Identity and Access Management Architect - Hybrid
Yale New Haven Health · Stratford, CT · 3 mo ago
On-siteArt & CreativeFull-time
About the role
The Identity and Access Management Architect (IAM) is responsible for the lifecycle planning, design, installation and support of the corporate security strategy, architecture, and practices. They lead the definition and execution of the organization’s IAM strategy, aligning with the overall enterprise security and technology roadmap.
Responsibilities
- Evaluate, architecture and deliver advanced technology solutions while demonstrating a high degree financial awareness and consideration of final objectives.
- Determine requirements, develop, and recommend security solutions, capabilities, and controls that are aligned with business objectives, technology, and threat drivers.
- Evaluate, assess, and recommend improvements to statements of work and proposals from vendors to ensure that adequate security protections are in place for security-related deficiencies and required "user controls," and report any findings to the CISO and vendor management teams.
- Develop and maintain security architecture, design, and roadmap documents. Develop and present detailed strategies, designs, and implementation plans to management.
- Deliver complex customized designs and solutions aligned to defense in depth strategies by self and by collaborating with peers, vendors, and stakeholders.
- Test, evaluate, and review security technologies, tools, and services aligned to business goals and make recommendations to the broader security team for their use based on security, financial and operational metrics.
- Track developments and changes in the digital business and threat environments to ensure that the YNHHS healthcare applications’ landscape is adequately protected by existing security controls.
- Set technical direction, scope, quality metrics, planning, execution and closing of technical projects.
- Determine baseline security configuration standards for operating systems, applications, network segmentation, and identity and access management.
- Provide high level of technical skill to enable resolution of complex security and identity and access related technology problems throughout the project lifecycle.
- Work collaboratively across technical, customer, and management constituencies to ensure a quality and timely service delivery.
- Perform other job duties and responsibilities as assigned.
Qualifications
- Bachelor's degree in Computer Science or related discipline and/or extensive technical training and related experience.
- At least ten (10) years of experience in a technical services function in a complex distributed enterprise network and application environment.
- Hands-on experience in managing and designing IAM technologies and services (e.g. SailPoint IdentityIQ, Active Directory / EntraID IAM solutions in a large environment is required).
- Ability to automate complex access management and authentication policies for on-prem and cloud hosted applications at an expert level required.
- Skilled at collaborating with peers and socializing IAM governance and strategy with senior leadership and executives.
- Working knowledge of Microsoft Purview, Azure IaaS security and data protection controls (e.g. data loss, encryption, conditional access, data classification).
- Experienced in the following areas: security architecture, design, implementation, and integration management for full stack IT infrastructure (applications, scripting, databases, operating systems, hardware, IP network, and test planning in a dynamic continuous improvement environment).
- Licensure: Certified Information Systems Security Professional (CISSP) certification or within 12-24 months in role, Microsoft Azure security certifications technologies and SailPoint Identity management experience required. Sailpoint IdentityIQ certification is desirable.