Leads the strategic and operational functions of the IAM program within Northern Arizona Healthcare. Ensures the secure and efficient management of digital identities, access privileges, and authentication mechanisms to safeguard sensitive healthcare data and comply with regulatory requirements such as HIPAA and NIST.Oversees implementing, maintaining, and enhancing IAM solutions, policies, and procedures, working closely with IT, Compliance, and Clinical departments to balance security with operational efficiency. Manages a team of IAM Analysts, providing guidance and leadership in identity governance, privileged access management, and authentication strategies. |
Team Leadership & Stakeholder Collaboration • Leads, mentor, and develop a team of IAM professionals, fostering a culture of continuous improvement and knowledge sharing.• Leads, mentor, and develop a team of IAM professionals, fostering a culture of continuous improvement and knowledge sharing. • Acts as a subject matter expert (SME) on IAM best practices, guiding IT, and business teams. • Works closely with HR, Compliance, and IT leadership to ensure alignment between IAM strategies and organizational objectives. Travels for conferences, training, or vendor meetings as needed. • Acts as a subject matter expert (SME) on IAM best practices, guiding IT, and business teams. • Works closely with HR, Compliance, and IT leadership to ensure alignment between IAM strategies and organizational objectives. Travels for conferences, training, or vendor meetings as needed. |
IAM Program Leadership & Strategy • Develops, implements, and maintains a comprehensive IAM strategy aligned with organizational goals, security policies, and regulatory requirements. • Oversees the design and execution of IAM policies, procedures, and standards to ensure secure access to systems, applications, and data. • Collaborates with IT, Compliance, and HR teams to ensure identity lifecycle management processes (onboarding, offboarding, and role changes) are automated, secure, and efficient. • Leads efforts to modernize IAM capabilities, including the adoption of Zero Trust principles, passwordless authentication, and cloud IAM strategies. |
Identity Lifecycle & Access Control • Manages identity governance and administration (IGA) processes, enforcing appropriate role-based access control (RBAC) and least privilege principles. • Oversees provisioning and de-provisioning processes to prevent unauthorized access and ensure compliance with internal policies and external regulations. • Maintains an effective role-based access control framework and continuously refine it to align with organizational changes. • Leads initiatives to integrate IAM with electronic health records (EHR) systems, cloud platforms, and third-party applications. |
IAM Technology & System Oversight • Oversees the deployment, maintenance, and enhancement of IAM technologies, including identity governance tools, single sign-on (SSO), directory services, and access management solutions. • Works with vendors and service providers to optimize IAM technologies, ensuring seamless integration and operational efficiency. • Monitors IAM system performance and lead troubleshooting efforts to resolve authentication or access issues. |
Privileged Access Management (PAM) & Authentication • Implements and manage privileged access management (PAM) solutions to safeguard high-risk accounts and critical systems. • Enforces multi-factor authentication (MFA) policies across the organization, ensuring secure authentication mechanisms for employees, contractors, and third parties. • Conducts regular reviews and audits of privileged accounts, access controls, and authentication mechanisms to identify and remediate security gaps. |
Compliance, Audit, & Risk Management • Ensures IAM controls align with industry regulations such as HIPAA and NIST. • Supports internal and external audits by providing necessary IAM documentation and implementing corrective actions as needed. • Conducts periodic access reviews and certification campaigns to validate user access and reduce risk exposure. • Assess IAM-related risks and collaborate with security teams to implement appropriate mitigation strategies. |
Compliance/Safety * Reports safety-related incidents in a timely fashion through the Midas/RDE tool; attends all safety-related training programs; performs work in a safe manner; monitors work environment for possible safety issues and ensures others are also safely performing work. * Stays current and complies with state and federal regulations/statutes and company policies that impact the employee's area of responsibility. * Ensures all certifications and/or licenses are up-to-date and valid prior to expiration dates. * Completes all company mandatory modules and required job-specific training in the specified time frame. |
| Education |
Bachelor’s degree in Computer Science, Information Security, or a related field - Required
Equivalent combination of degree and years of experience will be considered.
| Experience |
Software Powered by iCIMS
www.icims.com