Identity and Access Management Engineer

You’re more valuable than ever – And that’s just how we’ll make you feel.

JOB SUMMARY

The Go Health Identity and Access Management (IAM) Engineer is responsible for efficiently onboarding and offboarding employees, ensuring they have the appropriate access to the systems needed for their roles. This position is crucial for implementing and supporting GoHealth’s modern IAM architecture, infrastructure, capabilities, and standards.

The IAM Engineer will leverage strong technical skills to analyze IAM data, identify trends or errors, and develop new IAM processes as required. They will ensure that identity and access systems are integrated to facilitate consistent setup and onboarding of new employees in Go Health applications and systems. Collaboration with various IT roles, hiring managers, and organizational leaders is essential to ensure timely and secure onboarding and offboarding of employees.

JOB REQUIREMENTS

Education

• Bachelor's degree in computer science, Information Technology, or related field is highly preferred.

Work Experience

• 5+ years of experience with Identity/Access Management within a healthcare organization required
• Experience provisioning users within an EMR systems such as Epic and/or eClinicalWorks preferred

Required Licenses/Certifications

• Professional certifications such as CISSP, Identity IQ Engineer certification, and/or Identity IQ Associate Certification, Certified Identity, and access management (CIAM), or other relevant industry certifications and/or desire to obtain such certificates (Preferred)

Additional Knowledge, Skills and Abilities Required

• Proven working experience in installing, configuring, administering, and troubleshooting Identity Management software (Okta)
• Familiarity with Identity Management (Okta, Azure Active Directory)
• Experience with Okta Workflows
• Experience with all Authentication Protocols, including but not limited to SAML 2.0, OIDC, etc.
• Experience with SQL (Microsoft SQL, Oracle)
• Experience with scripting (PowerShell, Python, etc.) or stored procedures
• Knowledge of Microsoft Active Directory, such as Group Policy Management
• Experience managing MS Exchange/Outlook and Microsoft Teams for the corporate environment. 
• Solid experience in the Microsoft 365 environment 
• Experience with Identity Governance, including managing PIM/PAM and access audits

Additional Knowledge, Skills, and Abilities Preferred

• Strong development skills in languages such as Java, Python, or .NET.
• Experience with REST APIs, SDKs, and web services.
• Excellent analytical and problem-solving skills.
• Strong communication and collaboration skills to work with cross-functional teams.

Essential Functions

• Expected to have a thorough understanding of Identity and Access Management (IAM) realms and stay up to date with the latest security standards, secure protocols, authentication & authorization protocols, and best practices around IAM industry patterns. 
• Proven hands-on experience with developing/architecting solutions using two or more leading IAM Solution providers such as Azure Entra ID, Okta, SailPoint, Saviynt, CyberArk, Beyond Trust.
• Collaborate with cross-functional teams, including business stakeholders, developers, and architects, to gather business requirements and develop technical solutions that meet business needs.
• Hands-on experience with Access Profiles, Roles, Policies, and Certifications.
• Experience configuring SaaS-based Identity Governance (IG) solutions.
• Expertise in Joiner-Mover-Leaver (JML) workflows.
• Experience implementing access request, entitlements reviews, approval workflows, and certification campaigns.
• Strong experience with Segregation of Duties (SoD) and HIPAA / PCI and PII compliance enforcement.
• Demonstrated experience with most common identity access and governance (IGA) and SailPoint connectors including Active Directory (AD), EntraID, JDBC, Exchange, web service, EPIC, Imprivata, and authoritative sources integration (such as Workday).
• Implement and configure Okta features such as SSO, MFA, Lifecycle Management, Workflows, and Authorization.
• Develop and maintain custom integrations with third-party applications using Okta APIs and SDKs.
• Conduct testing and validation of Okta IAM solutions to ensure they meet the required standards and requirements.
• Develop and maintain documentation, including technical specifications, design documents, standard operating procedures, guides for the IT Helpdesk, and user manuals.
• Provide ongoing support for Okta IAM solutions and troubleshoot issues as they arise.
• Stay up to date with industry trends and best practices related to Okta, IAM and IGA.

All other duties as assigned.

Note:  this job description is not inclusive of all the duties of the position.  You may be asked by leaders to perform other duties.  Management reserves the right to revise this position description at any time. 

Set up email alerts as new job postings become available that meet your interest! 

All qualified persons are granted an equal opportunity for employment without regard to race, color, religion, sex, sexual orientation and gender identity or expression, age, national origin, citizenship status, disability, genetic information, medical condition, family care leave status, pregnancy or pregnancy-related condition, otherwise qualified disabled or veteran status. The company will comply with all fair employment laws in each of the jurisdictions where we conduct business.

For applicants in California, please review our California Consumer Privacy Statement here. https://www.gohealthuc.com/privacy-policy