Munson Healthcare Identity Access Management Analyst in Traverse City, Michigan
The role of an Identity Access Management (IAM) Analyst is to provide expertise to the organization in the realm of IT system user access administration, including participation in the development of capabilities of the IAM platform which manages the full user access lifecycle (provisioning, periodic auditing, to de-provisioning). An individual in this role is establishing a track record of success working within the user access lifecycle, including workflow design, system onboarding, continuous improvement, and auditing. The individual also has the skill and the aptitude to work as part of a team scripting automation activities. IAM Analysts are knowledgeable and contributors both in a proactive sense - as a resource for crafting policy, standards, process, controls, and consulting on IT system design, as well as the reactive sense – as part of the incident response team.
IAM Analysts participate as consultants in the definition and management of standards, processes, and reporting that is part of the data security program. The Individual may work with various technical and non-technical stakeholders on the areas of access risk and controls. The Individual will be an active participant in the authoring and maintenance of role-based access and access automation systems, while also seeking new knowledge in the field to inform process change within the data security program.
IAM Analysts serve as a team member on the Munson cybersecurity team and in the Information Systems (IS) department supporting initiatives that protect the confidentiality, integrity, and availability of information systems and assets including data. Position may serve as an entry level to cybersecurity. The individual will be a participant in developing and maturing data protection strategies, policy, standards, and projects that support the Munson Healthcare vision: Working together, we will be the first choice for care within the communities we serve.
o Must have one of the following: required
ï‚§ Associate’s degree with minimum 2 years relevant experience (preferably cyber defense/IT/business or healthcare emphasis)
ï‚§ Bachelor’s degree (preferably cyber defense/IT/business or healthcare emphasis)
ï‚§ 4 years or more in a position managing data, or identity access management experience in an enterprise level setting (preferably healthcare)
o Experience in cybersecurity or risk management beneficial
o Experience in information technology (IT) beneficial
o Experience in healthcare beneficial
o Data security related certification, including but not limited to Security+, CeH, or other IT related certification relevant to security operations beneficial
o ITIL V3 Foundation beneficial
o Other professional certification beneficial
o Keyboarding proficiency required
o Intermediate knowledge of Microsoft Windows, and Office required
o Basic knowledge of Active Directory, PowerShell, or similar Linux required
o A keen interest in the value of defined processes and documentation, and understanding of how it furthers management of risk required
o Development experience such as web or other IT system, as well as strong scripting and automation programming skills beneficial.
o Accurately record process and work-related information to meet auditing requirements required.
o Familiar with regulatory and legal security standards and requirements such as HIPAA, HiTech, PCI DSS and Sarbanes-Oxley beneficial
o Knowledgeable of cybersecurity frameworks including HITRUST CSF, NIST CSF, beneficial
Under the general supervision of a Manager of Cybersecurity or CISO. A working relationship with all Information Systems staff must be maintained.
A professional working relationship with staff from all organizational departments, other regional healthcare facilities, and hardware vendors must be maintained.
No managerial or supervisory responsibility.
Supports the Mission, Vision and Values of Munson Healthcare.
Embraces and supports the Performance Improvement philosophy of Munson Healthcare with a focus on True North.
Promotes personal and patient safety.
Uses effective customer service/interpersonal skills at all times.
Participate in the design of, and provide expert internal escalation support for, identity access management related platforms and technologies, and end user issues.
Participate in the design of organizational IAM processes, and consult on special exception processes.
Participate on process design and activities for regular provisioned user audit and other data security audit activities.
Participate in optimization of security related processes and continuous improvement efforts for security controls.
Be coachable, and mentored by others within the IT department.
Perform the basic risk assessments and department activities.
Be willing and capable of participation in Information security activities with representatives from different parts of the organization with relevant roles and job functions.
Participate in information security awareness activities to others in the organization.
Be an example to others for proper documentation practices.
Participate in communication with appropriate contacts with relevant authorities.
Participate in coordination with appropriate contacts such as special interest groups or other specialist security forums and professional associations.
Participate in the identification of risks to the organization's information and information assets from business processes involving external parties and implement appropriate controls.
Participate as part of a team in addressing of security requirements before giving customers access to the organization's information or assets.
Communicate and model the importance of organizational Information Technology policies, protocols, standards, and procedures.
Support the Mission, Vision and Values of Munson Healthcare.
Embrace and supports the Performance Improvement philosophy of Munson Healthcare with a focus on True North.
Promote personal and patient safety.
Be an example of effective customer service/interpersonal skills at all times.
Perform other duties and responsibilities as assigned.