Sr. Identity Access Management Engineer - REMOTE
Healthcare Without Rival
Premise Health is the world's leading direct healthcare provider and one of the largest digital providers in the country, serving over 11 million eligible lives across more than 2,500 of the largest commercial and municipal employers in the U.S. Premise partners with its clients to offer fully connected care – in-person and in the digital environment. It operates more than 800 onsite and nearsite wellness centers in 45 states and Guam, delivering care through the Digital Wellness Center and onsite, nearsite, mobile, and event solutions.
Premise delivers value by simplifying complexity and breaking down barriers to give diverse member populations access to convenient, integrated, high-quality care. We offer more than 30 products, delivering the breadth and depth of care required to serve organizations' total populations. The result is healthcare that meets the needs of members and their families, helping them live healthier while lowering costs for organizations.
Premise offers a wide range of dynamic, purpose-driven career opportunities. We are currently looking for a Sr. IAM Engineer to join our team.
About the role:
The Identity and Access Management (IAM) Engineer works closely with several teams to design, deliver, and support the IAM strategy for the IAM program at Premise Health. The IAM Engineer is also responsible for the technical delivery and support of IAM solutions required to support the needs of the organization. This is an experienced position and requires that the IAM Engineer stay abreast of industry best practices and emerging trends that will help address current challenges and enable new ways of delivering value to the organization. This role will be responsible for the following items in addition to other duties as assigned.
- Assists in evaluating IAM products and services required to meet business and technology requirements, which includes directory services (e.g., AD), identity federation (e.g., SAML, SSO and ADFS), Multi-Factor Authentication (MFA), Identity Verification, and Identity Management (IdM).
- Responsible for the analysis, design, implementation, and maintenance of all layers of IAM applications, including Authorization/Authentication and Account Creation/Management/Provisioning in data repositories.
- Works with team members to implement scalable access management and identity lifecycle processes for internal (workforce member) and external (customer) identities.
- Work closely with business, application, and solution owners to ensure user and role definitions and associated access rights are appropriately implemented where provisioning is maintained outside of the IAM team.
- Helps in developing and/or integrating applications and third-party products into the IAM platform to utilize provisioning, de-provisioning, and user lifecycle management.
- Assists in the support of the role-based access control (RBAC) model. Helps maintain role-based access control documentation for operational processes.
- Supports team members in the administration of access rights reviews. Follows up with reviewers to answer questions or provide additional data insight.
- Daily use, maintenance, and engineering of Premise Health’s existing tools, such as privileged access management, third-party access, single sign-on, and other IAM solutions as required.
- Liaise regularly with the associated teams focused on user behavior analytics, access provisioning, security operations, security engineering, third party risk, compliance, etc.
- Provide insight during discussions on new technologies and tools related to Identity and Access Management and governance.
- Creates and implements automated processes that reduce manual efforts and increase overall efficiency and scalability.
- May require other duties as assigned.
- Bachelor’s degree, its equivalent, or greater preferred
- Minimum of 5 - 8 years’ experience in a directly related IT field
- Minimum of 5+ years’ experience in access management and/or provisioning role or equivalent demonstrated enterprise-scale exposure and accountability.
- 5+ years or equivalent experience in implementing, integrating, and supporting Okta's cloud technologies
- Extensive and demonstrated knowledge of standard IAM products (i.e. Okta, Thycotic Secret Server, etc.) including planning, implementation, and operations
- Experience with roles development in applications environments
- Experience with basic IT access auditing
- Experience with Privileged Account Management (PAM)
- Experience with industry IAM processes, procedures, and current best practices
- Experience with various LDAP products including AD
- Knowledge of web services (REST/SOAP).
- Familiarity with SCIM and knowledge of various API authentication standards
- Experience in various authentication standards such as Security Assertion Markup Language (SAML), OAuth and OpenID Connect
- Experience in configuring IAM technologies to provide enterprise Single Sign-On services and enable Multi-Factor Authentication (MFA) platform features for internal and external applications
- Comprehensive understanding of role-based access control (RBAC)
- Prior experience implementing IAM best practices in Active Directory including implementation of RBAC in an Active Directory environment
- Follow SDLC, change management and document the procedures on IAM solutions to meet compliance requirements
- Assess integration opportunities from technical perspective and provide solutions
- Experience with Cloud technologies (Google Cloud Platform, Azure or AWS)
- Understanding of cloud computing architecture, technical design, and implementations, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS) delivery models
- Assist application teams through the SDLC process (including requirements gathering, configuration, testing to integrate applications with IAM technologies)
- Prior experience in corporate IT, preferably in an Identity and Access Management role
Knowledge and Skills:
- Demonstrated oral and written communication skills
- Proven ability to work with other teams in managing complex projects
- Proven initiative to learn and research new concepts, ideas, and technologies quickly
- Proven ability to work in a team-oriented, collaborative environment
- Proven ability taking a concept from idea to completion
- Maintains a broad knowledge of emergent trends in information technology, tools, methodologies, and best practices
- Comprehensive understanding of IT risk controls and compliance frameworks
Work-life balance is at the foundation of how decisions are made and where Premise is headed. We can only help people get, stay, and be well if we do the same for ourselves. In addition to competitive pay, Premise offers benefits packages including medical, dental, vision, life insurance, 401(k), paid holidays and vacation time, a company-sponsored wellness program, and much more our talent acquisition team will be happy to share with you.
Premise Health is an equal opportunity employer; we value inclusion, and we do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status or disability status.
For individuals living in Colorado only, Premise Health is required to include an estimate of the salary and benefits for this role. While a number of factors influence salary, our estimated Colorado compensation is $75,000- $115,000. Please note, this is a general guideline and your experience qualifications, geographic location, and other factors will be taken into consideration. For more information regarding the benefits we offer, please visit our career site, jobs.premisehealth.com/benefits.
To support Premise Health’s commitment to the safety, health and wellbeing of our team members, clients and patients, we are requiring all new team members to be fully vaccinated with a COVID-19 vaccine*, except where a reasonable medical or religious accommodation can be granted. Should you be offered and accept a position with Premise Health, you will be required to provide your proof of vaccination in the form of your CDC vaccination card as part of the pre-employment onboarding process.
*As permitted by applicable law.