Talent.com
IT Consultant - Identity & Access Management

IT Consultant - Identity & Access Management

Duke Clinical Research InstituteDurham, NC, United States
5 days ago
Job type
  • Full-time
Job description

At Duke Health, we're driven by a commitment to compassionate care that changes the lives of patients, their loved ones, and the greater community. No matter where your talents lie, join us and discover how we can advance health together.

About Duke Health Technology Solutions

Pursue your passion for caring and innovation with Duke Heath Technology Solutions, which is dedicated to the transformation, development, and management of enterprise information technology solutions across Duke Health.By harnessing the power of innovative technologies like cloud computing and artificial intelligence - and pairing them with a forward-thinking approach - Duke Health Technology Solutions is revolutionizing the future of health care at Duke Health and beyond.

IT Consultant

Strategic Activities :

  • IAM Strategy & Roadmap : Support a long-term IAM strategy, aligning identity / access management initiatives with business goals and security best practices. Define the IAM architecture (covering identity lifecycle, authentication / authorization models, and governance policies) and collaborate to create a roadmap for implementing new IAM technologies and processes.
  • Governance & Compliance : Participate in establishing and enforcing IAM policies and standards (e.g., access control policies, password / MFA requirements, role-based access models) to ensure compliance with relevant regulations and internal security requirements. Advise senior leadership on IAM risk and governance matters, integrating IAM considerations into broader IT and security strategies (e.g., Zero Trust, least privilege).
  • Cross-Functional Collaboration : Work closely with IT, security, and business units to incorporate IAM into projects and operations. Coordinate identity integration during organizational changes (such as mergers or restructuring of departments), including merging directory or domain infrastructures when necessary. Serve as an IAM subject matter expert in committees and planning groups, ensuring alignment across the organization.

Tactical Activities :

  • Implementation of IAM Solutions : Collaborate with stakeholders on the configuration of IAM technologies. This includes setting up and managing Single Sign-On (SSO) and Multi-Factor Authentication (MFA) solutions, configuring identity federation with external / internal systems, and implementing privileged access management tools. Customize IAM platforms or scripts to automate provisioning, deprovisioning, and access reviews.
  • User Lifecycle & Access Management : Represent Duke Health in end-to-end user identity lifecycle processes. Ensure timely provisioning of accounts and access for new hires, role changes, and terminations in all relevant systems. Maintain role-based access control (RBAC) frameworks and group management, verifying that users have appropriate access privileges. Regularly perform access recertification and audits, and remediate any discrepancies in permissions.
  • Security Monitoring & Issue Resolution : Represent Duke Health in defining the strategy for monitoring IAM systems (logs, alerts, etc.) for unusual access patterns or security events, and respond to identity-related security incidents (such as account compromises or unauthorized access). Troubleshoot and resolve IAM-related technical issues, including login / authentication failures, authorization errors, and directory synchronization problems. Provide support and guidance to IT support teams for complex access requests or issues, and create documentation / KB articles for common procedures.
  • Continuous Improvement & Integration : Stay up-to-date with evolving IAM best practices and emerging technologies. Recommend and implement improvements to enhance security, user experience, and efficiency (for example, introducing passwordless authentication options or improving self-service access request workflows). Work on integrating new applications and services into the existing IAM framework, ensuring any new technology (cloud service, enterprise app, etc.) uses centralized identity and access management for consistency and security.

    • Education / Training :

  • Bachelor's Degree : Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or a related field or equivalent work experience.

    • Required Experience :

  • Identity & Access Management : 5+ years of experience in IT with significant focus on Identity and Access Management. This should include hands-on responsibility for implementing or managing IAM solutions (such as directories, SSO / MFA, identity governance, or privileged access management) in a complex enterprise environment.
  • Azure AD / Entra & Active Directory Expertise : Strong experience with Microsoft Active Directory (on-premises) and Azure Active Directory / Microsoft Entra ID in a hybrid environment is required . Candidate should have been involved in projects synchronizing AD with Azure AD and ideally have led or contributed to migrating on-prem AD infrastructure to Azure cloud services. Familiarity with tools like Azure AD Connect or Entra Cloud Sync, and resolving issues in hybrid identity setups, is expected.
  • Technology Implementation Track Record : Demonstrated ability to design and implement IAM technologies and processes. Examples include deploying an enterprise SSO solution, rolling out MFA to a large user base, implementing an identity governance platform, or establishing a privileged account management process. The candidate should be able to point to specific IAM projects or improvements they were responsible for and the outcomes achieved.
  • Project Leadership : Experience leading or significantly contributing to the execution of IT security or IAM projects. This includes coordinating across different teams or departments, managing timelines and deliverables, and possibly working with vendors or external consultants. The role requires the ability to take ownership of IAM initiatives and drive them to completion, so project management skills in an IAM context are important.
  • Security & Compliance Experience : Background in environments with rigorous security or compliance requirements. The candidate should understand how IAM supports compliance standards (such as SOX user access controls, HIPAA for healthcare data security, or GDPR for personal data protection) and have experience passing security audits or assessments related to access management. Experience implementing controls to meet regulatory or policy requirements (for instance, enforcing MFA, performing quarterly access reviews, or implementing least-privilege models) is required.

