• Specialist - Multi-Cloud IAM - OCI

    Ascension Health (St. Louis, MO)


    Details

    + **Department:** Security

    + **Schedule:** Full Time Monday - Friday 8am - 5pm CT

    + **Location:** Remote

    + **Salary:** $100,218.00 - $139,698.00 per year

     

    Benefits

     

    Paid time off (PTO)

     

    Various health insurance options & wellness plans

     

    Retirement benefits including employer match plans

     

    Long-term & short-term disability

     

    Employee assistance programs (EAP)

     

    Parental leave & adoption assistance

     

    Tuition reimbursement

     

    Ways to give back to your community

     

    _Benefit options and eligibility vary by position. Compensation varies based on factors including, but not limited to, experience, skills, education, performance, location and salary range at the time of the offer._

    Responsibilities

    Job Summary

    Works as a specialized subject matter expert within the Cloud IAM team, translating complex business security and compliance requirements into robust, scalable Identity and Access Management solutions. This role will have a primary focus on Oracle Cloud Infrastructure (OCI), while also supporting Microsoft Azure, Google Cloud Platform (GCP), and Amazon Web Services (AWS). The role applies to the core CyberSecurity lifecycle (Identify, Protect, Detect, Respond, and Recover) to secure and manage multi-cloud assets and user identities.

    Responsibilities:

    + Serves as a key technical point of contact for Cloud IAM, specializing in OCI, managing stakeholder expectations and ensuring prompt, high-quality service delivery across the multi-cloud environment.

    + Forms productive networks with internal resource owners across all supported cloud platforms (OCI, Azure, GCP, AWS), governance teams, and external vendor communities.

    + Contributes to the development of project plans related to multi-cloud security initiatives, with a priority on OCI.

    + Conducts advanced diagnosis and problem resolution, applying the CyberSecurity lifecycle toward complex multi-cloud IAM issues and business problems, with hands-on expertise in the OCI platform.

    + Designs, directs, and performs technical analyses to resolve complex project issues, including the technical feasibility of proposed multi-cloud IAM solutions.

    + Designs and implements multi-cloud IAM projects with broad organizational implications, requiring integration of OCI, Azure, GCP, and AWS security platforms with enterprise-wide identity providers.

    + Serves as a staff resource and mentor regarding multi-cloud IAM architectural systems and best practices, particularly focusing on the unique aspects of OCI.

    Core OCI IAM Technical Expertise:

    + **OCI IAM Fundamentals** : Deep understanding of OCI's IAM concepts including:

    + Users, Groups, and Identity Domains: Creating, managing, and configuring user identities and assigning them to appropriate groups and domains.

    + Policies: Writing, implementing, and enforcing fine-grained access control policies using the OCI policy language to grant least-privilege access to resources across compartments.

    + Compartments: Designing and managing a secure compartment structure to logically organize and isolate OCI resources and enforce separation of duties.

    + **Authentication and Authorization** :

    + Implementing and managing strong authentication methods, including Multi-Factor Authentication (MFA) and adaptive security.

    + Configuring Federation with external identity providers (like Microsoft Active Directory, Okta) to enable Single Sign-On (SSO).

    + **Security Services Integration** : Familiarity with how OCI IAM interacts with other OCI security services, such as:

    + OCI Vault: For managing encryption keys and secrets.

    + OCI Cloud Guard and Security Zones: For maintaining security posture and compliance.

    + **Automation and Scripting** : Experience with OCI's automation tools to streamline provisioning and policy enforcement:

    + OCI CLI and SDKs: For managing IAM resources programmatically.

    + Infrastructure as Code (IaC): Using tools like Terraform and OCI Resource Manager to define and deploy IAM policies and compartments efficiently.

    Foundational Identity and Access Management (IAM) Knowledge

    + **IAM Principles** : Thorough understanding of core IAM concepts like:

    + Authentication, Authorization, and Accounting (AAA).

    + The Principle of Least Privilege (PoLP).

    + Identity Lifecycle Management (ILM) from provisioning to de-provisioning.

    + **Security Protocols** :

    + Knowledge of industry-standard security and access protocols (e.g., SAML, OAuth, OIDC).

    + **Directory Services** :

    + Familiarity with enterprise directory services like LDAP and Active Directory.

    Requirements

    Education:

    + High School diploma equivalency with 2 years of cumulative experience OR Associate's degree/Bachelor's degree OR 4 years of applicable cumulative job specific experience required.

     

    Additional Preferences

    Licensure/ Certification/ Registration:

    + Preferred certifications include Oracle Cloud Infrastructure (OCI) Foundations Associate or OCI Security Professional.

    + Secondary certifications in Azure, GCP, or AWS security/identity are a plus.

     

    \#LI-Remote

     

    Why Join Our Team

     

    Ascension associates are key to our commitment of transforming healthcare and providing care to all, especially those most in need. Join us and help us drive impact through reimagining how we can deliver a people-centered healthcare experience and creating the solutions to do it. Explore career opportunities across our ministry locations and within our corporate headquarters.

     

    Ascension is a leading non-profit, faith-based national health system made up of over 134,000 associates and 2,600 sites of care, including more than 140 hospitals and 40 senior living communities in 19 states.

     

    Our Mission, Vision and Values encompass everything we do at Ascension. Every associate is empowered to give back, volunteer and make a positive impact in their community. Ascension careers are more than jobs; they are opportunities to enhance your life and the lives of the people around you.

     

    Equal Employment Opportunity Employer

     

    Ascension provides Equal Employment Opportunities (EEO) to all associates and applicants for employment without regard to race, color, religion, sex/gender, sexual orientation, gender identity or expression, pregnancy, childbirth, and related medical conditions, lactation, breastfeeding, national origin, citizenship, age, disability, genetic information, veteran status, marital status, all as defined by applicable law, and any other legally protected status or characteristic in accordance with applicable federal, state and local laws.

     

    For further information, view the EEO Know Your Rights (English) (https://www.eeoc.gov/sites/default/files/2023-06/22-088\_EEOC\_KnowYourRights6.12.pdf) poster or EEO Know Your Rights (Spanish) (https://www.eeoc.gov/sites/default/files/2023-06/22-088\_EEOC\_KnowYourRightsSp6.12.pdf) poster.

     

    As a military friendly organization, Ascension promotes career flexibility and offers many benefits to help support the well-being of our military families, spouses, veterans and reservists. Our associates are empowered to apply their military experience and unique perspective to their civilian career with Ascension.

     

    Please note that Ascension will make an offer of employment only to individuals who have applied for a position using our official application. Be on alert for possible fraudulent offers of employment. Ascension will not solicit money or banking information from applicants.

     

    E-Verify Statement

     

    This employer participates in the Electronic Employment Verification Program. Please click the E-Verify link below for more information.

     

    E-Verify (https://www.e-verify.gov/about-e-verify)