Assistant Manager - Cloud Identity Access Management (IAM)

One of the nation’s largest and most respected providers of hospital and healthcare services, Universal Health Services, Inc. (UHS) has built an impressive record of achievement and performance. During the year, UHS was again recognized as one of the World’s Most Admired Companies by Fortune; and listed in Forbes ranking of America’s Largest Public Companies. Operating acute care hospitals, behavioral health facilities, outpatient facilities and ambulatory care access points, an insurance offering, a physician network and various related services located all over the U.S. States, Washington, D.C., Puerto Rico and the United Kingdom. www.uhs.com

The Corporate Information Services Department is seeking a dynamic and talented Assistant Manager – Cloud Identity Management.

The Assistant Manager - Cloud Identity Management reports to the Assistant Director of Messaging and Collaboration Services and is responsible for account lifecycle management for all UHS facilities consisting of more than 250 locations and over 85,000 users. Oversees the development of workflows, system configuration, documentation, optimization and support related to access, while working with application teams to deploy new functionality. Responsible for overseeing the on-going maintenance, testing, support and optimization of Identity Governance and Role Based Access Control (RBAC). Assists other team members related to cloud identity management and participates in continuous process improvement activities.

Key Responsibilities include:

• Oversees the day-to-day operations of the Identity and Access Management (IAM) system including supervising IAM analysts supporting the environment. Supports the UHS IAM environment by maintaining the solution and resolving incidents and requests from HR, recruiting, facility technicians and customers. Plans, coordinates and performs maintenance activities on IAM servers. Monitors the availability and functionality of the IAM environment for optimal performance and provides direction for future enhancements.
• Work with internal customers, business analysts, and application teams to understand access requirements.
• Manages the design, testing and implementing of the IAM system. Ensures that the design adheres to best practices and that all use cases are thoroughly documented and tested. Deploys new configurations and use cases by following all change management processes. Works to onboard new and existing facilities onto the platform.
• Leads projects to deploy new capabilities and enhancements. Performs project management functions and ensures all tasks are completed. Documents procedures and standards to company policy. Creates and maintains all IAM systems documentation.
• Performs system upgrades and updates. Tests changes and updates in a lab environment to draw an implementation plan. Troubleshoots system issues and performs problem analysis, resolution and root cause analysis.
• Provides user account lifecycle management, including creating, provisioning, securing, and deactivating of system access. Responsible for developing access templates to ensure that the right people have access to the right resources. Reconciles discrepancies between access rights assigned and access rights required for users to perform job duties. Develops system access and security implementation plans derived from operational customer needs and requests.
• Creates, conducts and reviews periodic access audits, in conjunction with our internal audit and HR teams, to ensure the correct access is delegated to system users. Reviews user entitlements, in addition to adding new entitlements as roles positions are established, based on a pre-determined cadence. Works with stakeholders to ensure access entitlements are periodically reviewed and approved. Participates in auditing and risk assessments, and implementation of audit recommendations.
• Generates reports to perform in-depth analysis and data collection associated with IAM.
• Assists in efficiency improvements by recommending process changes as well as developing solutions to automate and orchestrate repeatable tasks for IAM.

Position Requirements:

• Bachelor’s degree in computer science, information technology, or other related field.
• At least five years of experience in identity and access management, or a related field, with experience in planning, designing, deploying, managing and troubleshooting IAM systems.
• At least five years experience administering and configuring Identity and Access Management systems.
• Strong and detailed working knowledge and understanding of Identity and Access Management systems to design, configure, deploy and troubleshoot complex issues quickly.
• Experience using all versions of Windows server, in particular server 2019 and 2022, as well as be knowledgeable in Active Directory, Office 365, SQL Server, database design and Powershell scripting.
• Experience in System Administration of Windows based servers hosting applications is required.
• Experience developing workflows and documentation related to IAM systems.
• Strong scripting skills to be able to automate and code for complex scenarios.
• Strong knowledge of IAM concepts and best practices.
• Knowledge of Active Directory and other IAM software solutions.
• Familiarity with database concepts and relational databases, such as Microsoft SQL Server.
• Familiarity with HR systems as it relates to onboarding, offboarding and employee updates.
• Ability to work individually and as part of a team.
• Strong analytical skills.
• Excellent organizational skills and attention to detail.
• Strong problem-solving skills.
• Proven track record of managing projects to completion.
• Excellent teamwork abilities as well as written and verbal communication skills.
• Detail oriented, organized and possesses self-management and prioritization skills to handle multiple tasks and projects.
• Technically knowledgeable and customer service oriented with the ability to interact with all levels of an organization in a professional manner.
• Participates in the on-call rotation process as part of the team.

Travel Requirements: Minimal travel required, up to 5% based on projects.

This opportunity provides the following:

• Challenging and rewarding work environment
• Growth and development opportunities within UHS and its subsidiaries
• Competitive Compensation
• Excellent Medical, Dental, Vision and Prescription Drug Plan
• 401k plan with company match
• Generous Paid Time Off