Cybersecurity Iam Architect Remote

Primary City/State:

Phoenix, Arizona

Department Name:

IT Identity Access Mgmt-Corp

Work Shift:

Day

Job Category:

Information Technology

Primary Location Salary Range:

$52.58/hr - $87.63/hr, based on education & experience

In accordance with State Pay Transparency Rules.

Help lead health care IT into the future. Our Information Technology professionals play a key role in excellent patient care.  If you like the idea of making a positive change in people’s lives – apply today.

The Identity and Access Management (IAM) team is responsible for Identity Management for the enterprise, to include day to day IAM operations to manage and action user access provisioning requests, privileged access management, single sign-on, vendor remote access, tap and go badge reader implementations and access, azure identify security governance, AD identity governance, conditional access policies, identity governance, user access reviews, role based access controls, multi-factor authentication, IAM architecture design and implementation, customer satisfaction over the user access experience, collaborating with clinical and business teams and leadership, and making sure all identities are secured and limited to only the access necessary to perform required job functions. The team is critical to reducing excessive access, unauthorized access, and insider threat risk to Banner.

Banner Health is looking for a Cybersecurity IAM Architect to lead the enterprise Cybersecurity IAM strategy, ecosystem, and architecture for Banner Health day to day. The incumbent develops architectural artifacts, models, patterns, and leads the standards for identities and access, in compliance with legal, regulatory, and Banner Health requirements. This includes the definition of processes to manage the lifecycle of user’s accounts and identity in the IT landscape. This position has responsibility for IAM product rationalization and design, including cloud identity, non-employee identity, consumer identity, Azure Active Directory, Privileged Access Management, Multi-Factor Authentication, Single Sign-On, Zero Trust, among other Banner IAM capabilities, initiatives, and strategies. Acting as a contributing member of the IAM team and center of excellence in architecture, this role will develop identity focused roadmaps and strategy documentation, coordinate and work with other teams to support the IAM program and strategic vision, coordinate with stakeholders including but not limited to Enterprise Architecture, Solutions Architecture, Cybersecurity Architecture, Infrastructure, Applications, and Business teams. This position designs solutions to resolve complex and highly complex technical and business issues related to Identity Governance and Administration (IGA). This role helps to develop and drive IAM projects, strategic initiatives, budget, and goals; as well as establishing strong cross-functional relationships and partnerships with groups mentioned above. This position is instrumental in leading Banner IAM strategy into the future to stay aligned with emerging trends while effectively serving our user-base and supporting our mission of patient care.

This is a salaried position and the typical schedule is a 40+ work week. There are times when the IAM team is involved with go-lives that may be after hours or even weekends. This is not typical, but there may be times where your presence and leadership is necessary to support the team. The primary location for this role will be fully remote. Opportunities to be in the office will be made available at the Banner Corporate Center (Phoenix Plaza - off Thomas and Central). An ideal candidate would possess ten (10) or more years of experience in IT and Cybersecurity focused on IAM architecture.

Banner Health IT was awarded Inside Pro and Computerworld's 100 Best Places to work in IT for 2020, 2021, 2022, and 2023!

Within Banner Health Corporate, you will have the opportunity to apply your unique experience and expertise in support of a nationally-recognized healthcare leader. We offer stimulating and rewarding careers in a wide array of disciplines. Whether your background is in Human Resources, Finance, Information Technology, Legal, Managed Care Programs or Public Relations, you'll find many options for contributing to our award-winning patient care.

POSITION SUMMARY

This position is responsible for leading the enterprise Cybersecurity IAM strategy, ecosystem, and architecture for Banner Health This person develops architectural artifacts, models, patterns, and leads the standards for identities and access, in compliance with legal, regulatory, and Banner Health requirements. This includes the definition of processes to manage the lifecycle of user’s accounts and identity in the IT landscape. This position has responsibility for IAM product rationalization and design, including cloud identity, non-employee identity, consumer identity, Azure Active Directory, Privileged Access Management, Multi-Factor Authentication, Single Sign-On, among other Banner IAM capabilities, initiatives, and strategies. Acting as a contributing member of the IAM team and center of excellence in architecture, this role will develop identity focused roadmaps and strategy documentation, coordinate and work with other teams to support the IAM program and strategic vision, coordinate with stakeholders including but not limited to Enterprise Architecture, Solutions Architecture, Cybersecurity Architecture, Infrastructure, Applications, and Business teams. This position designs solutions to resolve complex and highly complex technical and business issues related to Identity Governance and Administration (IGA). This role helps to develop and drive IAM projects, strategic initiatives, budget, and goals; as well as establishing strong cross-functional relationships and partnerships with groups mentioned above. This position is instrumental in leading Banner IAM strategy into the future to stay aligned with emerging trends while effectively serving our user-base and supporting our mission of patient care.

The Cybersecurity IAM Architect is expected to represent and advocate the perspectives of a principal security engineer or manager in any situation as necessary. Peer Group is Architects, Principal Engineers, Managers and Associated Directors. Operates as an expert in the IGA Architecture discipline.

