Cybersecurity Services Manager - Identity & Access Management

Fairview Health Services

  • Minneapolis, MN
  • Permanent
  • Full-time
  • 5 days ago
Job Description:Job OverviewCybersecurity Services Manager - Identity & Access Management is accountable for owning and managing multiple services including providing technical and people leadership to build strategy, design, build, deploy and support the cybersecurity services. The Identity & Access Management service ensures secure access to systems and data by managing human and machine identities, enforcing the least privilege principles, and safeguarding privileged accounts across the organization. This individual is responsible for working directly with internal and external stakeholders to understand the business requirements and implement solutions to meet those needs. The successful candidate will be an excellent communicator, with in-depth knowledge of multiple security domains, technologies, standards, and processes. This role reports into the Director of Cybersecurity Engineering & Automation and will assist in the development of the Identity & Access Management strategic roadmap to continue expanding and enhancing the cybersecurity services to improve the security posture of Fairview and our partners. Successful candidate would be highly motivated in excelling customer service and obsessed with services quality, innovative delivery and adoption of industry benchmarks. The candidate shall be an experienced security professional with a demonstrated record of developing influential programs aimed at protecting data and systems, strong oral and written skills, and driving security as a service.Job Expectations: The Cybersecurity Services Manager - Identity & Access Management has the following key responsibilities:
  • Provide strategic leadership in conceiving, designing and operationalizing services from Cybersecurity and Risk Management group, offered to Fairview’s internal and other partners
  • Deliver multiple services in alignment with organizational goals, against targeted metrics with desired impact of measurable improving service satisfaction and sustainable costs.
  • Effectively manage a diverse team of direct reports, strategic partners, consultants, and project resources, fostering a high-performance team that delivers scalable, secure solutions and services.
  • Own the strategic roadmap for Identity & Access Management, driving modernization, automation, and integration initiatives
  • Provide executive-level reporting and metrics on the effectiveness, maturity, and risk posture of Identity & Access Management services, including KPI tracking and control assurance.
  • Hiring, coaching, and mentoring a high performing, diversified team within the Cybersecurity Risk Management team through formal and informal training opportunities in partnerships with vendors and industry peer groups to support ongoing initiatives and future needs
  • Collaborate with cybersecurity, infrastructure, application, compliance, and business teams to define requirements, align priorities, and deliver secure and scalable identity solutions.
  • Manage vendor relationships, tool evaluations, and budget for IAM/PAM solutions.
  • Own the enterprise IAM/PAM stack (e.g., Okta, Microsoft Entra ID, Delinea, SailPoint, Saviynt).
  • Ensure seamless integration with HR systems, IT service management (ITSM), and cloud platforms (AWS, Azure, GCP).
  • Deliver a seamless and secure onboarding experience by automating account provisioning and role-based access assignments
  • Enforce Zero Trust and least privilege principles across all systems.
  • Oversee privileged access management (PAM), including credential vaulting, Just-in-Time (JIT) access, and session auditing.
  • Ensure compliance with regulatory standards (e.g., GDPR, SOX, HIPAA, NIST, ISO 27001).
  • Manage departmental budgets effectively delivering multiple services to internal and external partners cost effectively, managing cost per unit models for each service.
  • Stay current with emerging cyber threats, technologies, and health care related regulatory changes to ensure the organization’s security strategies remains effective and forward-looking.
  • Contribute to the overall cybersecurity roadmap by integrating cybersecurity into broader enterprise risk management and digital transformation initiatives.
Organization Expectations, as applicable:
  • Demonstrates ability to provide care or service adjusting approaches to reflect developmental level and cultural differences of population served
  • Partners with patient care giver in care/decision making.
  • Communicates in a respective manner.
  • Ensure a safe, secure environment.
  • Individualizes plan of care to meet patient needs.
