Who We Are

Point32Health is a leading health and wellbeing organization, delivering an ever-better personalized health care experience to everyone in our communities. At Point32Health, we are building on the quality, nonprofit heritage of our founding organizations, Tufts Health Plan and Harvard Pilgrim Health Care, where we leverage our experience and expertise to help people find their version of healthier living through a broad range of health plans and tools that make navigating health and wellbeing easier.

We enjoy the important work we do every day in service to our members, partners, colleagues and communities. To learn more about who we are at Point32Health, click here.

Job Summary

The Manager, Identity & Access Management, will report into the Director, Cyber & Information Security and is responsible for leading a team of staff, analyzing the information security environment for Point32Health and developing security measures to safeguard the confidentiality, integrity, and availability of information. The manager will work closely with other managers/directors across Cyber & Information Security, as well as partners across IT, and the broader Point32Health business. The focus area for this Manager will be Identity & Access Management. In this role, the Manager, Cyber & Information Security will be focused on • Access provisioning, de-provisioning, transfers • Role-mining /role-based access • User access/entitlement reviews • Privileged access management (PAM), Multi-factor authentication, etc. • Sets requirements, oversight, and feature/enhancement priorities for EIAM • Certificate management program (PKI), priorities

Key Responsibilities/Duties -- what you will be doing

• Manage staff including supervision, assigning work, professional development, performance evaluation, recruitment, and coaching/mentoring,
• Provide coaching, constructive feedback and direction to staff to ensure successful achievement of projects and initiatives
• Monitor staff workloads to assist in resource allocation and ensure deliverable dates are met
• Develop procedures and guidelines to support consistent delivery of services
• Consult with other Cyber & Information Security colleagues to continuously evaluate and implement security solutions
• Communicate potential security concerns/exposures to appropriate leadership
• Coordinate and collaborate with business organizations and other IT groups to ensure quality solutions are delivered within project timelines
• Engage in ongoing communications with peers in the IT groups as well as the various business groups to ensure enterprise wide understanding of security goals, to solicit feedback and to foster cooperation.
• Maintain up-to-date knowledge of the cyber and information security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.
• Oversee the deployment, integration and configuration of all new security solutions and of any enhancements to existing security solutions in accordance with industry-leading practices generically and the enterprise's security documents specifically.
• Ensures adequate and effective technical and non-technical controls exist to meet current and future security compliance requirements found in local, state, and federal laws and regulations
• Identify/recommend tools, processes, software, and hardware to improve or replace current security infrastructure practices, services, or technologies to meet future requirements.

• Other duties and projects as assigned.

   

Qualifications -- what you need to perform the job

EDUCATION, CERTIFICATION AND LICENSURE: