IT Security Engineer II - Identity and Access Management

Hourly Pay Range:

Position Highlights:

• IT Security Engineer II- Identity Access and Management

• 4901 Searle Pkwy Skokie

• Full Time

• Hours: Monday-Friday, 8am to 430pm

• Participate in 24/7 on-call rotation schedule

• Hybrid

A Brief Overview:

As the IAM Security Engineer II serves as a senior technical resource responsible for designing, implementing, and supporting Identity and Access Management solutions that ensure secure and compliant access to Endeavor Health systems and data. This role requires deep understanding and expertise in IGA platforms, automation, governance, as well as experience with healthcare-specific applications and compliance frameworks such as HIPAA, HITRUST, and NIST. The IAM Security Engineer will partner with security, compliance, HR, and clinical teams to deliver robust identity lifecycle management, privileges access controls, and authentication/authorization solutions for the Endeavor Healthcare organization. The IAM Security Engineer II will also design and implement security IAM policies for various devices and systems, oversee security for internal and external systems, and mentor junior staff. Candidates should be proficient in using source code editor tools and programming/scripting languages. Responsibilities extend to participating in compliance audits, managing IAM projects, and ensuring alignment with HIPAA, and other applicable laws and regulations and/or standards. This mostly remote role includes a 24/7 on-call rotation and requires strong leadership, project management, and communication skills.

To be successful in this role, you will be expected to stay up to date on the latest IAM solutions and technologies and advocate for the adoption of industry best practices

What you will do:

· Lead the configuration, integration, and management of IAM solutions across the organization.

· Design and configure role-based access and attribute-based access controls for automation and birthright access.

· Configure and manage access certification campaigns for entitlements, roles, and elevated access for regulatory compliance needs.

· Implement and support privileged access controls using solutions like Delinea or MS Entra PIM for admin accounts, break-glass access, and clinical application elevated privileges.

· Enforce multi-factor authentication (MFA) and just-in-time access for privileged accounts.

· Develop and maintain integrations between IAM platforms and EHR systems, cloud services, and on-prem applications.

· Create scripts, APIs, and workflows to streamline access user lifecycle management.

· Ensure IAM systems meet HIPAA, HITRUST, PCI, DSS, NIST CSF, and other healthcare regulatory requirements.

· Configure and support Single Sign-on (SSO) integrations using SAML, OAuth, or OpenID Connect for internal and third-party applications.

· Participate in security incident response, including rapid access revocation and forensic investigations.

· Serve as a technical mentor for junior IAM engineers and analysts.

· Lead complex IAM projects and act as a subject matter expert for cross-functional initiatives.

· Socializes strategies, standards, policies, procedures, communications, and awareness efforts with business partners.

· Participates in reviews of new or existing systems to ensure IAM requirements are satisfied, prior to implementation, including performing pre-deployment and as-built risk assessments.

· Design policies and standard operational procedures (SOP) as required for IAM, PAM, and access management solutions

What you will need:

• Bachelor’s Degree, or equivalent, in a technical discipline, or a corresponding educational background with professional-level security certifications relevant to the role.

• One advanced, professional, or expert-level security certification.

• Minimum three (3) years of mid-level Cybersecurity experience at an analyst or engineer level.

• Previous experience leading, supporting, managing, and administering at least one application.

• Previous experience leading security projects and initiatives

• Expertise in HIPAA, HITRUST, and NIST security controls.

• Strong understanding of modern authentication protocols (SAML, OAuth, OpenID Connect, LDAP).

• Knowledge of RBAC/ABAC design and governance in a healthcare setting.

• Familiarity with IAM integrations for EPIC and other cloud-based healthcare applications.

• Excellent communication skills, with the ability to work effectively with technical and non-technical stakeholders.

• Experience with ADUC active directory users and computers.

• Strong analytical and problem-solving skills with attention to detail.

• Ability to work independently with minimal oversight on a broad range of IAM projects and initiatives.

• Deep understanding of IAM security principals and best practices, including principal of least privileges, defense in depth, Zero Trust, and separation of duties

Benefits:

• Career Pathways to Promote Professional Growth and Development

• Various Medical, Dental, and Vision options

• Tuition Reimbursement

• Free Parking at designated locations

• Wellness Program Savings Plan

• Health Savings Account Options

• Retirement Options with Company Match

• Paid Time Off

• Community Involvement Opportunities