  • Modifies clinical interventions based on the population served.
  • Provides patient education based on as assessment of learning needs of patient/care giver.
  • Fulfills all organizational requirements
  • Completes all required learning relevant to the role
  • Complies with and maintains knowledge of all relevant laws, regulations, policies, procedures and standards.
  • Fosters a culture of improvement, efficiency and innovative thinking.
  • Performs other duties as assigned
Required QualificationsEducation
  • Bachelor’s degree in the areas of Information/Cyber Security, Computer Science, Engineering, Governance Risk and Compliance, Information Technology or related field or equivalent combination of experience and education
Experience
  • 10 years of experience in cybersecurity, risk management with a strong focus on services delivery of identity and access management (IAM) and privileged access management (PAM).
  • Strong understanding of security product development, security services management, operational delivery.
  • Proven ability to define and execute enterprise-wide IAM/PAM strategies aligned with Zero Trust and least privilege principles.
  • Track record of managing multi-million-dollar budgets, vendor negotiations, and tool consolidation (e.g., migrating from legacy IAM to cloud)
  • Deep hands-on experience with:
  • IAM platforms (SailPoint, Saviynt) for managing identities, role mining, certifications, and compliance.
  • PAM solutions (Delinea, CyberArk, BeyondTrust) for secrets management and JIT access.
  • CIAM (Okta, Microsoft Entra ID, Ping) for B2B/B2C use cases
  • Designed IAM policies for AWS IAM, Azure AD, GCP (e.g., conditional access, PIM/PAM in cloud).
  • Integrated hybrid identity (on-prem AD + cloud directories).
  • Implemented AI-driven access certifications or behavioral analytics for anomaly detection.
  • Demonstrated ability to design and enforce IAM policies and controls, such as least privilege, segregation of duties (SoD), and role-based access control (RBAC), and attribute-based access control (ABAC)
  • Designed and deployed enterprise-wide MFA solutions (e.g., Microsoft Entra ID MFA, Okta Verify, Duo, PingID).
  • Led SSO deployments using Okta, Microsoft Entra ID, PingFederate, or ForgeRock
  • Proven leader with strong communication and influencing skills
  • Ability to translate technical risks into business impact for Senior leadership/audit committees.
  • Strong knowledge of compliance and regulatory requirements impacting security, such as HIPAA, HITRUST, SOX, and PCI-DSS.
  • Ability to develop metrics and reports on the effectiveness of cyber security maturity controls and make data-driven decisions for improvement.
  • Proven leader with strong communication and influencing skillsdemonstrated ability to successfully manage and execute large-scale projects to achieve objectives.
  • Demonstrated ability to build effective working relationships across teams to ensure commitment and cooperation
  • Strong team and individual coaching and mentoring skills
Preferred QualificationsEducation
  • Master’s degree in the areas of Cyber/Information Security, Computer Science, Engineering, Governance Risk and Compliance, AI & Data Analytics etc.
Experience
  • 12 years of experience in IT and/or Information Security
  • 5 years of experience in managing people and delivering large information security programs
  • Experience in Managed Security Service Provider environment
  • Experience working within the healthcare provider industry or other highly regulated and/or compliance-oriented environment
License/Certification/Registration
  • Industry certifications such as Security+, CISM, CRISC, CISSP, or equivalent certification
Benefit OverviewFairview offers a generous benefit package including but not limited to medical, dental, vision plans, life insurance, short-term and long-term disability insurance, PTO and Sick and Safe Time, tuition reimbursement, retirement, early access to earned wages, and more! Please follow this link for additional information:
Compensation DisclaimerThe posted pay range is for a 40-hour workweek (1.0 FTE). The actual rate of pay offered within this range may depend on several factors, such as FTE, skills, knowledge, relevant education, experience, and market conditions. Additionally, our organization values pay equity and considers the internal equity of our team when making any offer. Hiring at the maximum of the range is not typical. If your role is eligible for a sign-on bonus, the bonus program that is approved and in place at the time of offer, is what will be honored.
EEO StatementEEO/Vet/Disabled: All qualified applicants will receive consideration without regard to any lawfully protected status

Fairview Health Services