OneMain Financial Jobs

Position Summary:

The Senior Identity and Access Management (IAM) Analyst is responsible for advanced operational support, analysis, and continuous improvement of identity and access controls within the Cybersecurity IAM team. This role serves as a senior individual contributor, providing subject matter expertise across IAM processes and tooling while supporting secure, compliant, and efficient access to Guthrie systems and information.

The Senior IAM Analyst performs complex access analysis, troubleshooting, and workflow optimization; leads IAM operational initiatives; supports audits and compliance efforts; and partners with IT, clinical, and business stakeholders to ensure least‑privilege access aligned with healthcare workflows. Core responsibilities include Identity Governance and Administration (IGA), Privileged Access Management (PAM), Single Sign‑On (SSO), Multi‑Factor Authentication (MFA), federation, and access lifecycle management across Azure AD, Active Directory, LDAP, and Epic EMR.

This role operates with a high degree of autonomy and may mentor junior analysts and support engineers.

Required Education and Experience:

• High school diploma required;

• 5+ years of experience in Identity and Access Management, information security, or related IT roles

• 3+ years of hands‑on experience with IAM, PAM, MFA, and access lifecycle management processes

• Experience supporting IAM in a regulated environment

• Obtain one relevant professional security certification within 6 months of hire/in role

• Obtain the Epic security certification within 6 months of hire/in role

Preferred Qualifications

• Bachelor’s degree in a relevant field preferred

• Experience supporting Epic EMR security and clinical access workflows

• 7+ years of experience in Identity and Access Management, information security, or related IT roles

• 5+ years of hands‑on experience with IAM, PAM, MFA, and access lifecycle management processes

• Healthcare experience strongly preferred

• Familiarity with healthcare regulations and security frameworks (HIPAA, NYSDOH, HITRUST CSF, NIST CSF)

• Experience with scripting or automation (PowerShell or similar) to improve IAM workflows

• Relevant Professional certification such as CompTIA Security+, ISC2 SSCP, or equivalent

• Epic Security certification

Core Competencies & Skills

• Advanced understanding of IAM operational processes and controls

• Strong analytical and troubleshooting skills for complex identity‑based access issues

• Ability to independently manage workload and prioritize competing requests

• Strong written and verbal communication skills for documentation, training, and stakeholder engagement

• Experience documenting standards, procedures, and control evidence

• Ability to translate business and clinical requirements into effective access controls

• Familiarity with emerging technology such as AI to support improvements to IAM services

Essential Functions:

Identity & Access Management Operations

• Perform advanced provisioning and deprovisioning of regular, privileged, and Epic EMR user access

• Administer and support IAM platforms including Azure AD, Active Directory, PAM, MFA, SSO, and federation

• Identify, analyze, and resolve complex IAM and access workflow issues; recommend process improvements

• Support and execute account lifecycle management processes to ensure appropriate access is granted and removed

• Participate in IAM tool integrations, upgrades, testing, and operational enhancements

• Adoption and utilization of AI to increase operational efficiencies

Governance, Risk, and Compliance

• Participate in periodic user access reviews and entitlement certifications across the organization

• Support audits, regulatory reviews, and risk assessments by gathering and validating IAM control evidence

• Ensure IAM controls operate effectively to support HIPAA Security and Privacy Rule compliance

• Assist with documenting IAM control gaps, risks, and remediation recommendations

• Support efforts to acquire and sustain HITRUST CSF certification

Process Improvement & Collaboration

• Develop and maintain IAM playbooks, procedures, and standards documentation

• Establish and track operational IAM metrics and reporting for management

• Partner with IT, clinical, and business stakeholders to align access controls with workflows

• Provide guidance and informal mentoring to IAM Analysts and junior team members

• Participate in project work to ensure IAM requirements are addressed in system designs and operating procedures

Working Conditions & Expectations

• Full Remote with monthly on‑call

• Requires attention to detail, independent judgment, and ability to manage multiple priorities

• Frequent interaction with IT, clinical staff, vendors, and auditors

• No direct people management responsibility

Joining the Guthrie team allows you to become a part of a tradition of excellence in health care. In all areas and at all levels of Guthrie, you’ll find staff members who have committed themselves to serving the community.

The Guthrie Clinic is an Equal Opportunity Employer.

The Guthrie Clinic is a non-profit, integrated, practicing physician-led organization in the Twin Tiers of New York and Pennsylvania. Our multi-specialty group practice of more than 500 physicians and 302 advanced practice providers offers 47 specialties through a regional office network providing primary and specialty care in 22 communities. Guthrie Medical Education Programs include General Surgery, Internal Medicine, Emergency Medicine, Family Medicine, Anesthesiology and Orthopedic Surgery Residency, as well as Cardiovascular, Gastroenterology and Pulmonary Critical Care Fellowship programs. Guthrie is also a clinical campus for the Geisinger Commonwealth School of Medicine.