Description

Introduction

Last year our HCA Healthcare colleagues invested over 156,000 hours volunteering in our communities. As a Manager Privileged Access Management with HCA Healthcare you can be a part of an organization that is devoted to giving back!

Benefits

HCA Healthcare offers a total rewards package that supports the health, life, career and retirement of our colleagues. The available plans and programs include:

• Comprehensive medical coverage that covers many common services at no cost or for a low copay. Plans include prescription drug and behavioral health coverage as well as free telemedicine services and free AirMed medical transportation.

• Additional options for dental and vision benefits, life and disability coverage, flexible spending accounts, supplemental health protection plans (accident, critical illness, hospital indemnity), auto and home insurance, identity theft protection, legal counseling, long-term care coverage, moving assistance, pet insurance and more.

• Free counseling services and resources for emotional, physical and financial wellbeing

• 401(k) Plan with a 100% match on 3% to 9% of pay (based on years of service)

• Employee Stock Purchase Plan with 10% off HCA Healthcare stock

• Family support through fertility and family building benefits with Progyny and adoption assistance.

• Referral services for child, elder and pet care, home and auto repair, event planning and more

• Consumer discounts through Abenity and Consumer Discounts

• Retirement readiness, rollover assistance services and preferred banking partnerships

• Education assistance (tuition, student loan, certification support, dependent scholarships)

• Colleague recognition program

• Time Away From Work Program (paid time off, paid family leave, long- and short-term disability coverage and leaves of absence)

• Employee Health Assistance Fund that offers free employee-only coverage to full-time and part-time colleagues based on income.

Learn more about Employee Benefits (https://careers.hcahealthcare.com/pages/employee-benefits-and-rewards)

Note: Eligibility for benefits may vary by location.

Would you like to unlock your potential with a leading healthcare provider dedicated to the growth and development of our colleagues? Join the HCA Healthcare family! We will give you the tools and resources you need to succeed in our organization. We are looking for an enthusiastic Manager Privileged Access Management to help us reach our goals. Unlock your potential!

Job Summary and Qualifications

We are seeking a dynamic and experienced manager to lead the privileged access management team and ensure secure and controlled access to privileged accounts and systems. As the Manager - Privileged Access, you will be responsible for overseeing a team of Consulting Product Analysts, Sr. IAM Security Engineers, Consulting IAM Security Engineers and an Architect. In addition to personnel management, the manager is responsible for overseeing platform stewards responsible for executing on the Privileged Access Management strategic plan in addition to operating and maintaining the tools necessary to achieve a world class Privileged Access Management deployment.

The Manager - Privileged Access applies an advanced understanding of privileged access management practices and technologies to ensure that their team is efficient in addressing the information security needs of the organization and evolves as appropriate to accommodate changes in the business environment and overall security posture.

The Manager Privileged Access will work closely with their peer Foundational and Architecture PAM team, HCA’s Information Protection and Security department to support their cybersecurity initiatives relating to Identity and Access Management.

Organizational Management

• Leads a team of ten individual contributors responsible for the operational support and maintenance of highly technical and complex PAM systems. These systems include credentials vaults (Hashicorp, Hitachi, Imprivata OneSign), cloud based key management systems (Azure Key Vault, Google Key Management Server), Entra ID, Privileged Identity Management features, and secure vendor remote access tools (Imprivata SecureLink).

• Applies an advanced understanding of identity and access management practices and technologies with a strong focus on principle of least privilege to ensure that their team securely addresses the information security needs of the organization through privileged access management.

• Drives organizational awareness and adoption of privileged access management

• Ensures privileged access is properly provisioned to a specific list of highly sensitive and regulated applications (SOX auditable) with significant business, regulatory and financial risk. Due to the sensitive nature of these systems, the specific applications are listed outside of this job description and available upon appropriate request.

• Works collaboratively with team members to develop annual performance plans, provides regular (at least quarterly) feedback in the form of performance reviews, coaches alternatively for growth or improvement based on the performance review results.

• Acts as a mentor for team members to assist them in identifying areas of personal growth related to career path and desires.

• Assists the team members in creating a personal development plan to leverage internal and external opportunities for training and education.

