Lead IAM Engineer

Now is the time to join PDS Health. You will have opportunities to learn new skills from our team of experienced professionals. If you're ready to take your career to the next level and gain valuable experience, apply today!

The Lead Engineer, Identity and Access Management is a results-driven professional responsible for driving the strategy, planning, and execution of IAM program enhancements to deliver a seamless and secure experience for team members, customers, and patients. The role collaborates with cross-functional teams to provide technical subject matter expertise and oversight for key IAM programs and controls safeguarding the organization’s data and information assets. The Lead, IAM oversees daily operations and continuous improvement of services, including managing Tier 0 platforms, address escalations, and enforce core security principles.

Responsibilities

• Architect, implement, and maintain IAM solutions across enterprise platforms, including Active Directory, Okta, CyberArk, and Epic.
• Design and enforce access control models (RBAC, ABAC, PBAC) and least privilege policies across on-prem, cloud, and hybrid environments.
• Lead technical integration of IAM services with internal and third-party applications using SAML, OIDC, SCIM, LDAP, and REST APIs.
• Build and maintain automated provisioning/deprovisioning workflows using tools such as Okta Workflows, PowerShell, and custom scripts.
• Conduct hands-on troubleshooting of complex identity issues, including authentication failures, SSO errors, and privilege escalation scenarios.
• Manage IAM infrastructure performance, uptime, and reliability; define SLAs and monitoring strategies.
• Perform in-depth log analysis and event correlation to support incident response and threat detection.
• Guide technical implementation of MFA, adaptive authentication, conditional access, and passwordless strategies.
• Evaluate and implement IAM-related tools and technologies, conducting proof-of-concept testing and architecture reviews.
• Author and maintain system architecture diagrams, data flow documentation, and technical runbooks.
• Support audit and compliance requirements through control implementation, technical evidence collection, and gap remediation.
• Serve as technical liaison to security, infrastructure, cloud, and development teams to ensure IAM controls are embedded in CI/CD pipelines and infrastructure as code.
• Lead vulnerability remediation efforts for IAM systems, ensuring timely patching and configuration hardening.
• Other duties and responsibilities as assigned.
  
  

Qualifications

• Bachelor’s degree in Information Technology (IT), Information Security, Computer Science, Engineering, Cybersecurity, or related field of study from an accredited college or university. In lieu of degree, 5 years of experience.
• 10 years of progressive professional experience in IT and information security, including at least 3 years of experience implementing identity and access management solutions, Role-Based Access Control (RBAC) in a medium-large sized organization (5,000 users) with products such as Okta, CyberArk, etc.
• 4 years of experience with Okta, configuring application SSO using OIDC or OAuth token services, and strong working knowledge of Okta Workflows.
• 2 years of experience with PowerShell scripting focused on user management tasks and routines.
• 3 years of experience working with RESTful APIs via Postman to automate IAM tasks such as account provisioning, role assignments, and identity lifecycle integrations.
• Experience leading or contributing to IAM system migrations and consolidations across enterprise environments.
• Experience using GRC tools for reporting, analysis, measurements, etc.
  
  

Preferred

• Industry recognized certifications such as CISSP, SSCP, Security , CISM, CISA, or equivalent.
• Certified Okta Professional or Certified Okta Developer.
• Experience with access control on at least one large scale Healthcare EMR such as Epic, Cerner, or Allscripts.
• Experience in a multi-regional healthcare, retail, or dental company.
• Experience in protecting electronically protected health information (ePHI) and sensitive customer personally identifiable information.
  
  

Knowledge/Skills/Abilities

• Demonstrated experience leading and participating in troubleshooting, managing, and solving issues related to identities, systems, access, accounts, authentication, authorization, entitlements, federation and permissions.
• Strong grasp of APIs, web services, and microservices, particularly in the context of secure IAM integrations - ensuring proper use of authentication protocols (OAuth2, OIDC), access controls, and encrypted data exchange.
• Demonstrated experience creating IAM strategies, roadmaps, and execution plans with proven delivery in enterprise environments.
• Knowledge of core Information Security frameworks, standards such as ISO 27001, NIST, SANS, HITRUST, HIPAA, PCI, etc. is essential.
• Ability to stay current on IAM standards, protocols, and threat vectors; continuously assess architecture to improve resilience and scability.
• In-depth understanding of network/infrastructure security, cloud platforms, and endpoint security practices.
• Proficiency in automation and scripting languages such as PowerShell, Python, or Bash.
• Demonstrated effective problem-solving and leadership skills.
• Demonstrated advanced technical expertise, and the ability to lead complex security workstreams while ensuring alignment with organizational policies and industry best practices.
• Ability to uphold the organization’s privacy, professionalism, and ethical standards by ensuring systems and data remain secure and resilient.
• Ability to multi-task effectively without compromising the quality of work.
• Demonstrated effective interpersonal, verbal, and written communication and collaboration skills across diverse teams and organizational levels with the ability to translate complex technical concepts to technical and non-technical stakeholders.
• Detail-oriented, organized, process-focused, proactive, ambitious, and customer focused.
• Ability to draw conclusions and make independent decisions with limited information.
• Ability to respond to common inquiries from customers, staff, regulatory agencies, vendors, and other members of the business community.
• Self-motivated, proactive, and reliable professional with hands-on approach to problem-solving and execution capable of working independently as well as part of a team.
• Demonstrated understanding of a wide range of compliance and technology frameworks.
  
  

Benefits

• Medical, dental, and vision insurance
• Paid time off
• Tuition Reimbursement
• 401K
• Paid time to volunteer in your local community
  
  

Compensation Information

$130,000.00-$168,000.00 / Annually

PDS Health is an Equal Opportunity Employer. We celebrate diversity and are united in our mission to create healthier and happier team members.