About the Company:
CereCore® provides EHR implementations, IT and application support, IT managed services, technical staffing, strategic IT consulting, and advisory services to hospitals and health systems nationwide. Our heritage is in the hallways of some of America’s top-performing hospitals. We have served as leaders in finance, operations, technology, and as clinicians turned power users and innovators. At CereCore, we know firsthand the power that aligned technology can provide in delivering care. As a wholly-owned subsidiary of HCA Healthcare, we are committed to bringing the expertise we have gained as operators to deliver IT services that emphatically address the needs of health systems across the United States. Our team of over 600 clinical and technical professionals has implemented EHR systems in more than 400 facilities and provides managed services support to tens of thousands of health system employees. We work tirelessly to provide healthcare organizations specialized IT services that support the delivery of patient care. The Link to Life-Saving Care.
About the Role:
CereCore is seeking a Senior PAM Security Engineer to join our customer in Nashville, TN.
Responsibilities:
- Configure and administer privileged access management solutions, including password vaults, session recording, multi-factor authentication, and least privilege technologies.
- Collaborate with stakeholders to gather requirements and translate them into technical specifications for PAM implementations.
- Develop and maintain PAM policies, procedures, and documentation for user onboarding, access provisioning, and access recertification.
- Manage changes according to change management policies and processes for supported systems.
- Conduct regular access reviews and audits to ensure compliance with internal policies, industry regulations, and security best practices.
- Investigate and resolve PAM-related incidents, such as password policy violations, access control issues, and system vulnerabilities.
- Assist with the integration of PAM solutions into existing systems and applications, ensuring seamless operation and minimal disruption.
- Develop and generate reports and metrics including alerting and monitoring key performance indicators (KPIs).
- Documents technical requirements by working with business users.
- Monitor and analyze PAM system logs and reports, proactively identifying and addressing any security risks or unusual activities.
- Provide technical expertise and support to IT teams and end-users, troubleshooting and resolving PAM-related issues.
- Collaborate with vendors and external partners to evaluate and implement new PAM technologies and enhancements.
- Stay up to date with emerging PAM trends, tools, and technologies, making recommendations for process improvements and system optimizations.
- Performs other duties as assigned
Qualifications:
- Bachelor's degree Information Systems
- 3+ years of experience in analyst role
- 5+ years of experience in Identity & Access Management and/or Information Technology
Preferred Certifications:
- CISSP
- Microsoft Certified: Security, Compliance, and Identity Fundamental
- CISM
Requirements:
Strong knowledge and understanding of privileged access management principles and practices.
Experience in configuring and managing PAM solutions, such as password vaults, session recording, and access control systems.
Familiarity with authentication methods, including multi-factor authentication and single sign-on.
Advanced Identity & Access Management concepts
- User lifecycle management
- Dependence of major integrated systems
- Fully recognize the business or regulatory drivers behind IAM Role based access controls
- Methods of systems integration – Federation, LDAP, IWA
- Access control standards and best practices
- Understanding of major PAM tools and the services
- Unique identification
- Provisioning / De-provisioning
- Password management
- OAUTH, OPENID Connect, SAML
- Access Management
- Strong authentication
- Multi Factor Authentication
Strong knowledge of advanced information security concepts
- Data protection
- Cryptography services
- Risk management
- Incident response
- Web application security
- Network security
- Policy and standards
- Data classifications
- Directory services
Vendor support engagement
Desktop and productivity tools (Excel)
Software development lifecycle and technologies
- Database technologies (SQL Queries)
- Scripting Concepts (Python and PowerShell)
Network communications
- Route and Switch
- Load Balancing Configuration Concepts
Detail-oriented and proactive, with a focus on ensuring the security and integrity of privileged accounts and systems.
Experience with Azure or Google cloud native architectures and Platform Services.
Soft Skills
- Effectively coordinate activities across groups
- Strong written and verbal communication skills
- Execute limited internal projects and initiatives with little to no oversight
- Support projects and initiatives that span organizational boundaries
- Implement or improve processes affecting multiple groups and/or organizations
- Coordinate activities within group
- Self-Motivated
- Independent worker
- Customer focus – takes ownership of issues and seeing issues through to resolution
- Effective communications
- Critical thinking and problem-solving skills
- Ability to adapt and embrace new ideas, technology and organizational changes.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.