IAM / Information Security Engineer - Hybrid
Caris Life Sciences
Position Summary
The IAM / Information Security Engineer will be responsible for the design, development, configuration, implementation, and maintenance of Identity and Access Management (IAM) systems. This role will ensure the security, reliability, and compliance of IAM solutions with regulatory standards such as SOX, SOC 2, HIPAA, and GDPR. The engineer will collaborate with cross-functional teams to address business requirements while adhering to security best practices and innovative solutions. A strong understanding of information security principles, risk management frameworks, and leadership in addressing issues and driving improvements is essential for this role.
Job Responsibilities
Conduct threat modeling and risk assessments to proactively identify vulnerabilities and address security risks in IAM systems.
Design, implement, and maintain IAM systems to ensure security, reliability, and compliance with regulatory standards (e.g., SOX, SOC 2, HIPAA, GDPR).
Collaborate with cross-functional teams and business stakeholders to define and deliver IAM solutions that meet both business and security requirements.
Monitor and maintain IAM systems (Okta and future platforms), performing regular security evaluations, health checks, and audits to ensure peak performance and compliance.
Lead incident response efforts related to IAM security breaches, collaborating with the security operations team to resolve issues efficiently.
Execute new application integrations and updates (primarily on Okta) with a focus on security best practices and minimizing risks.
Collaborate closely with Product Management, Software Engineering, Data Science, and Infrastructure teams to align objectives and deliver high-quality solutions.
Generate and implement security process improvements.
Collaborate with cross-functional teams to improve product quality, security, and performance.
Collaborate closely with Product Management, Software Engineering, Data Science, and Infrastructure teams to align objectives and deliver high-quality solutions.
Frequently engage directly with users and engineers to troubleshoot provisioning and security related issues, perform access and activity audits, and assist with projects and resource reviews.
Make technical decisions when necessary and facilitate technical decision-making within the team.
Ensure the IAM systems meet all applicable regulatory and security requirements, conducting regular audits and compliance checks.
Implement IAM automation tools to streamline identity provisioning and improve system efficiency while reducing manual efforts.
Develop and maintain technical documentation and SOPs, ensuring clarity and accessibility across the team.
Participate in an on-call rotation to support critical IAM issues and ensure system availability.
Required Qualifications
High School degree or equivalent
Minimum of 5+ years of hands-on experience in Identity & Access Management (IAM) development, deployment, and engineering.
Expert-level experience with IAM protocols such as SCIM, SAML, OpenID, OAuth.
Strong analytical and problem-solving skills with the ability to troubleshoot complex IAM issues.
Proven ability to work independently and efficiently in a fast-paced, dynamic environment, with adaptability to manage changing priorities.
Strong ability to communicate technical concepts to non-technical audiences and work collaboratively with technical teams.
Experience with Privileged Access Management (PAM) tools and practices.
Demonstrated experience with Identity Governance and Administration (IGA) solutions.
Proficiency with Okta Identity Governance, API Access Management, Workflows, MFA, and ServiceNow.
Strong understanding of security compliance and auditing processes (e.g., SOX, SOC 2, GDPR, HIPAA) and experience aligning IAM programs to meet these standards.
Preferred Qualifications
Bachelor’s degree in computer science, Information Systems, Cybersecurity, or a related field.
In-depth knowledge and experience with application programming interfaces (APIs) and frameworks such as JSON, Java, JavaScript, Expression Language, and PowerShell.
Hands-on experience with API development and consumption, particularly in IAM-related workflows.
Proven experience building IAM workflow-integrated automations between IAM and ITSM platforms (e.g., Okta, ServiceNow).
Relevant experience in Healthcare, Life Sciences, or similar industries is a plus.
Demonstrated curiosity to learn and apply automation tools to improve IAM processes.
Self-motivated with strong attention to detail and the ability to manage multiple tasks and meet deadlines.
Working knowledge of the NIST Cybersecurity Framework and its application in IAM.
Training
All job specific, safety, and compliance training are assigned based on the job functions associated with this employee.
Physical Demands
Must possess ability to sit, stand, and/or work at a computer for long periods of time.
Ability to work extended hours during implementations and on-call rotations.
Other
Job may require after-hours response to emergency issues.
Periodically scheduled on-call may require after-hours response for technical emergencies not explicitly related to assigned job responsibilities.
Other duties as assigned.
Conditions of Employment: Individual must successfully complete pre-employment process, which includes criminal background check, drug screening, credit check ( applicable for certain positions) and reference verification.
This job description reflects management’s assignment of essential functions. Nothing in this job description restricts management’s right to assign or reassign duties and responsibilities to this job at any time.
Caris Life Sciences is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender, gender identity, sexual orientation, age, status as a protected veteran, among other things, or status as a qualified individual with disability.