Senior Identity Architect Healthcare

MatchPoint Solutions is a fast-growing young energetic global IT-Engineering services company with clients across the US. We provide technology solutions to various clients like Uber Robinhood Netflix Airbnb Google Sephora and more! More recently we have expanded to working internationally in Canada China Ireland UK Brazil and India. Through our culture of innovation we inspire build and deliver business results from idea to outcome. We keep our clients on the cutting edge of the latest technologies and provide solutions by using industry-specific best practices and expertise.

We are excited to be continuously expanding our team. If you are interested in this position please send over your updated resume. We look forward to hearing from you!

Job Description

• Design and implement a comprehensive RBAC strategy aligned to the customers organizational structure security posture and compliance requirements.
• Architect identity solutions using Microsoft Entra ID including app registrations enterprise applications Conditional Access PIM and governance features.
• Develop a phased migration roadmap for transitioning from the current access model to a least-privilege RBAC framework.

• Define and implement entitlement management access reviews lifecycle workflows and integration with HR systems.
• Analyze application-level permissions app roles group-based access and custom authorization models to rationalize entitlements and reduce role explosion.
• Leverage hybrid identity patterns including Active Directory Entra Connect and synchronization rules to support a seamless transition.

• Lead cross-functional workshops with HR Security IT and business units to define functional roles gather requirements and drive consensus.
• Guide the organization through identity modernization including stakeholder alignment training and adoption strategies.

• Produce high-quality architecture diagrams role definitions governance frameworks and migration plans.
• Mine and analyze access data to identify patterns normalize entitlements and document findings with actionable recommendations.

• Deep expertise in Microsoft Entra ID (Azure AD) including app registrations enterprise applications Conditional Access PIM and governance features.
• Proven hands-on experience designing and implementing RBAC or Attribute-Based Access Control (ABAC) models including role engineering entitlement mapping and least-privilege enforcement in large or complex organizations.
• Strong understanding of Identity Governance and Administration (IGA) including access reviews entitlement management lifecycle workflows and HR system integration.
• Solid background in directory services and hybrid identity including Active Directory Entra Connect synchronization rules and hybrid identity patterns.
• Application access and authorization model expertise including analysis of application-level permissions app roles group-based access and custom authorization models.
• Data analysis and entitlement rationalization skills including experience mining access data identifying patterns normalizing entitlements and reducing role explosion.
• Strong security and compliance knowledge including Zero Trust principles least privilege privileged access management and regulatory frameworks (SOX HIPAA PCI etc.).
• Experience leading cross-functional workshops with HR Security IT and business stakeholders to define functional roles gather requirements and drive consensus.
• Architecture and documentation skills including the ability to produce high-quality architecture diagrams role definitions governance frameworks and migration plans.
• Change management and organizational communication experience including guiding organizations through identity modernization stakeholder alignment training and adoption strategies.

• Microsoft Entra ID (Azure AD) Active Directory (AD DS) Entra Connect (Azure AD Connect)
• Entra Identity Governance (Entitlement Management Access Reviews Lifecycle Workflows)
• Entra Privileged Identity Management (PIM) Entra Conditional Access

• Zero Trust frameworks Privileged Access Workstations (PAW) Microsoft Defender for Identity
• Regulatory frameworks: HIPAA SOX PCI-DSS

• SailPoint Saviynt or equivalent IGA platforms
• Microsoft Graph API PowerShell Azure CLI

• Visio Lucidchart or equivalent diagramming tools
• Microsoft 365 (Word PowerPoint Excel) for governance framework and migration plan documentation

This policy applies to all terms and conditions of employment including recruiting hiring placement promotion termination layoff recall transfer leaves of absence compensation and training.