Principal Identity Access Management Architect

Information Security Redwood City, California


Description

HeartFlow, Inc. is dedicated to making our products and technologies as secure as possible. The Principal Identity and Access Management Architect is a senior level position that reports directly to the VP, CISO, and works closely with development teams, CorpIT (Information Technology) teams, human resources and other teams across the organization on all aspects of Identity Provisioning, Access Governance, Web Access Management, Privileged Access Management. The Principal Identity and Access Management Architect is a subject matter expert and technical leader, this role will protect enterprise information systems access, ensuring the validity of those who need legitimate access to their systems and data.

Job Responsibilities:

  • Develop and execute upon a strategy for Identity and Access Management (“IAM”) and Privileged Access Management (“PAM”) to support a complex enterprise
  • Be hands on; responsible for coding and configuration of the selected IAM and PAM technologies
  • Respond to access control requests (on-boarding/new access, off-boarding/access removal, access changes, etc.) manually until IAM system is in place providing automated access provisioning, modification and deprovisioning
  • Configure, implement and validate the vendor applications necessary to support the overall IAM program. The applications may include: password management, password policy enforcement, access entitlement provisioning and de-provisioning, access entitlement certification and single sign-on
  • Ensure that the implemented process and tools for the program continue to meet the needs of the enterprise. Represent Information Security in the development and implementation of the overall global enterprise IAM and PAM programs
  • Act as champion and educate the enterprise on all aspects of IAM. Institutionalize IAM practices through training and on-going knowledge transfer
  • Work with IAM Product Vendors such as SailPoint, Oracle Identity Manager, CyberArk etc. for strategic and tactical requirements for agreements
  • Assist in operationalizing the IAM program from both a technical and process perspective. This involves the selection and staging of applications required to adopt the IAM functions associated with the IAM program. This iterative transformation effort will increase in scope as the program progresses.

Technical Skills Needed

  • 3+ years of experience in Identity and Access Management (preferred), Information Security, Process Management, Application Development / Support
  • REST API based integration between IAM platform and applications
  • 5+ years designing, deploying and managing IAM and PAM architecture, tools and infrastructure
  • Advanced understanding of Directory Service solutions, open standards and authentication methods such as AD, DNS, LDAP, OAuth, MFA, SAML, Federation and Certificates
  • Working knowledge of IAM tools such as OneLogin, SambaAD, OpenLDAP, Duo MFA
  • Knowledge of web service technologies, load balancer services (i.e. Nginx, Cloudflare, F5, etc.) and RESTful APIs
  • Solid understanding of secure network and system design in both cloud (AWS, Azure, etc.) and conventional environments

Soft Skills Needed

  • Experience implementing Identity and Access Management processes
  • Experience implementing role based access solutions
  • The ability to communicate complicated technical issues and the risks they pose to diverse groups (i.e. network engineers, system administrators, and management)
  • Excellent written and verbal communication skills, interpersonal and collaborative skills
  • Must be a critical thinker, with strong problem-solving skills
  • High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity
  • Self-starter, positive attitude, ability to work independently, enjoys learning and staying current with industry developments, regulations and best practices.

About HeartFlow, Inc.:

HeartFlow, Inc. is a medical technology company redefining the way heart disease is diagnosed and treated. Our non-invasive HeartFlow FFRct Analysis leverages deep learning to create a personalized 3D model of the heart. By using this model, clinicians can better evaluate the impact a blockage has on blood flow and determine the best treatment for patients. Our technology is reflective of our Silicon Valley roots and incorporates decades of scientific evidence with the latest advances in artificial intelligence. The HeartFlow FFRct Analysis is commercially available in the United States, Canada, Europe and Japan. For more information, visit www.heartflow.com.

HeartFlow, Inc. is an Equal Opportunity Employer. This company does not and will not discriminate in employment and personnel practices based on race, sex, age, handicap, religion, national origin or any other basis prohibited by applicable law. Hiring, transferring and promotion practices are performed without regard to the above listed items.