The Identity Access Manager is responsible for overseeing the daily operations of the Identity and Access Management (IAM) program. This role ensures the effective execution of the identity lifecycle, including access request triage, provisioning, modification, deprovisioning, and access reviews, while maintaining compliance with security, privacy, and regulatory requirements. The Identity Access Manager acts as the operational leader for IAM processes, tools, and staff, ensuring access is granted appropriately, timely, and securely across enterprise systems.

• Oversee daily IAM operations, including triaging and managing incoming access requests
• Serve as the primary point of contact and designated lead for EHR security, responsible for coordinating, overseeing, and maintaining all security controls and protections related to the Electronic Health Record.
• Ensure timely and accurate provisioning, modification, and deprovisioning of user access
• Manage identity lifecycle processes for employees and non-employees (contractors, vendors, students, etc.)
• Partner with Cybersecurity Engineers to ensure effective IAM governance, including control alignment, monitoring, and continuous improvement.
• Enforce access control policies, least privilege, and separation of duties requirements
• Coordinate with application owners, IT operations, and data center teams to resolve access issues
• Lead and support periodic access reviews and certifications
• Monitor IAM queues, SLAs, and performance metrics to ensure operational effectiveness
• Identify opportunities to automate and improve IAM workflows and processes
• Manage exceptions, access risk findings, and remediation activities
• Develop and maintain IAM documentation, procedures, and runbooks
• Support security incidents and investigations related to identity or access misuse
• Provide reporting and status updates to security leadership
• Serve as the primary operational escalation point for IAM-related issues
• Maintains confidentiality, integrity, and availability of ARH information.
• Complies with applicable internal and external policies, standards, laws, and regulations related to ARH information.
• Performs other related duties, tasks, and responsibilities as required or assigned.

Education
- Bachelor’s degree in Information Technology, Cybersecurity, Business, or a related field OR an equivalent combination of education, training, and progressive professional experience.
- An equivalent combination may include significant hands‑on IT experience, leadership roles, industry certifications, continuing education, and experience in regulated environments such as healthcare.

Minimum Work Experience
- 5+ Years’ experience

Required Skills, Knowledge, and Abilities
- Strong understanding of identity lifecycle management concepts
- Knowledge of role-based access control (RBAC), least privilege, and separation of duties principles
- Experience with IAM platforms and directory services (e.g., Microsoft Entra ID, Active Directory, IAM governance tools)
- Knowledge of access request workflows, approvals, and fulfillment processes
- Understanding of healthcare security, privacy, and regulatory requirements
- Ability to analyze access risks and recommend remediation or control improvements
- Strong organizational and prioritization skills in a high-volume operational environment
- Excellent written and verbal communication skills
- Ability to work independently and collaboratively across technical and non-technical teams