"Alerted.org

*_SUMMARY:_*

We’re seeking an*Information Security & Identity Access Management (IAM) Manager*to join our team. This full time role will work days. Seeking a local candidate who has the ability to work hybrid.

*Purpose of this position:* The Manager of Information Security and Identity & Access Management is a key member of the Information Services and Technology leadership team. Reporting to the Director of Information Security,

this position is operationally responsible for technologies and systems used to support security operations

and security monitoring services. Additionally, this position is responsible for technologies and operations

related to managing electronic and digital identities, and access to applications and critical information

within the organization. The Manager of Information Security and Identity & Access Management is a

forward-looking technology leader who thinks strategically about their area of responsibility recommending

future direction and leading the development of 1-3 year road maps, in partnership with operations,

incorporating the current healthcare and technology environment, regulations, trends, and impacts to

Hennepin Healthcare. This role works closely with the IS&T leadership team in designing and executing

on Hennepin Healthcare’s technology roadmap.

*_RESPONSIBILITIES:_*

*Information Security Leadership*

* Delivers information services exceptionally well, delivering on business value by improving patient outcomes, patient experiences and care team efficiencies in a transparent and cost-efficient way, while creating a positive and engaging work environment

* Manages a staff of information security and identity & access management professionals, hires and trains new staff, conducts performance reviews, and provides leadership and coaching, including technical and personal development programs for team members

* Works with the Information Security Director to develop a security program and security projects that address identified risks and business security requirements

* Manages the process of gathering, analyzing and assessing the current and future threat landscape, as well as providing the Information Security Director with a realistic overview of risks and threats in the organization’s computing environment

* Leads the development of the Identity & Access Management program, including centralizing access management and role-based provisioning

* Leads the Information Security Policy Workgroup. Proposes changes to existing policies and procedures to ensure operating efficiency and regulatory compliance

* Builds relationships across the IS&T departments to foster the spirit of cooperation and shared vision, maintaining the balance between Information Security and IT operational needs

* Negotiates IS&T related contracts to ensure cost-effective agreements are achieved, HHS interests are protected and business value is added

*Information Security Management*

* Works with the Information Security Director to develop budget projections based on short- and long-term goals and objectives

* Assists resource owners and IT staff in understanding and responding to security audit failures reported by auditors

* Serves as an active and consistent participant in the information security governance process

* Develops and maintains the security incident response process, including all required supporting materials

* Develops functional requirements for roles that will be involved in the CSIRT program

* Manages third-party risk management efforts

*Identity & Access Management*

* Works with IT Service Management to improve the process of receiving and processing Identity and Access Management Requests, including streamlining the appropriate intake forms

* Monitors Identity and Access Management practices ensuring compliance with the necessary security and compliance requirements

* Manages operational and performance metrics, measuring effectiveness and efficiency of the Identity and Access Management Program

* Monitors trends, developments and best practices in Identity and Access Management in anticipation of changing requirements, expectations and opportunities; assesses technical, financial and organizational implementation for Hennepin Healthcare

*QUALIFICATIONS:*

*/Minimum Qualifications:/*

* A Bachelor's Degree in information systems or equivalent work experience

-OR-

* An approved equivalent combination of education and experience

*/Preferred Qualifications:/*

* M.B.A. or M.S. in information security

* Experience working with legal, audit and compliance staff

* Experience with common information security management frameworks, such as ITIL, NIST CSF, CIS, or COBIT

* Experience working in Healthcare or Healthcare Technology industries

*/Knowledge/ Skills/ Abilities:/*

* Strong leadership skills and the ability to work effectively with business managers, IT engineering and IT operations staff

* The ability to interact with HHS personnel, build strong relationships at all levels and across all business units and organizations, and understand business imperatives

* A strong understanding of the business impact of security tools, technologies and policies

* Strong leadership abilities, with the capability to develop and guide information security team members and IT operations personnel, and work with minimal supervision

* Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the IT organization, project and application development teams, management and business personnel; indepth knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls; an excellent understanding of information security concepts, protocols, industry best practices and strategies

* Experience developing and maintaining policies, procedures, standards and guidelines

* Familiarity with applicable legal and regulatory requirements such as HIPAA and PCI

**Title:** *Information Security & Identity Access Management (IAM) Manager*

**Location:** *MN-Minneapolis-Downtown Campus*

**Requisition ID:** *251007*