• Ensures that team members communicate an accurate and timely status of their current work effort through standard channels (e.g., timesheets, status reports, project status meetings, etc.)

• Develops and strengthens deep relationships with business operations, key IT&S support teams, IT&S leaders, vendors, and staff. Fosters an environment that encourages information sharing, cross-training, and process improvement within the department and across business organizations.

• Maintains the operational budget for the team to cover software licensing and maintenance costs, new purchases, and training. Must be able to trend and analyze software usage and license consumption on multiple systems to ensure correct budget projections.

Operational Efficiency

• Continually identify opportunities to reduce service request volumes (i.e. missing documentation, improved documentation, recurring problem identification), improve departmental efficiency, and guides the develop of solutions and coordinates solution implementation.

• Ensures that a consolidated, well organized, up to date, and easily accessible library of standard operating procedures exists for all procedures associated with all services offered by the team. Ensures that each standard operating procedure document is owned by a team subject matter expert and periodic reviews to ensure accuracy and efficiency occur.

• Develop new and optimize existing processes and procedures used to operate, maintain, support, and operationally expand Identity Management systems.

• Develops and reports pertinent system metrics to drive corrective or improvement activities.

• Develop new and optimize existing processes and procedures used to operate, maintain, support, and operationally expand Identity Management systems.

• Develops and reports pertinent system metrics to drive corrective or improvement activities.

• Assists in the development and evaluation of account management processes and procedures for applications, platforms, and systems at all levels of the enterprise.

• Provides feedback to the appropriate IT&S personnel regarding additional training needed by the field user and/or site.

• Ensures that Service Level Agreements are met for all team service offerings for internal and external customers and business partners. Participates in regular operational assessment meetings and must be able to perform Root Cause Analysis for critical issues and those issues resulting in a work outage that are not resolved in a timely manner.

Project Oversight

• Provides input for scheduled projects and proposes projects to develop and deploy solutions for business issues when applicable. Provides level of effort resource estimation for the proposed project to assist in the project management governance and approval process.

• Works collaboratively with project managers to identify correct team resources and resource utilization for project tasks related to team service offerings. Ensures that resources are utilized properly and resource utilization for project and operational activities are reflected accurately in enterprise tools.

• Tracks software and certificate usage and license consumption to ensure that all systems remain in contractual compliance and operate at acceptable levels. Organizational Management

• Ensures that Service Level Agreements are met for all team service offerings for internal and external customers and business partners. Participates in regular operational assessment meetings and must be able to perform Root Cause Analysis for critical issues and those issues resulting in a work outage that are not resolved in a timely manner.

• Maintains the operational budget for the team to cover software licensing and maintenance costs, new purchases, and training. Must be able to trend and analyze software usage and license consumption on multiple systems to ensure correct budget projections.

• Tracks software and certificate usage and license consumption to ensure that all systems remain in contractual compliance and operate at acceptable levels.

• Works collaboratively with project managers to identify correct team resources and resource utilization for project tasks related to team service offerings. Ensures that resources are utilized properly and resource utilization for project and operational activities are reflected accurately in enterprise tools.

• Tracks software and certificate usage and license consumption to ensure that all systems remain in contractual compliance and operate at acceptable levels.

Organizational Management

• Ensures that Service Level Agreements are met for all team service offerings for internal and external customers and business partners. Participates in regular operational assessment meetings and must be able to perform Root Cause Analysis for critical issues and those issues resulting in a work outage that are not resolved in a timely manner.

• Maintains the operational budget for the team to cover software licensing and maintenance costs, new purchases, and training. Must be able to trend and analyze software usage and license consumption on multiple systems to ensure correct budget projections.

• Tracks software and certificate usage and license consumption to ensure that all systems remain in contractual compliance and operate at acceptable levels.

• Works collaboratively with project managers to identify correct team resources and resource utilization for project tasks related to team service offerings. Ensures that resources are utilized properly and resource utilization for project and operational activities are reflected accurately in enterprise tools.

• Tracks software and certificate usage and license consumption to ensure that all systems remain in contractual compliance and operate at acceptable levels.

