Role Overview
As a Senior IAM Engineer, you will lead the deployment, maintenance, and enhancement of Imprivata’s Enterprise Access Management (EAM) platform, including OneSign, Confirm ID, and related authentication technologies. Your work will directly support secure, efficient access to critical clinical and enterprise systems such as electronic health records, virtual desktop environments, and identity providers—ensuring seamless workflows while meeting strict regulatory standards.
Key Responsibilities
- Oversee the full lifecycle of Imprivata EAM, including configuration, monitoring, patching, and system upgrades
- Design and manage authentication methods such as single sign-on (SSO), badge tap (Tap n Go), FIDO2 security keys, multi-factor authentication (MFA), and EPCS compliance
- Ensure integration with core infrastructure including Active Directory, Citrix, VMware Horizon, and identity providers
- Deploy and optimize endpoint agents, authentication devices, badge readers, and API-based integrations
- Develop and maintain identity policies, SSO profiles, and device mappings to support fast user switching and clinical efficiency
- Support compliance with HIPAA, EPCS, HITRUST, and internal security requirements
- Collaborate with security and compliance teams during audits, risk assessments, and access reviews
- Act as a technical escalation point for complex authentication issues, conducting root-cause analysis and implementing lasting fixes
- Coordinate with vendors and support teams to resolve critical system incidents
- Document configurations, runbooks, and operational procedures to ensure service continuity
- Identify automation and optimization opportunities to improve system reliability and user experience
- Train and mentor junior team members on IAM best practices and operational procedures
Required Qualifications
- 8+ years of IT experience in large, complex environments, preferably in healthcare
- 3+ years of hands-on Imprivata EAM experience in enterprise or clinical settings
- 3+ years resolving complex access and authentication challenges
- 2+ years with Windows Server, Active Directory, Group Policy, or Ivanti EM
- 2+ years supporting Citrix or VMware Horizon virtual desktops
- 2+ years with MFA, certificate services, badge authentication, FIDO keys, and IAM principles
- 1+ years implementing Tap n Go and FIDO2 workflows
- 1+ years managing appliance and agent upgrade cycles
- 1+ years applying ITIL and change management practices
- Willingness to participate in on-call rotations and provide after-hours support when needed
Preferred Qualifications
- Imprivata certification or related IAM/security credentials
- 5+ years supporting healthcare applications and environments
- Experience with Epic EHR, particularly Hyperspace or Slingshot
- Scripting skills using PowerShell or similar tools for automation
- Familiarity with cloud, networking, database, and virtual infrastructure concepts
- Strong communication skills with experience working across time zones
- Understanding of clinical workflows and user needs in healthcare settings
- Proven ability to diagnose and resolve complex technical issues
Work Environment
This position offers full remote flexibility across the U.S. Candidates based in Minneapolis or Washington, D.C. will be required to work in person at least four days per week. The role supports a 24x7 operational environment and may require off-hours availability for critical events.
Compensation and Benefits
Annual salary ranges from $91,700 to $163,700, with additional incentives including equity stock purchase options, recognition programs, and 401k contributions. Comprehensive benefits include health coverage, career development resources, and structured growth paths. The organization fosters inclusion, environmental responsibility, and equitable access to opportunities, with a focus on improving health outcomes globally.
