DIGITAL SECURITY - GCP

Security Automation Engineer, IAM Governance

Scope and Purpose of Position:

Seeking a skilled Security Automation Engineer with specialized experience in Microsoft Entra ID Governance and Microsoft Entra External ID. This individual will play a critical role in protecting the identities of our internal workforce, providers, and members by automating identity lifecycle processes and securing access to external digital portals.

This position is ideal for someone passionate about secure identity automation and who understands the compliance and privacy standards essential in healthcare. The Security Automation Engineer is responsible for designing, developing, and maintaining automated identity and access management (IAM) solutions to support secure and compliant user access across internal systems and external digital services. This role operates within the Cybersecurity and Identity Governance team, with a focus on safeguarding sensitive health and member data by enhancing the efficiency, accuracy, and scalability of identity-related processes.

The candidate will act as the technical expert supporting upcoming implementations and strategies around Identity Access Management (IAM). This candidate will be experienced in designing, automating, and supporting IAM solutions for mid-size to large enterprise, with a focus on Cybersecurity. The engineer will have extensive knowledge on design, build, automation, implementation, administration and troubleshooting IAM concepts and technology.

This candidate will work under the direction of the Senior Manager, Identity and Access Management, and with service owners to support IAM program governance, and to ensure a resilient and secure IAM environment.

Key Responsibilities:

• Work within a distributed team where members are spread across numerous locations and communicate virtually to support IAM applications
• Design and implement automated identity lifecycle workflows (Joiner-Mover-Leaver) for internal users and healthcare stakeholders using Entra ID Governance.
• Build and support secure access frameworks for members, providers, and clients through Microsoft Entra External ID (B2C), including:
  • Self-service registration
  • Multi-factor authentication (MFA)
  • Single Sign-On
  • Password reset workflows
  • Brand-customized identity experiences
• Integrate identity governance with clinical systems, third-party healthcare platforms, and HR/ticketing systems (e.g., Dayforce, ServiceNow).
• Ensure HIPAA / HiTrust-compliant identity handling and maintain documentation for audit and regulatory requirements.
• Automate access certification campaigns and entitlement reviews aligned with role-based access control (RBAC) policies.
• Collaborate with IAM architects, compliance teams, and application owners to strengthen identity security and regulatory readiness.
• Develop, manage, and monitor automation scripts (PowerShell, Microsoft Graph API) to enforce access governance policies across hybrid-cloud environments.
• Implement IAM platform customizations, enhancements, and modifications
• Gather requirements from internal clients and provide security/IAM technical expertise
• Drive initiatives to transform IAM provisioning and lifecycle management leveraging self-service and automation capabilities to enable superior user experience
• Contribute to evolving the overall strategy and operating model for IAM governance and technology solutions

Education and Experience:

• 5+ years of IAM experience with a focus on automation, preferably in a healthcare or regulated industry.
• Demonstrated experience with Microsoft Entra ID Governance, including:
  • Lifecycle workflows
  • Access Reviews
  • Entitlement Management
• Hands-on experience with Microsoft Entra External ID (Azure AD B2C) for consumer or partner identity management.
• Strong scripting ability (PowerShell) and API proficiency (Microsoft Graph).
• Familiarity with healthcare data privacy and regulatory frameworks (e.g., HIPAA, HITECH).
• Familiarity with relevant cybersecurity frameworks, such as NIST 800-53.
• Experience with identity provisioning, access deprovisioning, and compliance-aligned auditing processes.
• Experience communicating and collaborating with diverse audiences and senior leadership.
• Demonstrated capabilities in leadership, innovation, problem solving, influencing, organizing and relationship building.
• Self-starter, positive attitude, ability to work independently, enjoys learning and staying current with industry developments, regulations, and best practices.

Competencies (select no more than 5 - 8):

• Adaptability/flexibility 
• Business acumen
• Communication
• Drive for results
• Prioritization/organization
• Problem solving/analysis
• Relationship management
• Strategic thinking