Director of Identity & Access Management (IAM)-11071

NOR HEALTHCARE SYSTEMS CORP
Culver City, United States of America
11 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 145K

Job location

Remote
Culver City, United States of America

Tech stack

Cerner
Microsoft Active Directory
Health Informatics
Business Systems
Computer Security
Identity and Access Management
OAuth
OpenID
Role-Based Access Control
Azure
Security Assertion Markup Language (SAML)
Systems Integration
Electronic Medical Records
Information Technology
SailPoint
Meditech
Allscripts

Job description

The Director of IdentityAccess Management (IAM) is responsible for the strategic leadership, governance, and operational oversight of identity and access services across NOR and its supported entities, including hospitals, business units, and affiliated organizations.

This role ensures appropriate, secure, and timely access to systems and data for workforce members, clinicians, contractors, vendors, and partners while maintaining compliance with healthcare regulations, internal policies, and audit requirements. The Director serves as the primary authority for identity lifecycle management, access governance, and privileged access controls across the enterprise., StrategyLeadership

  • Define and maintain NOR's enterprise IAM strategy, roadmap, and long-term vision aligned with business and security objectives
  • Lead and mentor IAM managers, engineers, analysts, and offshore/onshore support teams
  • Serve as the escalation point for identity-related risks, incidents, and access failures
  • Partner closely with IT Security, Compliance, HR, Clinical Informatics, and Legal teams

GovernanceCompliance

  • Establish and enforce IAM governance frameworks, policies, and standard operating procedures (SOPs)

  • Create, maintain, and regularly review IAM SOPs to ensure consistent, compliant access management practices

  • Ensure compliance with HIPAA, HITECH, SOX, and other regulatory requirements

  • Lead access reviews, user attestations, and audit responses

  • Maintain segregation of duties (SoD) and privileged access governance controls

Identity Lifecycle Management

  • Oversee end-to-end identity lifecycle processes:
  • Joiner / Mover / Leaver (JML)
  • Employee, contractor, vendor, and third-party access
  • Ensure timely provisioning and deprovisioning across clinical and business systems
  • Reduce access risk through automation and standardized workflows

AccessPrivileged Identity Management

  • Lead implementation and optimization of:
  • Role-based access control (RBAC)
  • Attribute-based access control (ABAC) where applicable
  • Privileged Access Management (PAM)
  • Ensure secure access to high-risk systems such as EHR/EMR, financial, and infrastructure platforms

TechnologyArchitecture

  • Own IAM platforms and integrations (examples):
  • Active Directory / Azure AD / Entra ID
  • SSO, MFA, Federation (SAML, OAuth, OpenID)
  • IGA tools (e.g., SailPoint, Saviynt, etc.)
  • Monitor service performance, SLAs, and key risk indicators
  • Evaluate and implement IAM solutions aligned with NOR standards
  • Ensure IAM processes and workflows are documented through clear, audit-ready SOPs

IncidentRisk Management

  • Participate in identity-related incident root cause analysis
  • Remediate identified access risks per Security team's direction
  • Monitor IAM KPIs and risk indicators

VendorStakeholder Management

  • Manage IAM vendors, contracts, and SLAs
  • Coordinate with third-party partners and affiliates on secure access
  • Communicate IAM initiatives and risks clearly to executive leadership

Requirements

Do you have experience in Senior leadership?, Do you have a Bachelor's degree?, * Bachelor's degree in information technology, Computer Science, Cybersecurity, or related field

  • Master's degree preferred but not required, * 8-12+ years of progressive IT experience
  • 5+ years in IAM leadership or senior IAM architecture roles
  • Strong experience in healthcare, regulated industries, or large enterprises
  • Proven experience supporting audits and regulatory compliance

Technical Skills

  • Deep knowledge of IAM concepts and frameworks
  • Hands-on understanding of:
  • Active Directory / Azure AD
  • SSO, MFA, Federation
  • Role and entitlement management
  • Privileged access controls
  • Familiarity with EHR/EMR access models (Allscripts, Cerner, Meditech, etc. a plus), * Healthcare IT experience in hospital or multi-entity environments
  • Familiarity with EHR/EMR access models
  • Security or IAM certifications (CISSP, CISM, IAM-related)

Soft SkillsCompetencies

  • Strong leadership and cross-functional collaboration
  • Ability to translate access risk into operational and compliance impact
  • Process-driven, detail-oriented, and highly organized
  • Calm, decisive decision-making during audits and incidents

Apply for this position