IAM Architect

Wecare Medical Specialty Group is a leading multi-specialty healthcare provider dedicated to delivering compassionate, high-quality, and patient-centered care. We are committed to staying at the forefront of medical advancements and ensuring our practices align with the highest standards of security, regulatory compliance, and operational excellence. Our team thrives in a collaborative and supportive environment, driven by a shared mission to protect our patient data and ensure the secure operation of our healthcare services.

Position Summary

Wecare Medical Specialty Group is seeking a highly skilled, experienced, and strategic IAM (Identity and Access Management) Architect to join our dedicated IT Security team. The IAM Architect will be responsible for designing, implementing, managing, and evolving the enterprise-wide IAM strategy and solutions. This role is critical in safeguarding our sensitive data and systems, ensuring appropriate access controls, and maintaining compliance with healthcare regulations (such as HIPAA and HITECH) and industry best practices. The ideal candidate will have a deep understanding of IAM principles, technologies, and a proven track record of architecting robust IAM frameworks in complex environments, preferably within the healthcare sector.

Key Responsibilities

IAM Strategy & Architecture:

Develop, lead, and maintain the enterprise IAM strategy, roadmap, and architecture, aligning with business objectives and security requirements.

Design and implement comprehensive IAM solutions, including but not limited to Identity Governance and Administration (IGA), Privileged Access Management (PAM), Single Sign-On (SSO), Multi-Factor Authentication (MFA), federation services, and directory services.

Define and enforce IAM policies, standards, and procedures across the organization.

Evaluate and recommend new IAM technologies, tools, and techniques to enhance security posture and operational efficiency.

Solution Design & Implementation:

Lead the design, integration, and deployment of IAM systems and services across on-premise and cloud environments (e.g., Azure AD, AWS IAM).

Collaborate with IT infrastructure, application development, and business teams to ensure seamless integration of IAM solutions.

Develop and maintain detailed architecture diagrams, documentation, and operational playbooks for IAM systems.

Security & Compliance:

Ensure IAM solutions comply with relevant laws, regulations (HIPAA, HITECH, GDPR, CCPA), and industry standards (NIST, ISO 27001).

Conduct regular reviews and assessments of IAM controls, processes, and technologies to identify and mitigate risks.

Support internal and external audits by providing expertise and evidence related to IAM controls.

Oversee access certification and recertification processes.

Operational Excellence & Support:

Provide Level 3/4 support for complex IAM-related incidents and problems.

Mentor and provide technical guidance to other IT and security team members on IAM best practices and technologies.

Monitor IAM systems for performance, availability, and security anomalies.

Automate IAM processes where possible to improve efficiency and reduce manual effort (e.g., user provisioning, de-provisioning).

Collaboration & Communication:

Effectively communicate IAM strategies, risks, and recommendations to technical and non-technical stakeholders, including executive leadership.

Work closely with cybersecurity teams, privacy officers, compliance officers, and application owners to ensure IAM requirements are met.

Qualifications

Education:

Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field is required.

Masters degree is a plus.

Relevant industry certifications such as CISSP, CISM, GIAC, or specific IAM vendor certifications (e.g., Okta Certified Professional/Consultant, Microsoft Certified: Identity and Access Administrator Associate/Expert, SailPoint Certified IdentityIQ Architect) are highly desirable.

Experience:

Minimum of 7-10 years of experience in IT, with at least 5-7 years focused specifically on IAM architecture, design, and implementation in a complex enterprise environment.

Proven experience in architecting and deploying IAM solutions such as IGA (e.g., SailPoint, Saviynt), PAM (e.g., CyberArk, Delinea), MFA (e.g., Duo, Azure MFA), SSO, and federation (SAML, OAuth, OpenID Connect).

Strong experience with directory services (e.g., Active Directory, Azure Active Directory, LDAP).

Experience with IAM in cloud environments (Azure, AWS, GCP) is essential.

Experience in the healthcare industry and familiarity with HIPAA/HITECH regulations is strongly preferred.

Skills & Knowledge:

Deep understanding of IAM principles, best practices, and emerging trends.

Expert knowledge of identity lifecycle management, access controls, authentication, authorization, and identity federation.

Proficiency in scripting languages (e.g., PowerShell, Python) for automation and integration.

Strong understanding of network security, operating systems, and database security concepts.

Excellent analytical, strategic thinking, and problem-solving skills.

Exceptional communication, presentation, and interpersonal skills, with the ability to articulate complex technical concepts to diverse audiences.

Ability to lead projects, work independently, and collaborate effectively in a remote team environment.

Work Authorization Requirements

Candidates must be legally authorized to work in the United States.

U.S. Citizenship or a valid U.S. Permanent Resident Card (Green Card) is required for this position.