Director Enterprise Identity Services and Cybersecurity

About The Position

Requirements

• Bachelors Degree, Bachelor’s degree in Information Security, Computer Science, Healthcare Informatics, or related field (or equivalent experience) (Required)
• 7-10 years Cybersecurity experience, with significant experience in healthcare environments (Required)
• 3-4 years Supervisory experience (Required)
• Experience with Zero Trust Architecture and modern identity security frameworks
• Prior experience supporting large health systems or multi-facility organizations
• Strong knowledge of IAM, PAM, MFA, SSO, directory services, and cloud identity
• Proven experience supporting regulatory compliance and audits in healthcare
• Demonstrated ability to lead cross-functional security initiatives
• Strategic leadership and team development
• Strong communication skills with technical and non-technical stakeholders
• Risk-based decision making in clinical environments
• Ability to balance security, compliance, and patient care priorities
• High level of integrity and accountability

Nice To Haves

• CISSP Upon Hire (Preferred)

Responsibilities

• Lead, mentor, and manage the IAM team, including engineers, analysts, and administrators.
• Define and execute the IAM strategy aligned with organizational cybersecurity and clinical objectives.
• Oversee user lifecycle management (JML: joiner, mover, leaver) across workforce, clinicians, contractors, and vendors.
• Manage privileged access management (PAM), role-based access control (RBAC), and least-privilege models.
• Ensure secure identity integration across EHR (Epic), clinical systems, cloud platforms, and third-party applications.
• Lead the design and implementation of Identity Governance (IGA) frameworks, specifically defining Separation of Duties (SoD) policies and orchestrating periodic access certifications to ensure the principle of least privilege.
• Integrate robust Change Management protocols into the IAM lifecycle to ensure that identity-related updates, configuration shifts, and privilege escalations are executed with minimal operational disruption and full audit-ability.
• Serve as a senior cybersecurity leader, collaborating with members of the information security, infrastructure, and application security teams.
• Assess, mitigate, and manage identity-related cybersecurity risks, including insider threats and credential compromise.
• Support incident response and breach investigations involving identity, access, or authentication events.
• Contribute to enterprise security architecture and zero-trust initiatives.
• Lead security reviews for new systems, integrations, and vendor access.
• Ensure IAM controls meet healthcare regulatory requirements (HIPAA, HITECH, NIST, HITRUST, ISO 27001).
• Support audits, risk assessments, and compliance reporting related to identity security.
• Develop and enforce IAM policies, standards, and procedures.
• Partner with clinical leadership to balance security, usability, and patient care workflows.