    • Preferred Experience :

  • Sector Experience (Healthcare / Education) : Prior experience in an academic medical center, university, or healthcare environment is strongly preferred . Such experience means the candidate is familiar with the unique IAM challenges of these settings - for example, managing identities across both university and healthcare systems, dealing with research collaborators or medical staff rotations, and ensuring compliance with healthcare regulations.
  • Mergers & Identity Consolidation : Experience with merging or consolidating identity systems (such as during mergers, acquisitions, or organization-wide IT integrations) is a plus. This could involve consolidating multiple Active Directory domains / forests, integrating separate user databases, or migrating users into a single directory service. Experience in this area indicates the ability to navigate complex technical and organizational challenges while unifying identity platforms.
  • Cloud IAM & Digital Transformation : Involvement in large-scale cloud adoption projects, specifically handling the IAM portion of such projects, is preferred. For instance, having guided an organization's shift from on-prem IAM to cloud-based IAM services, or implementing modern authentication and authorization solutions for cloud applications (like adapting legacy apps to use SAML / OAuth with Azure AD). This shows readiness to handle the cloud-centric IAM strategy the role demands.

    • Required Skills :

  • IAM Domain Knowledge : Deep understanding of identity and access management concepts, protocols, and best practices. Must be well-versed in authentication technologies (LDAP, Kerberos, SAML, OAuth 2.0 / OIDC, etc.), authorization models (RBAC, ABAC), and identity lifecycle processes. Ability to design secure and efficient access models (e.g., applying least privilege, implementing role-based access controls) is essential.
  • Microsoft Identity & Cloud Skills : Expert skills in administering Active Directory and Azure Active Directory (Entra) . This includes user and group management, group policy creation, managing AD forests / domains, setting up and troubleshooting Azure AD Connect, and configuring Conditional Access policies. Comfort with PowerShell or similar for automating IAM tasks is expected. Additionally, familiarity with related Microsoft security features (Azure MFA, Identity Protection, Privileged Identity Management) is important.
  • Security Mindset : Strong security and risk management mindset as it relates to IAM. The consultant should be adept at identifying potential vulnerabilities in identity systems (like password policies, service account misuse, inactive accounts) and implementing measures to mitigate them. Must understand concepts like Zero Trust security and how robust IAM controls (MFA, device compliance, just-in-time access) contribute to overall cybersecurity.
  • Analytical Problem-Solving : Excellent problem-solving skills to diagnose and resolve complex identity / access issues. Whether it's a user having inconsistent access across systems or a synchronization conflict between directories, the consultant should systematically troubleshoot and resolve the problem. Attention to detail is key, as IAM issues often involve subtle configuration settings or data inconsistencies.
  • Communication & Documentation : Clear communication skills, both written and verbal. Able to explain IAM concepts and changes to non-technical stakeholders (for instance, explaining the need for MFA to end-users or outlining an IAM roadmap to executives). Should be skilled at writing documentation-such as IAM policies, how-to guides for users, and runbooks for IT teams-and at training technical staff on new IAM tools or processes.
  • Collaboration & Teamwork : A collaborative approach to work with various teams. The IAM consultant will engage a variety of teams across both Duke Health and Duke University. Being able to gather requirements, incorporate feedback, and work together to implement identity solutions is crucial. Strong interpersonal skills will help drive user adoption of IAM initiatives and ensure alignment across different stakeholders.

