Facility: VIRTUAL-GA

Job Summary:

The Identity & Access Management (IAM) Architect is responsible for leading the design, integration, and management of IAM solutions across Wellstar Health System, with a key focus on integrating with both cloud and on-premise environments. This role is essential for ensuring secure access to healthcare systems and sensitive data while aligning IAM strategies with organizational security policies, compliance requirements, and business objectives. The IAM Architect collaborates across multiple teams to integrate Identity Governance and Administration (IGA) solutions, with a particular emphasis on upcoming projects such as Epic integration (EMP and SER modules), SailPoint Non-Employee Risk Management (NERM), and expanding Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) frameworks. Reporting to the Director of IT Security, the IAM Architect plays a pivotal role in safeguarding Wellstar's IT infrastructure and user access management.

Core Responsibilities and Essential Functions:

IAM Program responsibilities
Strategic Roadmaps & Planning:
* Prepare Detailed Roadmaps: Develop comprehensive roadmaps to guide the successful implementation of IAM technologies and strategies, ensuring alignment with Wellstars security policies, compliance requirements (e.g., HIPAA), and business goals.
* Phased Implementation: Break down the IAM program into manageable phases, with specific timelines and milestones, covering identity lifecycle management, access control policies, and critical system integrations.
Identity and Access Management (IAM) Solutions:
* Epic Integration: Lead the integration of IAM solutions with Epic, focusing on the EMP and SER modules to manage employee and provider identities securely and efficiently.
* SailPoint Non-Employee Risk Management (NERM): Architect and implement IAM solutions using SailPoint for non-employee risk management, ensuring secure identity lifecycle management for contractors and external partners.
* RBAC/ABAC Expansion: Build and refine Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) frameworks to ensure that access rights are appropriately assigned based on user roles and attributes, aligning with Wellstars evolving security needs.
* IGA Solutions: Architect and design Identity Governance and Administration (IGA) solutions that align with Wellstars security policies and regulatory compliance requirements, ensuring smooth integration with healthcare systems.
* Identity Lifecycle Management: Develop identity lifecycle management processes covering the entire identity lifecycle, including provisioning, authorization, and de-provisioning to enhance security and efficiency.
Access Control & Security:
* Access Control Policies: Define and enforce access control policies based on the principle of least privilege, ensuring users receive the appropriate level of access based on their roles and responsibilities.
* Security Assessments: Collaborate with teams to perform security assessments and tool evaluations, ensuring that all application onboarding and integration requirements align with enterprise architecture and security standards.
* Risk Assessment & Mitigation: Identify potential risks at each phase of IAM implementation and develop strategies to mitigate them, ensuring seamless execution and minimal disruption to business operations.
Collaboration & Vendor Management:
* Vendor Coordination: Work closely with vendors to obtain detailed proposals and quotations. Assist in negotiating competitive and favorable pricing for IAM solutions while ensuring alignment with Wellstars needs.
* Stakeholder Engagement: Engage with IT managers, security leaders, and business units to gather IAM requirements, define roles and responsibilities, and ensure all stakeholders are aligned with roadmap objectives.
* Collaboration Across Teams: Collaborate with developers, engineers, project managers, and other IT teams to deliver successful IAM implementations, ensuring all technical and security requirements are met.
Technical Leadership & Documentation:
* Technical Leadership: Provide technical leadership and mentorship to junior engineers in secure systems design, ensuring that IAM solutions align with best practices and industry security standards.
* Workshops & Presentations: Conduct workshops and presentations to educate teams on IAM best practices and the strategic direction of IAM implementations.
* Architectural Artifacts & Documentation: Develop architectural artifacts based on enterprise architecture frameworks. Prepare technical assessments, RFIs, and RFPs, and create detailed system architectural documents.
* Status Reporting & Executive Communication: Provide routine reports to senior management and the Director of IT Security, updating them on the status of IAM projects, key milestones, and any strategic adjustments needed.
Monitoring & Maintenance:
* Performance Monitoring: Monitor IAM systems for performance, availability, and vulnerabilities, and implement necessary remediation measures as needed.
* Disaster Recovery: Develop and maintain disaster recovery procedures for IAM technologies and participate in annual disaster recovery exercises.
* Compliance & Reporting: Generate reports on IAM system performance, compliance status, and security incidents, ensuring the system remains in line with organizational and regulatory requirements.


Measure the business impact of architecture with business and technical metrics and assess the current state of maturity of the architecture.
* Assists in performing vitality process to ensure architecture continues to reflect the organizational needs and technical opportunities.
* Guides the overall architecture and implement solutions meeting the needs of the defined strategic project.


Enhance professional growth and development through participation in education programs, workshops or other educational opportunities that may be presented. Keep abreast of current events.
* Demonstrates the ability to learn and improve architecting skills by actively participating in education programs, seminars, and related activities.
* Performs additional duties as assigned.

Performs other duties as assigned

Complies with all Wellstar Health System policies, standards of work, and code of conduct.

Required Minimum Education:

• Bachelors Information Security or Bachelors Information Technology

Required Minimum License(s) and Certification(s):

All certifications are required upon hire unless otherwise stated.

Additional License(s) and Certification(s):

CISM Preferred
CISSP Preferred
related certificate Preferred

Required Minimum Experience:

Minimum 10 years collective experience in information technology, information security, AND/OR information privacy
Required

Required Minimum Skills:

Analytical, verbal & written communication, time management, project management, risk assessment, process design and improvement.
Strong audit and compliance focus.
IAM