Job Title & Specialty Area : IAM Specialist
Department : IT Security
Location : Dallas, TX
Shift : Monday - Friday
Job Type : Remote (Must live in Texas)
Why Children’s Health?
At Children’s Health, our mission is to Make Life Better for Children, and we recognize that their health plays a crucial role in achieving this goal.
Through our cutting-edge treatments and affiliation with UT Southwestern, we strive to deliver an extraordinary patient and family experience, ensuring that every moment, big or small, contributes to their overall well-being.
Our dedication to promoting children’s health extends beyond our organization and encompasses the broader community. Together, we can make a significant difference in the lives of children and contribute to a brighter and healthier future for all.

SUMMARY :

The IT Security Identity and Access Management (IAM) Analyst plays a vital role in ensuring the secure and efficient management of user accounts and access throughout their lifecycle in a healthcare environment. This role focuses on provisioning, deprovisioning, and maintaining access rights, ensuring compliance with healthcare regulations, and protecting sensitive patient and organizational data.

WORK EXPERIENCE

At least 1 year of experience in IAM or IT Security, preferably in a healthcare setting - required
Familiarity with healthcare systems such as EHR/EMR platforms (e.g. Epic, Cerner) - preferred

EDUCATION

Four-year bachelor’s degree or equivalent experience Information Technology, Computer Science, Cybersecurity, or a lrealted field - required

User Account Lifecycle Management: Manage the end-to-end lifecycle of user accounts, including provisioning, modification, and deprovisioning. Perform periodic reviews and recertifications of access rights to ensure compliance with security policies and least-privilege principles. Manage and govern user access through Imprivata IDG and CyberArk, ensuring accurate provisioning, deprovisioning, and periodic access reviews for compliance with healthcare regulations.
Access Control Administration: Administer and enforce role-based access control (RBAC) policies for healthcare systems, applications, and networks. Maintain and update identity repositories and directories, ensuring data integrity and accuracy. Evaluate local admin rights requests across departments, asking targeted questions about use cases, and only granting after validating need with department leads and risk assessment. Create and manage non-human (service/application) accounts across departments by first engaging project owners to understand the purpose, scope, and security requirements—ensuring accounts are not created without clearly defined use cases and controls. Conduct quarterly Active Directory cleanup by verifying user status across multiple platforms before deactivating or terminating accounts, ensuring accuracy and minimizing risk. Review and approve requests for access to systems and applications, assessing permissions based on the principle of least privilege.
Collaboration and Stakeholder Engagement: Collaborate with HR, IT, and clinical departments to align account access with job roles and organizational needs. Serve as a point of contact for access-related requests, incidents, and troubleshooting.
Compliance and Audit Support: Ensure user access aligns with HIPAA, HITECH, and other healthcare regulatory requirements. Support internal and external audits by providing accurate documentation and evidence of IAM activities.
Process Improvement and Automation: Identify opportunities to optimize IAM processes and workflows, leveraging automation tools where feasible. Contribute to the development and refinement of IAM policies, standards, and procedures.
Security Monitoring and Incident Response: Monitor access activities for anomalies and potential security incidents. Collaborate with cybersecurity teams to investigate and remediate IAM-related threats.