Senior Security Manager - IAM (Permanent Remote)

As the Senior Security Manager for Identity and Access Management, you will lead by being a highly technical leader who delivers high business impact on projects of increasing dependencies and ambiguity.
You will lead a team of individual contributors focused on protecting patients, our employees, and Aledade as a whole. You will establish frameworks and processes to manage workforce lifecycle management, access governance, privileged access management and enable secure access to improve security posture. You will work with cross-functional stakeholders and teams to establish standards, SOPs, runbooks to bring efficiency in Identity Governance and Administration and meet compliance requirements.
At Aledade, we empower primary care physicians with technology to keep their patients healthy, preventing unnecessary hospitalizations.

Primary Duties:

• Build a high performing team by hiring and nurturing security talent.
• Strong technical leadership - drive technical solutioning and building roadmaps to reduce or manage security risk.
• Set aggressive and clear goals and remove all roadblocks for the team to achieve them.
• Working seamlessly and collaboratively with stakeholders across Aledade to achieve business outcomes.
• Work closely with other leaders to drive excellence in our processes and systems.

Minimum Qualifications:

• BS (or higher) in Computer Science, Cybersecurity, Engineering, or equivalent experience.
• 10+ years of experience in building and maintaining Enterprise Identity and Access Governance solutions, workforce lifecycle management and privileged access management. 
• 5+ years of building and leading highly complex, technical security teams.

Preferred KSA’s:

• You have experience in attracting, hiring, and coaching world-class engineers including performance management.
• You have experience in taking ownership of the technology decisions, while delegating and empowering team members.
• You have experience communicating analysis and establishing confidence among audiences who do not share your disciplinary background or training.
• You have strong communication and relationship building skills, with experience influencing and aligning multiple stakeholders.
• Adaptability to rapidly evolving technologies and regulations .
• Experience with various compliance standards and frameworks: SOC 2, HIPAA, CCPA, ISO 27001, SOX ITGC are required. 
• Domain specific Preferred KSA’s:
• Experience with Identity & Access Management (IaM), RBAC systems and practices.
• In-depth knowledge of authentication protocols, authorization  mechanisms, and directory services.
• Developing enterprise-wide IAM and IGA roadmaps and aligning them with business objectives.
• Experience generating automated metrics to measure service and program effectiveness and consistency.
• Strong communication skills, both written and verbal, with the capability to articulate complex security issues to a diverse audience.
• Experience with tools in the security stack required: Federated Identity - Okta/Entra ID/Ping Identity, IGA - Sailpoint/Saviynt/Omada/Oracle IG, Cloud Platforms - AWS/Azure/GCP, PAM - CyberArk/BeyondTrust/Delinea
• Nice to have knowledge, skills, and/or abilities


• Proficiency in scripting languages like PowerShell, Python or Javascript.
• Experience with health-tech systems, like Electronic Health Records, Clinical data, etc.

Physical Requirements:

• Sitting for prolonged periods of time. Extensive use of computers and keyboard. Occasional walking and lifting may be required.