Cybersecurity Access Engineer III

Job Summary

Responsible for engineering and managing the organization’s identity and access management capabilities to ensure secure, reliable access to systems, services, and critical resources.

Managing the organization’s access security capabilities, including Identity and Access Management platforms, integrations, and supporting controls. Installs, configures, tests, maintains, and troubleshoots IAM capabilities; integrates IAM services into the enterprise architecture and supported systems; supports automation of identity lifecycle and access provisioning/deprovisioning; and supports secure access patterns such as least privilege, strong authentication, and Conditional Access. Works in close partnership with peers and other subject matter experts across the organization to achieve desired outcomes.

Provides thought leadership and guidance to level I and level II Engineers.

• Formal
  
  Education:
  
  Bachelor’s Degree or equivalent in Computer Science, Cybersecurity, IT, or Engineering or equivalent combination of education and/or experience.
• Experience:
  
  Five (5) years of IT related experience.
• Preferred:
  Experience in a healthcare environment with exposure to HIPAA, PCI DSS, or other relevant regulations.
• Certifications required: (CompTIA Security+ or CompTIA Healthcare IT Technician or SSCP or CCNA-Security or Microsoft Technology Associate - Security Fundamentals) and (CSSLP or GSEC or vendor certificate in specific security tool).
• Certifications preferred: ITIL Foundation (or equivalent), ISC2 CCSP, SSCP, CISSP (or equivalent), GIAC Certifications, CompTIA CASP.

• Advanced knowledge of information assurance (IA) principles and organizational requirements to protect confidentiality, integrity, availability, authenticity, and non-repudiation of information and data.
• Advanced knowledge of the systems engineering process; user authentication methods and factors; secure configuration management techniques.
• Advanced knowledge of directory services, identity platforms, and identity security architecture (e.g., authentication/authorization flows, token/assertion use, access enforcement paths, and Zero Trust/conditional access design).
• Advanced knowledge of modern authentication capabilities and practices (e.g., phishing-resistant MFA, passwordless authentication, credential lifecycle management, and identity proofing concepts).
• Advanced knowledge of identity governance and entitlement risk (e.g., access creep, excessive privilege, orphaned accounts, toxic access) and the supporting engineering controls (e.g., access reviews/certification and identity attestation).
• Advanced knowledge of IAM platform operations and resilience (e.g., high availability, patching/upgrades, backup and recovery, and performance tuning for identity services and integrations).
• Advanced knowledge of identity governance administration (IGA) integration patterns (e.g., connector-based provisioning, attribute mapping, reconciliation, and integration troubleshooting across identity platforms and source systems).
• Advanced knowledge of Conditional Access and privileged access control enforcement (e.g., policy rollout, exception handling, and privileged access monitoring requirements).
• Intermediate knowledge of access control mechanisms, systems testing/evaluation, and operational tooling (e.g., fault tolerance, backup/recovery, systems management, and traffic analysis) as they relate to identity services and access pathways.
• Intermediate knowledge of identity automation (e.g., provisioning/deprovisioning workflows, APIs/connectors, and policy-driven access enforcement).
• Intermediate knowledge of IAM monitoring, telemetry, and alerting (e.g., authentication, privileged access, lifecycle, and access decision events), including SIEM integration and escalation thresholds.
• Basic knowledge of risk management processes; incident response and handling methodologies; cyber defense policies, procedures, and regulations.
• Basic knowledge of information technology (IT) supply chain security/risk management; laws, regulations, policies, and ethics as they relate to cybersecurity (e.g.,…