Senior IAM Engineer - Remote or Hybrid in MN and DC
About The Position
Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together. The Enterprise Information Security (EIS) team is responsible for cybersecurity across our organization. We support our business and members by reducing risk, rapidly responding to threats, focusing on business resiliency and securing new acquisitions. UnitedHealth Group’s Enterprise Security and Resilience Office (ESRO) is committed to building and maintaining the trust and confidence of our customers and stakeholders. The IAM Engineer / Imprivata EAM Administrator is responsible for the design, implementation, administration, and ongoing optimization of Imprivata solutions - primarily Imprivata OneSign, Confirm ID, and Enterprise Access Management (EAM). This role enables the IAM organization in deploying and maintaining secure, efficient, and reliable authentication workflows that support clinical and enterprise operations. You’ll enjoy the flexibility to work remotely from anywhere within the U.S. as you take on some tough challenges. For all hires in the Minneapolis or Washington, D.C. area, you will be required to work in the office a minimum of four days per week.
Requirements
- 8+ years of Information Technology delivery or support experience in a large, complex environment, or in a Healthcare organization
- 3+ years of proven experience with Imprivata EAM in an enterprise or healthcare environment
- 3+ years of experience analyzing and resolving complex access and authentication issues
- 2+ years of hands-on experience with Windows Server, Active Directory, Group Policy/Ivanti EM
- 2+ years of hands-on experience with Citrix / VMware Horizon virtual desktop environments
- 2+ years of hands-on experience with MFA technologies, certificate services, badge authentication, and FIDO security keys, Identity access management (IAM), SSO, and MFA principles
- 1+ years of hands-on experience with Tap n Go badge workflows and FIDO2 based authentication.
- 1+ years of experience managing agent and appliance upgrade cycles, including planning, testing, and deployment
- 1+ years of experience with ITIL processes, change management, and large-scale enterprise support
- Proven ability to support on-call rotations and respond to incidents when required, provide off-business hours support as needed
Nice To Haves
- Imprivata certifications (e.g., Imprivata Certified Engineer)
- Information security or IAM background and related certifications
- 5+ years of experience supporting Imprivata and Healthcare applications and customers
- Experience supporting EHR systems (Epic Hyperspace, Epic Slingshot).
- PowerShell or other scripting experience for automation
- Knowledge of Cloud, Networking, Database and Virtual Infrastructure concepts
- Proven excellent communication and collaboration skills, and ability to work with customers and peers in multiple time zones or regions
- Proven good understanding of Clinical workflows
- Proven excellent troubleshooting and root cause diagnosis skills
Responsibilities
- Lead the administration and lifecycle management of Imprivata EAM platform
- Configure, and maintain authentication workflows including Single sign-on (SSO), Badge tap / Tap n Go, FIDO2 security Key workflows; Multi-factor authentication (MFA); Electronic prescribing of controlled substances (EPCS); Fast user switching
- Maintain system stability through proactive performance monitoring, patching, upgrades, and capacity planning
- Manage full upgrade lifecycle for Imprivata appliances, agents, and components, including planning, testing, deployment, validation, and rollback strategies
- Integrate Imprivata solutions with clinical and enterprise applications such as EHRs (Epic), virtual desktops (Citrix/VMware Horizon), Active Directory, MFA tokens, and identity providers
- Deploy and optimize endpoint agents, authentication devices, badge readers, FIDO compliant hardware keys, and API-driven integrations
- Create and maintain application profiles, SSO configurations, workflows, identity policies, and Tap n Go device mappings
- Ensure compliance with regulatory requirements such as HIPAA, EPCS, HITRUST, and internal security policies
- Implement secure identity and authentication controls across the healthcare and workforce ecosystem
- Collaborate with Security and Compliance teams for audits, risk assessments, and access reviews
- Serve as Tier 2 expert for escalations related to authentication, SSO, MFA, badge access, FIDO key workflows, or clinical workflow issues
- Conduct root-cause analysis, resolve complex issues, and implement long-term remediation
- Engage Imprivata technical support and vendors when needed to resolve escalated issues
- Ensure 24x7 availability and stability of services
- Develop and maintain KB articles, documentation for system configurations, deployment procedures, upgrade runbooks, and operational standards
- Identify opportunities for workflow enhancements, automation, and optimization of authentication pathways
- Mentor, train and transfer knowledge to junior engineers, analysts and support staff
Benefits
- a comprehensive benefits package
- incentive and recognition programs
- equity stock purchase
- 401k contribution
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
