IT Security Engineer II - Identity and Access Management
Endeavor Health · Skokie, IL · 4 mo ago
Information Technology$46.64–$72.29/hrFull-time
Position Highlights
Position: IT Security Engineer II- Identity Access and Management
Location: 4901 Searle Pkwy Skokie
Full Time Hours: Monday-Friday, 8am to 4:30pm
Hybrid Job Summary: The IAM Security Engineer II serves as a senior technical resource responsible for designing, implementing, and supporting Identity and Access Management solutions that ensure secure and compliant access to Endeavor Health systems and data.
Responsibilities
- Lead the configuration, integration, and management of IAM solutions across the organization.
- Design and configure role-based access and attribute-based access controls for automation and birthright access.
- Configure and manage access certification campaigns for entitlements, roles, and elevated access for regulatory compliance needs.
- Implement and support privileged access controls using solutions like Delinea or MS Entra PIM for admin accounts, break-glass access, and clinical application elevated privileges.
- Enforce multi-factor authentication (MFA) and just-in-time access for privileged accounts.
- Create scripts, APIs, and workflows to streamline access user lifecycle management.
- Ensure IAM systems meet HIPAA, HITRUST, PCI, DSS, NIST CSF, and other healthcare regulatory requirements.
- Configure and support Single Sign-on (SSO) integrations using SAML, OAuth, or OpenID Connect for internal and third-party applications.
- Participate in security incident response, including rapid access revocation and forensic investigations.
- Serve as a technical mentor for junior IAM engineers and analysts.
- Lead complex IAM projects and act as a subject matter expert for cross-functional initiatives.
- Socialize strategies, standards, policies, procedures, communications, and awareness efforts with business partners.
- Participate in reviews of new or existing systems to ensure IAM requirements are satisfied, prior to implementation, including performing pre-deployment and as-built risk assessments.
- Design policies and standard operational procedures (SOP) as required for IAM, PAM, and access management solutions.
Requirements
- Educational Background: Bachelor’s Degree, or equivalent, in a technical discipline, or a corresponding educational background with professional-level security certifications relevant to the role.
- Certification: One advanced, professional, or expert-level security certification.
- Experience: Minimum three (3) years of mid-level Cybersecurity experience at an analyst or engineer level.
- Unique or Preferred Skills: Previous experience leading, supporting, managing, and administering at least one application. Previous experience leading security projects and initiatives. Expertise in HIPAA, HITRUST, and NIST security controls. Strong understanding of modern authentication protocols (SAML, OAuth, OpenID Connect, LDAP). Knowledge of RBAC/ABAC design and governance in a healthcare setting. Familiarity with IAM integrations for EPIC and other cloud-based healthcare applications. Excellent communication skills, with the ability to work effectively with technical and non-technical stakeholders. Experience with ADUC active directory users and computers. Strong analytical and problem-solving skills with attention to detail. Ability to work independently with minimal oversight on a broad range of IAM projects and initiatives. Deep understanding of IAM security principals and best practices, including principal of least privileges, defense in depth, Zero Trust, and separation of duties.
Benefits
- Incentive pay for select positions
- Opportunity for annual increases based on performance
- Career Pathways to Promote Professional Growth and Development
- Variety of Medical, Dental, Pet and Vision options
- Tuition Reimbursement
- Free Parking
- Wellness Program
- Savings Plan
- Health Savings Account Options
- Retail Options with Company Match
- Paid Time Off and Holiday Pay
- Community Involvement Opportunities