Information Security & Identity Access Management (IAM) Manager

Hennepin Healthcare is an integrated system of care that includes HCMC, a nationally recognized Level I Adult Trauma Center and Level I Pediatric Trauma Center and acute care hospital, as well as a clinic system with primary care clinics located in Minneapolis and across Hennepin County. The comprehensive healthcare system includes a 473-bed academic medical center, a large outpatient Clinic & Specialty Center, and a network of clinics in the North Loop, Whittier, and East Lake Street neighborhoods of Minneapolis, and in the suburban communities of Brooklyn Park, Golden Valley, Richfield, and St. Anthony Village. Hennepin Healthcare has a large psychiatric program, home care, and operates a research institute, philanthropic foundation, and Hennepin EMS. The system is operated by Hennepin Healthcare System, Inc., a subsidiary corporation of Hennepin County.

Equal Employment Opportunities: We believe equity is essential for optimal health outcomes and are committed to achieve optimal health for all by actively eliminating barriers due to racism, poverty, gender identity, and other determinants of health. We are committed to equitable care and working in an environment that celebrates, promotes, and protects diversity, equity, inclusion, and belonging. We are committed to bringing in individuals with new cultural perspectives to assist in creating a more equitable healthcare organization

SUMMARY:

We're seeking an Information Security & Identity Access Management (IAM) Manager to join our team. This full time role will work days. Seeking a local candidate who has the ability to work hybrid.

Purpose of this position: The Manager of Information Security and Identity & Access Management is a key member of the Information Services and Technology leadership team. Reporting to the Director of Information Security,
this position is operationally responsible for technologies and systems used to support security operations
and security monitoring services. Additionally, this position is responsible for technologies and operations
related to managing electronic and digital identities, and access to applications and critical information
within the organization. The Manager of Information Security and Identity & Access Management is a
forward-looking technology leader who thinks strategically about their area of responsibility recommending
future direction and leading the development of 1-3 year road maps, in partnership with operations,
incorporating the current healthcare and technology environment, regulations, trends, and impacts to
Hennepin Healthcare. This role works closely with the IS&T leadership team in designing and executing
on Hennepin Healthcare's technology roadmap.

RESPONSIBILITIES:

Information Security Leadership

• Delivers information services exceptionally well, delivering on business value by improving patient outcomes, patient experiences and care team efficiencies in a transparent and cost-efficient way, while creating a positive and engaging work environment
• Manages a staff of information security and identity & access management professionals, hires and trains new staff, conducts performance reviews, and provides leadership and coaching, including technical and personal development programs for team members
• Works with the Information Security Director to develop a security program and security projects that address identified risks and business security requirements
• Manages the process of gathering, analyzing and assessing the current and future threat landscape, as well as providing the Information Security Director with a realistic overview of risks and threats in the organization's computing environment
• Leads the development of the Identity & Access Management program, including centralizing access management and role-based provisioning
• Leads the Information Security Policy Workgroup. Proposes changes to existing policies and procedures to ensure operating efficiency and regulatory compliance
• Builds relationships across the IS&T departments to foster the spirit of cooperation and shared vision, maintaining the balance between Information Security and IT operational needs
• Negotiates IS&T related contracts to ensure cost-effective agreements are achieved, HHS interests are protected and business value is added

Information Security Management

• Works with the Information Security Director to develop budget projections based on short- and long-term goals and objectives
• Assists resource owners and IT staff in understanding and responding to security audit failures reported by auditors
• Serves as an active and consistent participant in the information security governance process
• Develops and maintains the security incident response process, including all required supporting materials
• Develops functional requirements for roles that will be involved in the CSIRT program
• Manages third-party risk management efforts

Identity & Access Management

• Works with IT Service Management to improve the process of receiving and processing Identity and Access Management Requests, including streamlining the appropriate intake forms
• Monitors Identity and Access Management practices ensuring compliance with the necessary security and compliance requirements
• Manages operational and performance metrics, measuring effectiveness and efficiency of the Identity and Access Management Program
• Monitors trends, developments and best practices in Identity and Access Management in anticipation of changing requirements, expectations and opportunities; assesses technical, fi

QUALIFICATIONS:

Minimum Qualifications:

• A Bachelor's Degree in information systems or equivalent work experience

-OR-

• An approved equivalent combination of education and experience

Preferred Qualifications:

• M.B.A. or M.S. in information security
• Experience working with legal, audit and compliance staff
• Experience with common information security management frameworks, such as ITIL, NIST CSF, CIS, or COBIT
• Experience working in Healthcare or Healthcare Technology industries

Knowledge/ Skills/ Abilities:

• Strong leadership skills and the ability to work effectively with business managers, IT engineering and IT operations staff
• The ability to interact with HHS personnel, build strong relationships at all levels and across all business units and organizations, and understand business imperatives
• A strong understanding of the business impact of security tools, technologies and policies
• Strong leadership abilities, with the capability to develop and guide information security team members and IT operations personnel, and work with minimal supervision
• Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the IT organization, project and application development teams, management and business personnel; indepth knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls; an excellent understanding of information security concepts, protocols, industry best practices and strategies
• Experience developing and maintaining policies, procedures, standards and guidelines
• Familiarity with applicable legal and regulatory requirements such as HIPAA and PCI

You've made the right choice in considering Hennepin Healthcare for your employment. We offer a wealth of opportunities for individuals who want to make an impact in our patients' lives. We are dedicated to providing Equal Employment Opportunities to both current and prospective employees. We are driven to connect talented individuals with life-changing career opportunities, enabling you to provide exceptional care without exception. Thank you for considering Hennepin Healthcare as a future employer.

Please Note: Offers of employment from Hennepin Healthcare are conditional and contingent upon successful clearance of all background checks and pre-employment requirements.

• We offer a competitive pay rate based on your skills, licensure/certifications, education, experience related to this position, and internal equity.
• We provide an extensive benefits program that includes Medical; Dental; Vision; Life, Short and Long-term Term Disability Insurance; Retirement Funds; Paid Time Off; Tuition reimbursement; and license and Certification reimbursement (Available ONLY for benefit eligible positions).
• For a complete list of our benefits, please visit our career site on why you should work for us.