PURPOSE STATEMENT:

We are seeking a skilled Sr. Identity & Access Management (IAM) Analyst to join our team in Franklin, TN. The first 90 days in this role will be fully in-person to ensure comprehensive onboarding and training. After the initial period, the position will transition to a hybrid model, with 2 days remote and 3 days in the office each week. 

The Senior Identity & Access Management (IAM) Analyst is an essential member of the IT Cybersecurity team, responsible for implementing, managing, and supporting IAM solutions to ensure secure access to systems and applications, safeguard patient data, and protect sensitive information. This role involves advanced monitoring and reporting, conducting access reviews, and resolving complex IAM issues. The Senior IAM Analyst collaborates closely with other IT and security teams, assists in policy development, and provides mentorship to junior analysts. This position requires advanced technical skills, strong problem-solving abilities, and a commitment to delivering high-quality IAM services that align with organizational goals and regulatory requirements.

ESSENTIAL FUNCTIONS:

1. IAM Implementation & Management
   • Lead the implementation and configuration of advanced IAM solutions and technologies, including identity provisioning, access management, single sign-on (SSO), multi-factor authentication (MFA), and privileged access management (PAM), to meet business requirements and security standards.
   • Administer identity and access management systems, including user provisioning, de-provisioning, and access controls, to maintain system integrity and security.
   • Manage Active Directory object administration and security, including users, groups, and OUs, ensuring proper configuration and compliance.
   • Support planning and redesign activities involving the SAF process and Ivanti, ensuring effective user acceptance testing and deployment.
2. Risk Management & Incident Response
   • Conduct in-depth analysis of IAM-related metrics, logs, and events to identify security incidents, anomalies, and trends, and recommend measures to enhance detection, response, and prevention capabilities.
   • Conduct regular risk assessments and security audits to identify vulnerabilities and recommend remediation measures.
   • Monitor and analyze user access patterns to identify potential security risks or violations.
   • Provide advanced technical support and troubleshooting for IAM systems, resolving complex issues, investigating root causes, and implementing corrective actions to ensure system availability and performance.
3. Governance & Policy Development
   • Maintain and enforce IAM policies, standards, and procedures, ensuring compliance with healthcare regulations such as HIPAA, HITECH, and state privacy laws, as well as industry standards and best practices.
   • Participate in IAM-related projects and initiatives, including system upgrades, enhancements, and integrations, providing technical expertise, testing support, and comprehensive documentation.
   • Lead or contribute to the evaluation, selection, and implementation of new IAM technologies, tools, and solutions to enhance security, improve efficiency, and support business objectives.
4. Cross-Functional Collaboration
   • Collaborate with cross-functional teams, including IT, Cybersecurity, compliance, and business units, to assess IAM requirements, design solutions, and address technical challenges in support of business initiatives.
   • Engage with internal stakeholders and external vendors to integrate IAM solutions with other IT systems and applications, ensuring seamless interoperability and enhanced security.
5. Mentorship & Training
   • Mentor and coach junior team members, providing advanced training on identity management concepts, tools, and technologies to build internal capabilities and expertise.
   • Lead by example, fostering a culture of continuous learning and professional development within the IAM team.

STANDARD EXPECTATIONS:

• Complies with organizational policies, procedures, performance improvement initiatives and maintains organizational and industry policies regarding confidentiality.
• Communicate clearly and effectively to person(s) receiving services and their family members, guests and other members of the health care team.
• Develops constructive and cooperative working relationships with others and maintains them over time.
• Encourages and builds mutual trust, respect and cooperation among team members.

EDUCATION/EXPERIENCE/SKILL REQUIREMENTS:

• Bachelor’s degree or equivalent work experience.
• Minimum 5 years in an IAM role.
• Experience managing IAM systems and infrastructure in complex, multi-site environments.
• Working knowledge of various Windows client operating systems.
• Strong problem-solving skills with the ability to analyze complex issues, troubleshoot technical problems, and implement effective solutions in a timely manner.
• Proficiency in common information security management frameworks, such as ITIL, Center for Internet Security (CIS), Critical Security Controls (CSC), and NIST, including 800-63 and relevant ISSO/IEC standards.
• Advanced scripting skills (e.g., PowerShell, Python) for automating IAM tasks.
• Experience conducting IAM audits and implementing security controls.
• Proficiency with IAM tools and technologies (e.g., SailPoint, Okta, Microsoft Azure AD, CyberArk).
• Understanding of authentication and authorization protocols (e.g., SAML, OAuth, OpenID Connect).
• Extensive experience with directory services (e.g., Active Directory, LDAP).
• Experience with cloud IAM and hybrid environments is a plus.
• Ability to work professionally with sensitive, proprietary data & information while maintaining confidentiality.
• Excellent interpersonal skills including the ability to interact effectively and professionally with individuals at all levels; both internal and external.
• Ability to work independently and collaboratively in a fast-paced environment, manage multiple priorities, and deliver results under pressure while maintaining a focus on quality and compliance.
• Self-motivated with strong organizational skills and superior attention to detail.
• Capable of working within established policies, procedures, and practices prescribed by the organization.
• Proficient in English to provide and receive instructions and directions.
• Dedicated to professional growth and continuous learning, staying current with industry trends, best practices, and emerging technologies in IAM and healthcare security.

• Ability to work professionally with sensitive, proprietary data & information while maintaining confidentiality.
• Excellent interpersonal skills including the ability to interact effectively and professionally with individuals at all levels; both internal and external.
• Ability to work independently and collaboratively in a fast-paced environment, manage multiple priorities, and deliver results under pressure while maintaining a focus on quality and compliance.
• Self-motivated with strong organizational skills and superior attention to detail.
• Capable of working within established policies, procedures, and practices prescribed by the organization.
• Proficient in English to provide and receive instructions and directions.
• Dedicated to professional growth and continuous learning, staying current with industry trends, best practices, and emerging technologies in IAM and healthcare security.

LICENSES/DESIGNATIONS/CERTIFICATIONS:

• Certifications: Desired but not required: CompTIA A+, CompTIA Security+, Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), other IAM-related certifications

SUPERVISORY REQUIREMENTS:  This position is an Individual Contributor

AHCORP

#LI-AH