CORE FUNCTIONS

1. Analyzes the business and IT environment, including Azure, Google Cloud platforms and on-premises, to detect critical deficiencies from a IAM risk perspective, recommend solutions for improvement, and implement solutions accordingly. Perform IAM architecture validation against IT and Cybersecurity Policies and Standards, applicable regulations (HIPAA, PCI, GDPR, etc.). Participates in threat modelling exercises and architecture design assessments for identity-related systems.

2. Creates and enforce IT Technical standards, and IAM policies, standards, guidelines, best practices, and requirements. Develop, maintain, improve, and enforce architectural templates, processes, and documentation.

3. In collaboration with stakeholders, develops and maintains IGA current and future states, technical requirements, aligning them with business objectives.

4. Design IAM solutions implementations in a rationalized, requirements aligned and systematic manner. Solution designs support Banner’s Zero Trust strategy and architecture.

5. Incorporates IAM governance concepts in all architectural designs to include consideration of segregation of duties, provisioning and de-provisioning consistency and governance, user lifecycle workflows, authentication and authorization, master data authorities, federation, security controls, logging and monitoring, privileged access management, automation for better consistency and security governance, zero-trust concepts, and other considerations to keep IAM functions and solutions accounted for and secured.

6. Be trusted advisor by creating solution building blocks and reference architectures and providing guidance and useful designs to cybersecurity engineers. Acts as advisor and mentor to others and maintains in-depth knowledge of business strategies, initiatives, and goals as well as industry trends, regulatory requirements, and cybersecurity threats.

7. Advises managers and engineering teams making investments in technologies, or processes as a result of solution design, architecture development cybersecurity risk assessments, identity architectural designs, and IGA risks.

8. Be a thought leader and evaluate emerging/innovative IAM technologies for potential risks and opportunity for Banner and validate architectures for technical soundness in lab environment. Develops and fosters relationships with business stakeholders and information technology management. Excellent communicator.

Performs all functions according to established policies, procedures, regulatory and accreditation requirements, as well as applicable professional standards. Provides all customers of Banner Health with an excellent service experience by consistently demonstrating our core and leader behaviors each and every day.
MINIMUM QUALIFICATIONS

Must possess strong knowledge of business, information security and/or computer science as normally obtained through the completion of a bachelor's degree.

Must also possess ten plus years’ experience in a healthcare environment or an equivalent combination of relevant education, technical, business and healthcare experience with one-year experience being in cybersecurity architecture at the enterprise-scale, preferably in healthcare. Requires expertise in IAM concepts, including identification, authentication, authorization, access control, identity federation, and digital identity lifecycle management. Must demonstrate deep knowledge of information technology and Cybersecurity principles and practices.

Experience with the acquisition process, including vendor selection, define requirements, contractual documentation development. Requires independent judgment, critical decision making, excellent analytical skills, with excellent verbal and written communications. Ability to think quickly under difficult or complex conditions and clearly communicate to appropriate staff; ability to balance project workloads with customer support. Requires exceptional communication and presentation skills with the ability to build relationships and influence others to get results. Requires ability to communicate and interact across facilities and at various levels. Incumbent will have skills to mentor less experienced team members.

As is typical in this industry, variable shifts and hours and responding to after-hours notifications may be required.

PREFERRED QUALIFICATIONS

Bachelor’s Degree in Computer Science, Information Security, Information Systems, Engineering, or a related field; or commensurate, proven experience will be considered. Ten (10) plus years of experience in a healthcare environment or an equivalent combination of relevant education, technical, business and healthcare experience.

Also:

Ten (10) or more years of experience in IT and Cybersecurity focused on IAM architecture.

Experience in architecture principles and design, systems thinking, business requirements engineering, enterprise architecture, solutions architecture, cybersecurity architecture, IT operations, automation of security processes, coding and scripting languages, ability to document security processes as well as use case development. Experience with assessing IAM products, defining requirements, designing, mapping architecture diagrams, and setting the roadmap for IAM solutions. Experienced in planning, designing, and implementing cybersecurity solutions, operating, maintaining, and managing the lifecycle of consumer identity solutions in a regulated environment (e.g., HIPAA). Azure Active Directory, Azure AD B2C, Okta, SailPoint, CyberArk, and/or other similar significant IAM tool experience required. Experience with IAM related protocols such as SAML, SCIM, SPML, XACML, Blockchain, TACACS, OpenID, OAuth, LDAP, etc.

PREFERRED CERTIFICATIONS

Certification in one or more of the following areas:

Certified Identity and Access Manager (CIAM), Microsoft Certified Azure Security Engineer Associate, Certified Cloud Security Professional (CCSP), Google - Professional Cloud Architect (GPCA), SABSA Chartered Security Architect – Foundation (SCF), Professional or Master, Certified Information Systems Security Professional (CISSP), Information Systems Security Architecture Professional (ISSAP), HealthCare Information Security & Privacy Practitioner (HCISPP).

Additional related education and/or experience preferred.

EOE/Female/Minority/Disability/Veterans

Our organization supports a drug-free work environment.

Privacy Policy