.
• Strives for continuous improvement in the areas of innovation, quality, productivity and documentation.
• Committed to increasing functional and technical knowledge, and continuous learning, including, but is not limited to self-teaching, training sessions or seminars with a focus on expanding knowledge beyond the current role including leadership and emerging technologies. Keeps abreast of new systems and impacts.

Total Rewards

• Medical, dental, vision coverage, short- and long-term disability, and life insurance
• Paid Vacation – you will receive at least 13 vacation days in the first 12 months, amounts could be greater depending on the role. While able to use prior to accrual, vacation time will accrue monthly.
• Holidays - 14 paid holidays observed
• Sick time - 6 days sick time at hire, 6 additional days sick time at 90 days of employment
• Generous 401k with company match and immediate vesting. Additionally, annual 3% non-elective employer contribution
• Annual Success Sharing Plan - Paid to eligible employees if company meets or exceeds combined ratio, growth and/or service goals
• Generous leave programs, including paid parental bonding leave
• Student Loan Repayment and Tuition Reimbursement program
• Generous fitness and wellness reimbursement
• Employee community involvement
• Strong relationships, lifelong friendships
• Opportunities for advancement in a successful and growing company

Amica conducts background checks which includes a review of criminal, educational, employment and social media histories, and if the role involves use of a company vehicle, a motor vehicle or driving history report. The background check will not be initiated until after a conditional offer of employment is made and the candidate accepts the offer. Qualified applicants with arrest or conviction records will be considered for employment. The safety and security of our employees and our customers is a top priority. Employees may have access to employees’ and customers’ personal and financial information in order to perform their job duties. Candidates with a criminal history that imposes a direct or indirect threat to our employees’ or customers’ physical, mental or financial well-being may result in the withdrawal of the conditional offer of employment. About Amica Amica Mutual Insurance Company is America’s oldest mutual insurer of automobiles. A direct national writer, Amica also offers home, marine and umbrella insurance. Amica Life Insurance Company, a wholly owned subsidiary, provides life insurance and retirement solutions. Amica was founded on the principles of creating peace of mind and building enduring relationships for and with our exceptionally loyal policyholders, a mission that thousands of employees in offices nationwide share and support. Equal Opportunity Policy: All qualified applicants who are authorized to work in the United States will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity, gender expression, sexual orientation, family status, ethnicity, age, national origin, ancestry, physical and/or mental disability, mental condition, military status, genetic information or any other class protected by law. The Age Discrimination in Employment Act prohibits discrimination on the basis of age with respect to individuals who are 40 years of age or older. Employees are subject to the provisions of the Workers' Compensation Act. Amica Mutual Insurance Company is committed to protecting job seekers from recruitment fraud. We never request sensitive personal information or payment during the interview process. All legitimate job opportunities are listed on our official careers site: https://careers.amica.com. Learn more in the "Is Amica hiring?" section of our FAQ. [email protected] 800-652-6422 ext. 24733 rp