IAM Engineer

OneOncology is positioning community oncologists to drive the future of cancer care through a patient-centric, physician-driven, and technology-powered model to help improve the lives of everyone living with cancer. Our team is bringing together leaders to the market place to help drive OneOncology’s mission and vision.

Why join us? This is an exciting time to join OneOncology. Our values-driven culture reflects our startup enthusiasm supported by industry leaders in oncology, technology, and finance. We are looking for talented and highly-motivated individuals who demonstrate a natural desire to improve and build new processes that support the meaningful work of community oncologists and the patients they serve.

Job Description:

We are seeking a highly skilled and experienced Identity and Access Management (IAM) Engineer to join our IT team. The IAM Engineer will be responsible for designing, implementing, and managing the enterprise identity and access management solutions. This role will ensure that the organization’s IT systems and data are secure by managing and monitoring access rights, ensuring compliance with policies and regulations, and implementing best practices for identity management.

Key Responsibilities

• Design and implement IAM solutions, including identity governance, authentication, authorization, and directory services.

• Integrate IAM systems with existing infrastructure, applications, and services.

• Collaborate with Security and Compliance teams to develop and maintain IAM policies, standards, and procedures.

• Implement single sign-on (SSO), multi-factor authentication (MFA), and role-based access control (RBAC).

• Manage and administer user access rights across multiple systems and applications.

• Ensure proper provisioning, de-provisioning, and lifecycle management of user accounts.

• Manage and maintain integrations and security between the Enterprise Resource Planning (ERP) system and IAM systems; may perform additional security and system administration functions in Workday ERP.

• Monitor and audit access rights to ensure compliance with security policies and regulations.

• Ensure IAM systems comply with relevant regulations and standards (e.g., GDPR, HIPAA, SOX).

• Investigate and respond to security incidents related to identity and access management.

• Provide technical support and troubleshooting for IAM-related issues.

• Collaborate with other IT and security teams to resolve complex IAM issues.

• Identify opportunities to improve IAM processes and technologies.

• Provide recommendations for enhancements to security posture through IAM.

• Create and maintain detailed documentation for IAM systems and processes.

• Provide training and guidance to other IT staff and end-users on IAM best practices.

• Other duties as assigned to help drive our mission of improving the lives of everyone living with cancer

Key Competencies

• Identity and Access Management (IAM) Technologies: Proficiency with IAM tools and platforms such as Okta, Microsoft Azure AD, SailPoint, ForgeRock, and others.  Understanding of directory services like Active Directory (AD) and Lightweight Directory Access Protocol (LDAP).

• Authentication and Authorization Protocols: Strong knowledge of protocols such as SAML, OAuth, OpenID Connect, Kerberos, and multi-factor authentication (MFA).

• Scripting and Automation: Ability to write scripts (e.g., PowerShell, Python, Bash) to automate IAM processes like user provisioning, de-provisioning, and access management.  Ability to leverage APIs as part of complex automation workflows.

• Access Control Models: Familiarity with Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC), and other access control models.

• Security Knowledge: Understanding of security principles and best practices related to identity and access management, including least privilege, zero trust, and data protection.  Knowledge of relevant regulations and standards, such as GDPR, HIPAA, SOX, and how they impact IAM practices.  Ability to assess and mitigate risks related to identity management, including implementing controls to prevent unauthorized access.

• Problem-Solving and Analytical Skills: Capable of quickly identifying and resolving IAM-related incidents, including investigating security breaches related to access control.  Strong analytical skills to assess IAM policies, identify vulnerabilities, and recommend improvements.

• Communication and Collaboration: Effective communication skills for collaborating with other IT and security teams, as well as for explaining technical concepts to non-technical stakeholders.  Ability to create clear documentation and provide training on IAM practices to other IT staff and end-users.  Experience in leading or participating in IAM projects, including the implementation of new IAM systems or integration with existing systems.

• Adaptability and Continuous Learning: A commitment to staying current with the latest IAM technologies, security threats, and best practices.  Adaptability in a rapidly changing security landscape, with the ability to adjust strategies and tools as needed.

• Attention to Detail: Meticulous attention to detail in managing user access rights, auditing systems, and ensuring compliance with policies and regulations.

Qualifications

• Bachelor's degree in computer science, Information Technology, Systems Engineering, or a related field; relevant work experience may be considered in lieu of a degree.

• 3-5 years of experience in Identity and Access Management or a related field.

• Hands-on experience with IAM technologies such as Active Directory, LDAP, SAML, OAuth, and related tools.

• Hands-on experience managing IAM products such as Okta, Microsoft Azure AD, SailPoint, ForgeRock, or similar.  Experience with Okta administration is preferred.

• Healthcare IT/IS experience preferred

• Relevant certifications such as CISSP, CISM, or Certified Identity and Access Manager (CIAM) are a plus.

#LI-LK1