About the Role

IAM Engineer

Location: Remote United States

Job Description:

Overview of the Role: Reports to the Sr. Manager of IT Audit & Security. The IAM Engineer fulfills a critical role in the design, implementation, and continuous development of Privia’s identity and governance platforms, Sailpoint IdentityNow and Ping One Identity (ForgeRock), ensuring they meet the organization’s IGA and CIAM needs. This position is also vital in maintaining and developing processes and procedures for the authorization, maintenance, governance, and termination of user access for both workforce and non-workforce identities. The IAM Engineer will collaborate across departments to identify and address flaws in the company’s security systems and procedures, working with management to optimize the user lifecycle experience and improve the company’s overall security posture. The IAM Engineer is also responsible for integrating the identity platform with other Privia systems like Google Workspace, HRIS systems, and mission and business-critical systems. They will work with various teams and stakeholders to ensure that workflows related to access and data management comply with security policies, industry standards, and best practices.

CLOUD/SAAS

  • Experience with user provisioning in cloud environments such as Google Workspace or Microsoft 365.
  • Familiarity with Google Workspace or Google Cloud is preferred.
  • Strong understanding of access controls, authentication, and authorization models in cloud-based platforms.

APPLICATION (Applications, Database, Interfaces)

  • Understanding of securing a three-tier application architecture in the context of identity and access management.
  • Knowledge of cloud-based security architecture, including multi-cloud environments and the differences between cloud-native applications and virtualized environments such as Citrix or VDI.
  • Must have proven advanced experience using Identity and Access Management (IAM) and Identity Governance and Administration (IGA) platforms. With a strong preference for expertise in SailPoint IdentityNow or Ping Identity (ForgeRock)

AUTOMATION/SCRIPTING/INTEGRATION

  • Experience with automation and scripting tools such as GAM (Google Apps Manager), Google Apps Script, Python, PowerShell, JavaScript, and other relevant languages to support identity lifecycle management.
  • Proficiency in REST and SCIM APIs for automating user provisioning, deprovisioning, and access management across IAM, IGA, and CIAM solutions.
  • Strong focus on automation, streamlining IAM processes, and identifying integration opportunities to enhance security and efficiency.

IGA/IAM/CIAM/PAM

  • Extensive experience with Identity Governance and Administration (IGA) platforms, particularly SailPoint IdentityNow, including the implementation of RBAC, ABAC, and automated provisioning workflows.
  • Expertise in designing and implementing enterprise-level CIAM solutions, particularly with Ping Identity/ForgeRock.
  • Proven ability to integrate IAM and IGA solutions with single sign-on (SSO) protocols such as SAML, OAuth, and OpenID Connect to enhance security while optimizing user experience.
  • Strong background in defining and enforcing IAM policies, implementing fine-grained access controls, and managing identity lifecycle events (Joiner, Mover, Leaver) in enterprise environments.
  • Skilled in leading IAM architecture discussions, providing strategic technical guidance, and driving best practices in identity security across complex SaaS and cloud environments.

EHR/EMR (Preferred)

  • Experience with application support for an EHR/EMR – athenaOne preferred.
  • Knowledge in the creation, modification, and termination of user profiles within an EHR/EMR application.
  • 5+ years of experience with designing and building complex IAM/IGA/CIAM implementations.
  • 3+ years of hands-on experience working with SailPoint, including expertise in its implementation, configuration, and management.
  • 5+ years of experience in user provisioning and lifecycle management, with a strong engineering perspective on designing and automating identity solutions. Preference for experience in healthcare technology.
  • Strong security skills as outlined above, including expertise in IAM, IGA, and CIAM solutions.
  • Must adhere to all HIPAA rules and regulations.

Preferred Qualifications:

  • Bachelor’s Degree in Computer Science or a related field.

APPLY HERE