DIRECTOR OF INFORMATION SECURITY IDENTITY ACCESS MANAGEMENT (IAM)
Company: Rush University Medical Center
Location: Chicago
Posted on: October 19, 2024
Job Description:
Interested in this role You can find all the relevant information
in the description below.
Location: Chicago, IL
Hospital: RUSH University Medical Center
Department: Digital & Information Services
Work Type: Full Time (Total FTE between 0.9 and 1.0)
Shift: Shift 1
Work Schedule: 8 Hr (8:00:00 AM - 5:00:00 PM)
Summary:
The Director, Cybersecurity Identity and Access Management (IAM) is
responsible for developing, implementing, and maintaining RUSH's
IAM Program including the information technology systems and
processes needed to support the program. This position will lead a
team of managers, engineers, and analysts to deliver RUSH's IAM
vision, strategy, and program roadmap. This position will also work
closely with Security Architecture, the CISO, Cybersecurity
Governance Committee and other RUSH leadership to ensure the IAM
program meets the maximum levels of information security while
balancing the access needs of the organization. Directs the IAM
strategy for authentication, authorization, directory services, and
user management processes at RUSH. Provides IAM related technical
consulting on complex organizational projects. Evaluates existing
systems and procedures and makes recommendations for improvements
of system controls while continually assessing the overall IAM
program maturity. The individual who holds this position
exemplifies the Rush mission, vision, and values and acts in
accordance with Rush policies and procedures.
Responsibilities:
Governance
- Develops strategic direction and methodology for the IAM
program and leads a team to develop content for the RUSH
Cybersecurity governance, management, and other Board Committees.
Presents action items for discussion and approval during these
meetings.
- Leads the development of the IAM vision, roadmap, architecture,
business cases, and projects to implement modern cybersecurity
technologies and processes in RUSH's digital and cloud
environments.
- Works with RUSH IT management, risk managers, corporate
compliance and legal counsel to assist with special projects or
investigations.
- Understands the enterprise strategy and influences the
integration of IAM security into RUSH business strategies and
processes while ensuring that the results are documented and
actionable.
- Establishes, monitors, evaluates, and reports IAM key
performance and key risk indicators (KPIs and KRIs) to provide
leadership with accurate information regarding the effectiveness of
the IAM Program.
Access Management
- Drives the RUSH IAM Program and access management processes
including but not limited to identity administration, user
authentication, authorization, API access control, UEBA, BYOI, SSO,
and user self-service.
- Works closely with Security Architecture on development of
strategy, technology and use-case requirements to support current
and future Rush identity needs.
- Develops strategy and drives implementation from a people,
processes, and technology perspective for core access management
capabilities including:
- Managing internal and external identities and providing
directory and identity synchronization services leverage
SCIM.
- Authorization decisions, policy creation and dynamic/adaptive
access management.
- User authentication including MFA, one-time passwords, mobile
pushes, etc.
- Standard application enablement including SSO to SaaS, web, and
mobile applications leveraging modern identity protocols like SAML
and OpenID Connect.
- External access management including user registration, profile
management, delegated administration, federation support for third
party identity providers, etc.
Identity Governance Administration (IGA)
- Drives the RUSH IGA processes including but not limited to
identity lifecycle processes, identity data quality management,
automated provisioning, entitlement management, roles and policy
management, access requests, and access certifications.
- Develops strategy and drives implementation from a people,
processes, and technology perspective for core IGA capabilities
including:
- Authoritative source connectors and identity lifecycle
management.
- Target system connectors and birthright access.
- IGA workflows, analytics and reporting.
- Role based access controls including automated role modeling,
entitlement management, roles and policy management, access
requests and risk-based access certifications.
Privileged Access Management (PAM)
- Drives the RUSH PAM processes including but not limited to
privileged access governance, session management, credential
management, JIT-PAM methods, account discovery, task automation,
secrets management, privilege escalation and delegation management,
and CIEM.
- Develops strategy and drives implementation from a people,
processes, and technology perspective for core PAM use cases
including:
- Human to machine PAM administration for servers and
infrastructure, endpoints, and remote access.
- Machine to machine connectivity for databases, applications,
and microservices.
- Machine to machine automation including scripts, DevOps
pipelines, and RPA.
- Cloud infrastructure entitlements for IaaS, PaaS, and SaaS.
Administration
- Defines strategy, with a roadmap of key deliverables and
timelines, and delivers consistently.
- Provides enterprise-wide leadership and direction in all areas
of IAM.
- Aligns the security team scope, budget and staffing to the
company level strategy, emerging technologies and changes in the
threat landscape.
- Leads a functional Cybersecurity team to manage IAM operations
to meet the business and compliance requirements of RUSH.
- Represents RUSH at local and national security conferences to
understand industry trends and incorporate into current
operations.
- Approves/disapproves department expenditures. Develops short
and long-term budget projections and plans. Provides financial
status reports as needed.
Required Job Qualifications:
- Requires bachelor's degree in computer science or related
technology field.
- CISM or applicable certification.
- 10+ years of relevant computer systems experience focusing on
Information Security and Identity Management, preferably in a
healthcare setting.
- Understands IAM principles, methodology, and solutions
including access control (role-based and discretionary),
authentication, authorization, provisioning, approvals, and
workflows.
- Experience with Single Sign On (SSO), Directory Federation,
SAML, OAuth, and Multifactor authentication.
- Expert knowledge in IAM tools, technology, governance, and
program management.
- Extensive knowledge of current common paradigms for violating
system integrity.
- Understanding of key IAM concepts such as Least Privilege,
Privileged Access, Roles and Data mining, Segregation of Duty
(SOD), and Zero Trust (ZTA/ZTNA).
- Must have excellent interpersonal skills to effectively
communicate with all levels of hospital personnel, vendors, and IT
personnel.
- Must possess the ability to deliver clear, concise
communications and presentations. Must be able to train others
quickly and thoroughly on key cybersecurity concepts.
- Expert knowledge with security role-based access for enterprise
clinical applications.
- Experience as a technology security leader building world class
security strategies and executing them.
- Experience building effective internal and external
relationships and interacting effectively with individuals at all
levels.
- Experience influencing and collaborating to get work done
through others.
- Management experience.
Preferred Job Qualifications:
- CISM, CISSP, or applicable security certification.
Rush is an equal opportunity employer. We evaluate qualified
applicants without regard to race, color, religion, sex, sexual
orientation, gender identity, national origin, disability, veteran
status, and other legally protected characteristics.
#J-18808-Ljbffr
Keywords: Rush University Medical Center, Bolingbrook , DIRECTOR OF INFORMATION SECURITY IDENTITY ACCESS MANAGEMENT (IAM), Executive , Chicago, Illinois
Didn't find what you're looking for? Search again!
Loading more jobs...