Information Security Identity and Access Lead
Mount Vernon, Washington
Employer: Skagit Regional Health
Industry: Administrative Non-Clinical Support
Salary: Competitive
Job type: Full-Time
Department: Information Services SVH
Exempt: Yes
Schedule: DAYS
Position Type: Full Time 0.6 FTE or More
FTE: 1.000000
Base Wage: $ 44.64 to $ 66.96
Location: SRH Business Center
The information described in this job description has been designed to indicate the general nature of the work performed. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job.
Other information:
Job Summary
Reporting to the Regional Director of Information Security and Privacy, the Information Security Identity and Access Lead will be a senior member of the Information Security group and will ensure the end-to-end IAM design achieves a frictionless user experience across the Skagit Regional Health (SRH) enterprise. The IAM Lead will work closely with the Cyber Architect and the Cyber Risk Lead in developing the IAM vision, priorities, architecture and designs to meet Information Security best practices and regulatory and compliance requirements.
A key technical team member of numerous multi-year strategic initiatives including: M365 adoption, zero trust network access (ZTNA), privilege access management (PAM), and cloud-based clinical and business systems enterprise identity management integration.
Works effectively and cooperatively within the workplace. Location/Department specific tasks and competencies may apply.
Essential Functions
The IAM lead will collaborate with operational business units to understand IAM challenges and will drive a unified program for role-based access control, single sign-on, account federation, identity lifecycle and group management.
Responsible for the provisioning | de-provisioning of all systems with restricted information across SRH. The candidate manages and leads activities such IAM technology and process improvement projects, defining and implementing IAM operations measures and metrics, assigning IAM operational tasks and managing the IAM support escalation process as part of a three person IS Access team.
Create both short- and long-term enterprise IAM roadmaps, prioritize and manage programs and projects with an understanding of the organizational strategic and security requirements, technology context and business needs. Develop, present, and manage IAM metrics to continuously measure and improve the IAM program. Conducts on-going monitoring and auditing of security permissions.
Identify and act on opportunities to improve engagement with the business units. Work with other teams on effectively integrating IAM with diverse applications to achieve stronger and more consistent security and user experience. Supports the IS Access team to facilitate the coordination and delivery of user access to various applications (e.g. user account, Epic, Exchange, clinical and business applications, etc.).
Participate in rotating "on-call" schedule with other members within the Information Security department and carries a cell phone and/or pager. Complete all mandatory learning requirements in a timely manner. Attend and actively participate in all department, team and/or committee meetings. Comply with all Skagit Regional Health, department and location specific policies and procedures. Perform other duties as assigned.
Education
Bachelor's degree or equivalent experience required. Bachelor's degree preferred.
Experience/Training
7+ years of experience in a technical role, including 3+ years in information security required; healthcare experience highly desired.
License/Certifications
GIAC Security Essentials (GSEC), Systems Security Certified Practitioner (SSCP) or the CompTIA Advanced Security Practitioner (CASP+). One certification required or must be completed within 1 year.
Other Skills
Expert understanding of IAM concepts, including authentication, authorization, access controls, access control attacks, identity, and access provisioning life cycle. Must demonstrate knowledge of modern identity management protocols and the ability to learn new ways of thinking and technologies.
Administrator level experience with legacy technologies such as Active Directory, ADFS, PowerShell, LDAP, Windows Server, Kerberos, Radius, Imprivata OneSign and Confirm ID.
Knowledge of cloud technologies such as and Microsoft Entra ID, Entra Domain Services, Entra ID Protection, Entra ID Governance and Entra Cloud & Connect Sync, Kusto Query Language (KQL), OAuth2, SAML.
Solid understanding of the foundation and trends in Information Technology, Information Security, Risk Management, Governance, and Compliance. Demonstrated project management, organization, and facilitation skills.
Excellent communication and presentation skills. Effectively tailors communication for the audience; articulates technical issues in a clear and concise manner. Ability to think strategically, identify and understand how business/clinical needs translate into strategic directions, plans and solutions. Ability to professionally handle sensitive and confidential matters. High degree of initiative and ability to work with little supervision.
Physical Demands and Work Environment
This position is remote eligible. Must be able to work independently with little supervision in a home environment with privacy. The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job, the employee is regularly required to sit for long periods of time; when working in office. Repetitive tasks such as typing, sitting, answering phones, and interacting with computers and computer systems most of the day is a function of the position. Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception and ability to focus. This position requires working in an indoor, environmentally controlled environment when in the office.
Skagit Regional Health offers a comprehensive benefit package including medical, dental, vision, 457b/401a (retirement), long term disability, and paid time off to all employees holding an FTE of 20 or more hours per week. Eligible employees also receive sick time pay.
