Manager, Identity and Access - Atlanta
At GoHealth Urgent Care, we place the needs of our patients first - by providing an effortless and unparalleled customer experience, a welcoming culture of care, and seamless integration with market-leading health systems and our communities.
The Manager of Identity and Access Management (IAM) plays a critical role at GoHealth within the Information Technology team. This position is responsible for overseeing all aspects of user lifecycle processes, including onboarding, offboarding, name changes, title changes, and region changes, ensuring efficient, scalable, and secure access management processes and technology. The Manager of IAM will lead a team of IAM professionals, develop and implement IAM strategies, and collaborate with cross-functional teams to streamline identity and access processes to maintain high-quality IAM services in alignment with our company's core values of collaboration, innovation, diversity and inclusion, accountability, and courage and integrity.
- Bachelor's degree in Information Security, Computer Science, or related field
- 3+ years experience in IAM leadership roles with a strong understanding of IAM technologies, principles, and strategy
- Okta Certified Professional and/or Okta Certified Administrator
Additional Knowledge, Skills and Abilities Required
- 3 Years of professional experience in IAM roles, including hands-on experience with IAM tools and technologies.
- Leadership or managerial experience of IT analyst and/or developer resources.
- Knowledge in identity and access management tools and technologies, such as identity governance and administration (IGA) systems, single sign-on (SSO), multi-factor authentication (MFA), and privileged access management (PAM).
- Strong knowledge of access control mechanisms, including role-based access control (RBAC) and attribute-based access control (ABAC).
Additional Knowledge, Skills, and Abilities Preferred
- Strong leadership and team management skills with a focus on accountability and performance optimization.
- In-depth knowledge of IAM technologies, including IAM solutions such as Microsoft Azure AD, Okta, or similar platforms.
- Familiarity with security frameworks and industry standards (e.g., NIST, ISO 27001).
- Familiarity with healthcare IT systems, compliance requirements (e.g., HIPAA), and the unique security challenges in the healthcare industry.
- Experience with security auditing, access monitoring, and log analysis tools to detect and respond to security incidents.
- Excellent communication and interpersonal skills to collaborate effectively with cross-functional teams and external partners.
- Ability to identify and address security risks and vulnerabilities proactively.
- Strong problem-solving and analytical abilities.
- Commitment to upholding the company's core values, including collaboration, innovation, diversity and inclusion, accountability, courage, and integrity.
- Develop and execute a comprehensive IAM strategy aligned with organizational goals.
- Manage and lead a team of IAM administrators, providing guidance, support, and mentorship to ensure the team's effectiveness and productivity.
- Oversee user onboarding, offboarding, and related processes to ensure timely and accurate provisioning and de-provisioning of access for employees.
- Provide training and awareness programs for staff regarding IAM best practices, security policies, and the importance of data protection.
- Develop and implement access control policies and procedures that adhere to regulatory requirements (e.g., HIPAA) and industry best practices, ensuring data privacy and security.
- Implement and manage access control mechanisms, including role-based access control (RBAC) and least privilege access principles, to safeguard patient data and critical systems.
- Establish and maintain identity verification processes to ensure that only authorized individuals have access to healthcare systems and patient information.
- Maintain accurate documentation of IAM processes, configurations, and security controls for audit and compliance purposes.
- Establish and track key performance indicators (KPIs) to measure the quantity, timeliness, and quality of IAM services. Hold the team accountable for meeting or exceeding these metrics.
- Provide regular reports to senior management and relevant stakeholders on IAM performance, security incidents, compliance status, and areas requiring attention.
- Continuously evaluate and improve IAM processes and workflows in collaboration with internal and external partners to enhance efficiency and security.
- Utilize the request management system and monitoring tools and techniques to track user activities, detect anomalies, and maintain access logs for audit and compliance purposes.
- Build and maintain positive relationships with internal and external partners to facilitate communication, share best practices, and address areas of improvement or success.
- Collaborate with IT teams, compliance group, legal, and other departments to align IAM strategies with the organization's overall goals and objectives.
- Ensure compliance with relevant regulations, standards, and company policies related to identity and access management.
- Conduct regular security audits, access reviews, and compliance assessments to identify and mitigate security risks and vulnerabilities.
- Stay up to date with emerging IAM technologies, threats, and best practices and recommend improvements to enhance the organization's security posture.