Technical Expertise

• Provides identity and access management subject matter expertise for new projects and initiatives deploying systems and solutions requiring PAM controls. Helps guide the development of processes and procedures to enable secure and highly efficient implementation of least privileged principle.

• Provides oversight and guidance to engineers and analysts involved in the process of supporting or operationally expanding PAM solutions.

• Provides technical advice to IT&S architects and management. Understands business drivers, governance requirements, and provides creative alternatives to complex technical situations.

• Represents the Identity & Access department. Can speak authoritatively concerning identity and account management current state processes and procedures, guidelines and best practices within the context of the organization (e.g. participating in meetings to establish technical standards).

• Represents Identity & Access to all internal and external customers, partners, and vendors.

• Speaks authoritatively concerning all platforms, systems, and applications supported, including current state architecture, business value, primary customer base, upstream and downstream dependencies regarding technical processes and support groups, and processes and procedures employed in the support of those platforms, systems, and applications.

• Recommends control measures to improve information security (including evaluating and selecting products and services) and leads testing efforts between departments.

Security/Audit Compliance

• Investigates alleged IT security breaches utilizing the tools and auditing capabilities of the tools supported by the department.

• Develops responses to audit findings for platforms, systems, and applications supported or managed by the Privileged Access Management team.

• Assists the Identity & Access Leadership Team in the development of remediation plans to address identified deficiencies in response to audit findings from internal and external audits.

• Interprets IT security requirements from external bodies, such as government agencies and standard-setting bodies and helps to develop security policies, standards, guidelines, procedures, and other elements of an infrastructure to support IT security.

• Monitors developments in the IT security field to identify new opportunities and new risks.

• Performs other duties as assigned

• Practices and adheres to the “Code of Conduct” philosophy and “Mission and Value Statement.”

What qualifications you will need:

• Bachelors Degree Information Systems

• Five or more years in a leadership role

• Five or more years in identity and access management preferred

• CISSP preferred

• Microsoft Certified: Security, Compliance, and Identity Fundamental preferred

Other Qualifications

Minimum 5-year experience managing a technical team preferably within HCA ITG or 2-year experience as a team lead within the IAM department.

Demonstrable experience creating, leading, and advancing a team under a united vision; coaching and mentoring through career path opportunities and obstacles.

Excellent interpersonal skills to interface with various levels within IT&S and the corporate environment, as well as managed relationships with division partners.

Excellent written and communicative skills.

Excellent critical thinking skills.

Excellent understanding of IT security policies and must be able to manage and administer security programs with minimal supervision

Possesses good project management skills to plan and implement complex and complicated projects as related to IT security.

Demonstrates excellent analytical skills by identifying process issues.

Demonstrates significant knowledge of all applicable systems as assigned and strong knowledge of IT principles.

Ability to prioritize and organize multiple projects on time and within budget.

High level of patience, empathy, courtesy, and listening skills required in dealing with customers and their problems or concerns.

Ability to judge severity of problems and use discretion in obtaining services needed.

Demonstrates excellent leadership skills in dealing with peers and associates. Can show continued investment and growth in leadership concepts and application.

Competent with Foundational Cloud identity

Solid understanding of Federated identity

Database Technologies

Network (LAN/WAN, TCP/IP, WLAN, etc.)

Internet Security (Web Communications, Client/Server/Threat mitigation)

Security Frameworks and Policy (NIST, FIPS, etc.)

ITIL Framework

Ability to adapt and embrace new ideas, technology and organizational changes.

Ability to sit for long periods of time.

HCA Healthcare has been recognized as one of the World's Most Ethical Companies® by the Ethisphere Institute more than ten times. In recent years, HCA Healthcare spent an estimated $3.7 billion in cost for the delivery of charitable care, uninsured discounts, and other uncompensated expenses.

"There is so much good to do in the world and so many different ways to do it."- Dr. Thomas Frist, Sr.

HCA Healthcare Co-Founder

Be a part of an organization that invests in you! We are reviewing applications for our Manager Privileged Access Management opening. Qualified candidates will be contacted for interviews. Submit your application and help us raise the bar in patient care!

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.