USA
7 days ago
Identity & Access Mgmt Analyst - IT Security - Full Time

Position Summary: 

The Identity and Access Management (IAM) Analyst is responsible for day‐to‐day user access operations within the Cybersecurity operations team, including ensuring timely user access provisioning/deprovisioning; user access policy, standards, and process improvements via task automation and efficient workflows ensuring least privilege access to Guthrie systems and information. Core responsibilities include analyzing requirements, documenting standards, and administering IAM functions: Identity Governance and Administration, Privilege Access Management (PAM), Single Sign‐On, Imprivata “tap and go”, federation, Multi‐Factor Authentication, user access policy and standards, user access request management, and provisioning (Azure AD, Active Directory, LDAP and EPIC EMR security).

Education, License & Cert: 

High school diploma required. Bachelors preferred. Epic Security certification or within a year of hire. Professional security certification or within 12 months of hire/in role.

Experience: 

3 to 5 years of experience as an information security analyst or IT business analyst 2+ years' experience with technical experience of PAM, IAM tooling and processes Strong analytical, organizational, and planning skills Experience with scripting languages. (PowerShell, Perl, Python, Ruby, etc.) Strong verbal and written skills to develop technical documentation, training, and presentations Demonstrated commitment to continuous learning via training, self‐study and formal education to maintain technical proficiency within the cybersecurity domain Demonstrated experience with IT controls design and implementation

Essential Functions: 

Identity and Access Management:

Understand the scope of the health services Guthrie provides its patients and the threat landscape that may disrupt these services Define user access policy, standards, roles and procedures for security, efficiency, and scalability  Effectively communicate user access policy and standards to stakeholders Participate in project work to ensure user access controls are addressed in technology designs, workflows and operating procedures Participate and/or lead AD, PAM, IAM, and MFA tool installation, integration, support, and operations  Participates in the development, validation, and execution of comprehensive IAM use cases and test plans. Identifies, analyzes, and resolves data and complex user access workflow issues.  Demonstrates ability to diagnose and resolve AD, PAM, MFA and IAM issues and to recommend areas for process improvement or innovation to management. Provisioning and deprovisioning of regular, privileged, and Epic EMR user access Maintain effective relationships with key technology vendors, industry professionals, security forums and professional associations.

Support System compliance and Information Security certification: 

Stay informed of cyber/information security laws, regulations, and standards that may affect the information security and risk management program Participate in conducting an annual user entitlement review processes across the organization Aid in documenting IAM control gap findings, impacts and recommendations to management Develop and maintain IAM playbooks documenting user access controls, standards and procedures Establish actionable metrics to support the IAM/cyber program and influence behaviors Ensure IAM controls are operating effectively supporting HIPAA Security and Privacy Rule compliance Support the effort to acquire and sustain HITRUST CSF certification  Support responding to Information Security audits and risk assessments requested by regulatory agencies, payers, and other relevant entities

Other Duties: 

Other duties as assigned.

Rev: 2-12-2024

 

Confirm your E-mail: Send Email
All Jobs from Guthrie