JOB DESCRIPTION:
This position is responsible for directing and leading the enterprise-wide identity, access, directory, and authentication services. The Senior Director will manage the staff that supports automated and manual provision and deprovisioning of access to mission critical systems. The Senior Director considers topics such as future state planning, assisting with implementation and design of Identity Access Management technologies, automation of manual tasks, identity access governance support and implementation services, privilege access management support and identity life cycle management with respect to regulatory compliance and approved standards and policies. The Senior Director engages key business stakeholders and customers as it relates to all supported systems and applications to verify, validate, and audit system access. In addition, this person will be responsible for providing leadership, training, and mentoring to the Identity and Access Management Team. Acts as the expert resource for Identity and Access Management and handles complex issues.

• Leads Identity and Access Management (IAM) application architecture/designs, plans, controls, processes, standards, and policies and procedures to ensure alignment with standards and overall strategy.
• Advises superiors on user security controls effectiveness and recommends enhancements.
• Allocates appropriate resources to ensure that projects are completed within committed time and budget and are integrated with administrative and support protocols.
• Directs the team responsible for application security development.
• Drives IAM road maps, priorities, planning, and budgeting.
• Helps develop user security requirements by working and communicating with stakeholders throughout the company to effectively drive application development and meet user needs and strategy requirements.
• Responsible for product evolution and support, including application development, implementation, operations, and administration.
• Guides and directs the direction of the security provisioning processes and team.
• Works with key stakeholders to ensure the education of users regarding security.
• Manage several projects simultaneously and effectively prioritize work.
• Ensure the ongoing integration of information security with business strategies and requirements.
• Work with and manage vendors, outside consultants, and other third parties to improve information security within the organization.
• Monitor information security trends in the application security space.
• Research the regulatory requirements and related industry best practices.
• Work with the leaders within the IAM organization to ensure they are gathering and analyzing data, reporting customer satisfaction levels, and ensuring achievement of SLA metrics and goals
  

REQUIRED SKILLS:
Successful candidates will be security evangelists who can translate security concepts into language that is meaningful to many audiences, including business and technical leaders and individual contributors. Candidates must be able to approach application security from the perspective of risk management and avoid purely academic thinking about software security. Must demonstrate the ability to influence decision?making processes at all levels of a large organization will be critical to success.

Education Required:

• Four year degree in any business/technical area highly preferred; or equivalent experience to include 5-7+ years relevant work experience.
• Certification Preferred - CISSP Certified Information Systems Security Professional, Information Systems Security Control Consortium (ISC2) or HealthCare Information Security and Privacy Practitioner (HCISPP)

Required Experience:
The role will require the candidate to have a wide range of both technical and management skills. A minimum of 5-7 years of experience that includes the following:

• Solid understanding of application architecture principles
• Experience with and understanding of Single Sign-on, Identity Management and Network Security tools, Awareness programs, and the Information Security industry
• Solid understanding of application security audit principles and best practices.
• In-depth knowledge of multifactor authentication (MFA) architectures, implementations and best practices
• Working knowledge of multiple IAM systems (traditional and cloud)
• Experience planning and managing budgets and spend
• Solid understanding of network and underlying infrastructure security principles
• Ability to quickly familiarize oneself with new security technologies, the implementation requirements of those security technologies, and how to integrate those security technologies into a larger solution
• Ability to analyze new applications, identify potential security concerns, develop approaches that can be used to mitigate identified risks, and work with members of the team to implement recommendations
• Strong written and verbal skills coupled with the ability to work with all levels of management.
• Strong quantitative, analytical and problem solving skills
• Strong project management and problem/conflict resolution skills
• Effective prioritization and time management skills with the ability to handle multiple projects simultaneously

Tenet Healthcare complies with federal, state, and/or local laws regarding mandatory vaccination of its workforce. If you are offered this position and must be vaccinated under any applicable law, you will be required to show proof of full vaccination or obtain an approval of a religious or medical exemption prior to your start date. If you receive an exemption from the vaccination requirement, you will be required to submit to regular testing in accordance with the law.

Employment practices will not be influenced or affected by an applicant�s or employee�s race, color, religion, sex (including pregnancy), national origin, age, disability, genetic information, sexual orientation, gender identity or expression, veteran status or any other legally protected status. Tenet will make reasonable accommodations for qualified individuals with disabilities unless doing so would result in an undue hardship.