Principal Identity and Access Management (IAM) Analyst and Developer

HealthPartners is currently hiring a Principal Identity and Access Management (IAM) Analyst and Developer.This is a senior technical leadership role responsible for driving strategic direction architecture and hands-on execution across our identity platforms. The principal leads the design implementation and evolution of our enterprise-wide identity and access management (IAM) capabilities.

The ideal candidate brings deep IAM expertise strong security knowledge and a proven ability to partner with engineering application infrastructure and security teams to mature an identity program. The principal reports to the Manager Identity and Access Management and collaborates with a dedicated team focused on enterprise security and access solutions.

Required Qualifications:

• Bachelors degree in Information Technology Computer Science or a related field; or an equivalent combination of education and experience. Four (4) years of professional experience will be considered in lieu of a degree.
• Seven (7) years of experience in identity and access management cybersecurity or related fields.
• Four (4) years of experience with SailPoint (ISC) administration including application onboarding provisioning and certifications.
• Deep knowledge of identity protocols and standards: SAML OAuth2 OIDC SCIM LDAP Kerberos X.509.
• Experience designing and implementing Zero Trust RBAC/ABAC and modern authentication frameworks.
• Strong scripting and automation capabilities (PowerShell Java Beanshell REST APIs).
• Hands-on experience with Privileged Access Management (PAM) solutions.
• Strong architectural background with the ability to create reference designs and drive adoption.
• Excellent communication and stakeholder engagement skills including translating complex concepts for nontechnical audiences.

Preferred Qualifications:

• Experience working within the healthcare industry.
• Familiarity with compliance frameworks such as SOX HIPAA PCI-DSS NIST ISO 27001.
• Relevant certifications such as CISSP CISM Azure Identity Engineer Okta Certified Professional SailPoint Architect.

Hours/Location:

• Monday Friday; core business hours
• Work may be performed remotely; however on-site presence is required on Tuesdays and Thursdays to help jumpstart project work.

Responsibilities:

• Serve as the subject matter expert for identity authentication and directory services across the organization.
• Evaluate and recommend IAM technologies tools and process improvements.
• Coordinates across Business Partners and Information Technology Application Groups to identify access requirements and assists in integrating these requirements into Security Administration tools and processes.
• Analyzes Security Administration processes / workflows recommends ways to improve efficiency and effectiveness and helps implement the solutions.
• Design and oversee implementation of identity solutions for cloud hybrid and on-prem environments.
• Lead modernization initiatives including lifecycle automation access governance and privileged access controls.
• Build scalable resilient enterprise identity patterns for applications APIs and infrastructure.
• Develop automation and orchestration to streamline joiner/mover/leaver processes.
• Collaborate with security operations compliance and audit teams to ensure identity controls meet regulatory requirements.
• Mentor junior IAM engineers and provide technical leadership across the IAM function.
• Ensures that HealthPartners access management aligns with ITs security policies and standards.
• Performs other duties as assigned.