Exempt: Yes
Schedule: DAYS
Position Type: Full Time 0.6 FTE or More
FTE: 1.000000
Base Wage: $ 44.64 to $ 66.96
Location: SRH Business Center
The information described in this job description has been designed to indicate the general nature of the work performed. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job.
Other information:
Job Summary
Reporting to the Regional Director of Information Security and Privacy, the Information Security Identity and Access Lead will be a senior member of the Information Security group and will ensure the end-to-end IAM design achieves a frictionless user experience across the Skagit Regional Health (SRH) enterprise. The IAM Lead will work closely with the Cyber Architect and the Cyber Risk Lead in developing the IAM vision, priorities, architecture and designs to meet Information Security best practices and regulatory and compliance requirements.
A key technical team member of numerous multi-year strategic initiatives including: M365 adoption, zero trust network access (ZTNA), privilege access management (PAM), and cloud-based clinical and business systems enterprise identity management integration.
Works effectively and cooperatively within the workplace. Location/Department specific tasks and competencies may apply.
Essential Functions
The IAM lead will collaborate with operational business units to understand IAM challenges and will drive a unified program for role-based access control, single sign-on, account federation, identity lifecycle and group management.
Responsible for the provisioning | de-provisioning of all systems with restricted information across SRH. The candidate manages and leads activities such IAM technology and process improvement projects, defining and implementing IAM operations measures and metrics, assigning IAM operational tasks and managing the IAM support escalation process as part of a three person IS Access team.
Create both short- and long-term enterprise IAM roadmaps, prioritize and manage programs and projects with an understanding of the organizational strategic and security requirements, technology context and business needs. Develop, present, and manage IAM metrics to continuously measure and improve the IAM program. Conducts on-going monitoring and auditing of security permissions.
Identify and act on opportunities to improve engagement with the business units. Work with other teams on effectively integrating IAM with diverse applications to achieve stronger and more consistent security and user experience. Supports the IS Access team to facilitate the coordination and delivery of user access to various applications (e.g. user account, Epic, Exchange, clinical and business applications, etc.).
Participate in rotating "on-call" schedule with other members within the Information Security department and carries a cell phone and/or pager. Complete all mandatory learning requirements in a timely manner. Attend and actively participate in all department, team and/or committee meetings. Comply with all Skagit Regional Health, department and location specific policies and procedures. Perform other duties as assigned.
Education
Bachelor's degree or equivalent experience required. Bachelor's degree preferred.
Experience/Training
7+ years of experience in a technical role, including 3+ years in information security required; healthcare experience highly desired.
License/Certifications
GIAC Security Essentials (GSEC), Systems Security Certified Practitioner (SSCP) or the CompTIA Advanced Security Practitioner (CASP+). One certification required or must be completed within 1 year.
Other Skills
Expert understanding of IAM concepts, including authentication, authorization, access controls, access control attacks, identity, and access provisioning life cycle. Must demonstrate knowledge of modern identity management protocols and the ability to learn new ways of thinking and technologies.
Administrator level experience with legacy technologies such as Active Directory, ADFS, PowerShell, LDAP, Windows Server, Kerberos, Radius, Imprivata OneSign and Confirm ID.
Knowledge of cloud technologies such as and Microsoft Entra ID, Entra Domain Services, Entra ID Protection, Entra ID Governance and Entra Cloud & Connect Sync, Kusto Query Language (KQL), OAuth2, SAML.
Solid understanding of the foundation and trends in Information Technology, Information Security, Risk Management, Governance, and Compliance. Demonstrated project management, organization, and facilitation skills.
Excellent communication and presentation skills. Effectively tailors communication for the audience; articulates technical issues in a clear and concise manner. Ability to think strategically, identify and understand how business/clinical needs translate into strategic directions, plans and solutions. Ability to professionally handle sensitive and confidential matters. High degree of initiative and ability to work with little supervision.
Physical Demands and Work Environment
This position is remote eligible. Must be able to work independently with little supervision in a home environment with privacy. The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job, the employee is regularly required to sit for long periods of time; when working in office. Repetitive tasks such as typing, sitting, answering phones, and interacting with computers and computer systems most of the day is a function of the position. Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception and ability to focus. This position requires working in an indoor, environmentally controlled environment when in the office.
Skagit Regional Health offers a comprehensive benefit package including medical, dental, vision, 457b/401a (retirement), long term disability, and paid time off to all employees holding an FTE of 20 or more hours per week. Eligible employees also receive sick time pay.
Created: 2024-06-27
Reference: 4106
Country: United States
State: Washington
City: Mount Vernon