Reports to the Chief Information Security Officer. Promotes security awareness within the Information Technology (IT) department and employees across the health system. Ensures adherence to Midland’s security standards is enforced. Under direct supervision, the Identity and Access Management (IAM) Analyst 2 performs all procedures necessary to fulfill user requests for provisioning and access requests and assesses and resolves user access issues related to security controls to minimize business impact and risk exposure. This is a level 2 analyst, responsible for addressing escalations from Level 1 IAM Analysts and addressing complex access related issues. This Analyst will work closely with senior IAM Analysts and Cyber Engineers to support all access and provisioning related activities. This document describes the major duties, responsibilities, and authorities of this job, and is not intended to be a complete list of all tasks and functions. It should be understood, therefore, that incumbents may be asked to perform job-related duties beyond those explicitly described.

SHIFT AND SCHEDULE

Full Time: 8:00 AM – 5:00 PM

ESSENTIAL FUNCTIONS/PERFORMANCE EXPECTATIONS

• Assists in the development and implementation of access management security policies and procedures.
• Responsible for tracking and monitoring security-related events and incidents.
• Enforces security policies and procedures by administering and monitoring security tools.
• Reviews, and investigates access and provisioning related issues, and provides recommendations to senior level analysts, and cyber security.
• Validate users are provisioned appropriate levels of access according to Information Technology standard operating policies and procedures.
• Administers user provisioning by performing the set-up, maintenance, and deactivation of a variety of IT user accounts, and access to folders, files, directories, and distribution lists.
• Ensures that the user community understands and adheres to necessary procedures to maintain access controls and the security of Midland IT systems.
• Participates in internal and external audit activities. Assists in providing access lists for review in order to maintain compliance.
• Manages basic issues and problems, and refers more complex issues to higher-level staff.
• Reviews user access controls and makes recommendations on improvements to eliminate risks.
• Perform other duties and responsibilities as assigned.

EDUCATION AND EXPERIENCE

A bachelor’s degree is preferred. Experience provisioning EMR (Electronic Medical Record) platforms, and related Health Care applications and systems. Additional technical experience preferred is below:

• Bachelor’s degree + 0 Years of experience
• Associate’s degree + 2 Years of experience
• High School Diploma + 4 Years experience in lieu of a degree
• Experience provisioning Microsoft O365 licensing
• Experience provisioning AD (Active Directory)
• Knowledgeable or experience with Identity Governance and Administration (IGA) platforms
• NIST 27001, NIST 405d security frameworks

PHYSICAL REQUIREMENTS

To perform this job successfully, an individual must be able to perform each essential responsibility satisfactorily. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The individual must be able to:

• Stand, walk, sit, stoop, reach, lift, see, speak and hear. Lifting is limited to 35 lbs. for clinical staff and to 50 lbs. for non-clinical staff. The individual must use an assisted-lift device or get another individual(s) to assist with the lift that is over these maximum limits.