Jobs · Information Technology

Identity and Access Management Engineer

Fortified Health Security · United States · 1 wk ago
RemoteRemoteInformation TechnologyFull-time

Job Summary

The Identity and Access Management (IAM) Engineer is responsible for the implementation, administration, support, and continuous improvement of the health system’s identity security and access management technologies. This role ensures that workforce members, contractors, vendors, clinicians, and other authorized users are granted appropriate access to systems and data while maintaining compliance with organizational policies, regulatory requirements, and cybersecurity best practices. The IAM Engineer works closely with Information Security, Information Technology, Human Resources, Clinical Informatics, and application owners to support identity lifecycle management, authentication services, privileged access management, and access governance initiatives. The position plays a critical role in protecting patient information, reducing identity-related risks, and supporting secure access across on-premises, cloud, and clinical technology environments.

Essential Job Functions

  • Responsible for AD Group Lifecycle, SSO/MFA Onboarding, Privileged Access Workflows, JML Automation
  • Specific Project Focus on Identity Governance Rollout, PAM Implementation, APP Onboarding
  • Owns enterprise identity and access management operations, including RBAC governance, privileged access management, identity lifecycle, service account governance, and compliance with HIPAA identity security requirements.
  • Administers and supports enterprise identity and access management platforms and services. Implements and maintains identity lifecycle management processes, including provisioning, modification, and deprovisioning of user accounts. Supports role-based access control (RBAC) and least-privilege access models across enterprise systems and applications.
  • Administers and supports authentication technologies, including single sign-on (SSO), multi-factor authentication (MFA), and federation services. Configures and maintains identity governance and administration (IGA) solutions and automated access workflows.
  • Supports privileged access management (PAM) solutions, including privileged account onboarding, credential vaulting, session monitoring, and access reviews. Collaborates with Human Resources, application owners, and IT teams to ensure timely and accurate access provisioning and termination processes.
  • Performs periodic user access reviews, entitlement reviews, and certification activities to support compliance requirements. Investigates and resolves IAM-related incidents, access issues, authentication failures, and account management requests.
  • Affords assistance with implementation and maintenance of Microsoft Entra ID, Active Directory, LDAP, and related identity services. Supports integration of enterprise applications with identity platforms using SAML, OAuth, OpenID Connect, SCIM, and related protocols.
  • Participates in cybersecurity incident response activities involving identity compromise, unauthorized access, or privileged account misuse. Develops and maintains IAM documentation, standards, procedures, and operational runbooks. Assists with audit requests, compliance assessments, and regulatory reviews related to access management controls.
  • Supports cloud identity security initiatives across Microsoft 365, Azure, AWS, and other enterprise platforms. Monitors IAM systems for operational health, security risks, and policy compliance. Participates in IAM modernization projects and continuous improvement initiatives.
  • Stays current on identity security trends, threats, technologies, and industry best practices.

Knowledge & Skills

  • Education & Experience: Bachelor's degree in Information Technology, Information Security, Computer Science, Information Systems, or a related field required. Minimum of 3 to 5 years of experience supporting identity and access management, directory services, cybersecurity, or enterprise infrastructure technologies.
  • Experience: Administering Microsoft Active Directory, Microsoft Entra ID (Azure AD), and enterprise authentication platforms. Implementing and supporting single sign-on (SSO) and multi-factor authentication (MFA) technologies. Supporting identity governance, access provisioning, and access certification processes. Experience working with privileged access management (PAM) technologies preferred.
  • Special Skills & Knowledge: Strong understanding of identity and access management principles, methodologies, and best practices. Knowledge of identity lifecycle management processes, including onboarding, transfers, role changes, and offboarding. Expertise with Microsoft Active Directory, Microsoft Entra ID, LDAP, and directory services administration. Understanding of authentication and authorization technologies, including SAML, OAuth 2.0, OpenID Connect, Kerberos, and LDAP. Knowledge of single sign-on (SSO), multi-factor authentication (MFA), and federation technologies. Familiarity with identity governance and administration (IGA) solutions and access certification processes. Knowledge of privileged access management (PAM) concepts and technologies. Understanding of role-based access control (RBAC), attribute-based access control (ABAC), and least-privilege principles. Familiarity with Microsoft 365 security controls, Conditional Access policies, and identity protection capabilities. Knowledge of cloud identity architectures and hybrid identity environments. Understanding of healthcare cybersecurity requirements and protection of electronic protected health information (ePHI). Familiarity with audit, compliance, and regulatory requirements related to access management controls. Strong analytical and troubleshooting skills related to authentication, authorization, and account management issues. Ability to interpret access control requirements and translate them into technical solutions. Strong written and verbal communication skills. Ability to document technical procedures, workflows, and system configurations. Ability to work collaboratively with technical teams, business stakeholders, and clinical departments. Strong organizational skills with the ability to manage multiple priorities and projects simultaneously. Commitment to continuous professional development and staying current with evolving identity security threats and technologies. Ability to explain IAM concepts and security requirements to both technical and non-technical audiences.

Licenses, Certifications, etc.

  • Professional certifications such as Security+, Identity and Access Administrator Associate (SC-300), Azure Administrator (AZ-104), CISSP (Associate), CISM, or equivalent preferred.

Requirements

  • Supervisory Responsibility: N/A

Working Conditions & Travel Requirements

  • Hybrid in Austin, TX or Nashville, TN.
  • Travel as needed.

Fortified Health Security is an Equal Opportunity Employer.

Similar jobs