    • Preferred Skills :

  • Certifications : Professional certifications related to security and IAM are a plus. These include certifications like CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or Microsoft Certified : Azure Solutions Architect / Identity and Access Administrator . Such certifications demonstrate validated expertise and a commitment to staying current in the field.
  • Additional IAM Tools & Technologies : Experience with a range of IAM and security tools beyond the core Microsoft suite is beneficial. For example, familiarity with identity governance products (e.g., SailPoint), cloud SSO platforms (e.g., Okta), or privileged access management solutions (e.g., CyberArk). Knowledge of multi-cloud IAM (such as AWS IAM) can also be an advantage, indicating versatility across different environments.
  • Industry-Specific IAM Knowledge : Understanding of identity management needs and solutions specific to healthcare or higher education is desirable. For instance, awareness of clinical single sign-on systems or hospital badge access solutions, or knowledge of academic federated identity frameworks and student access systems. Likewise, familiarity with regulations like HIPAA or FERPA and how they impact IAM policies would be valuable.
  • Change Management & User Education : Skill in driving user adoption of new IAM solutions. This includes experience in change management activities like creating user communication plans, training sessions, and support resources when rolling out new authentication methods or IAM tools. An ability to make the transition to new processes smooth for users (minimizing resistance and confusion) is a strong plus.
  • Leadership & Mentoring : The ability to lead and mentor others in the realm of IAM. Whether it's guiding junior IT staff on IAM best practices, or leading an internal IAM workgroup, leadership skills help in championing the IAM program. A candidate who can foster knowledge sharing and elevate the overall IAM competence of the team will be highly regarded.

    • Duke is an Equal Opportunity Employer committed to providing employment opportunity without regard to an individual's age, color, disability, gender, gender expression, gender identity, genetic information, national origin, race, religion, sex (including pregnancy and pregnancy related conditions), sexual orientation or military status.

    Duke aspires to create a community built on collaboration, innovation, creativity, and belonging. Our collective success depends on the robust exchange of ideas-an exchange that is best when the rich diversity of our perspectives, backgrounds, and experiences flourishes. To achieve this exchange, it is essential that all members of the community feel secure and welcome, that the contributions of all individuals are respected, and that all voices are heard. All members of our community have a responsibility to uphold these values.

    Essential Physical Job Functions :

    Certain jobs at Duke University and Duke University Health System may include essential job functions that require specific physical and / or mental abilities. Additional information and provision for requests for reasonable accommodation will be provided by each hiring department.

    Create a job alert for this search

    Identity Management • Durham, NC, United States

    Related jobs
    • Promoted
    • New!
    Bilingual Retail Sales Consultant

    Bilingual Retail Sales Consultant

    SPECTRUMGulf, NC, US
    Full-time +1
    This role requires the ability to work lawfully in the U.Earn $18 / hour base pay, with the potential to earn $23.Plus, enjoy perks like free and discounted internet, TV, and mobile, all while paving...Show moreLast updated: 21 hours ago
    • Promoted
    Solutions Architect (MDM)

    Solutions Architect (MDM)

    First Citizens BankRaleigh, NC, US
    Full-time
    This is a remote role that may only be hired in the following locations : NC, FL, AZ, GA, TX, VA, SC, WV, PA, OH, NJ.We are seeking an experienced Senior Informatica SaaS Architect to lead the desig...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    U.S. Customs and Border Protection Officer

    U.S. Customs and Border Protection Officer

    U.S. Customs and Border ProtectionRougemont, NC, US
    Full-time
    Customs and Border Protection (CBP) offers those interested in a career in law enforcement an exceptional opportunity to work with an elite team of highly trained professionals whose camaraderie, p...Show moreLast updated: 19 hours ago
    • Promoted
    • New!
    Retail Sales Consultant

    Retail Sales Consultant

    SPECTRUMGorman, NC, US
    Full-time
    This role requires the ability to work lawfully in the U.Earn $18 / hour base pay, with the potential to earn $22.Plus, enjoy perks like free and discounted internet, TV, and mobile, all while paving...Show moreLast updated: 21 hours ago
    • Promoted
    • New!
    Part-Time Retail Sales Consultant

    Part-Time Retail Sales Consultant

    SPECTRUMWake Forest, NC, US
    Part-time
    This role requires the ability to work lawfully in the U.Earn $18 / hour base pay, with the potential to earn $24.Plus, enjoy perks like free and discounted internet, TV, and mobile, all while paving...Show moreLast updated: 21 hours ago
    • Promoted
    Travel Echo Tech - $2403.6 / Week

    Travel Echo Tech - $2403.6 / Week

    Atlas MedStaffOxford, NC, US
    Full-time
    Atlas MedStaff is seeking an experienced Echo Tech for an exciting Travel Allied job in Oxford, NC.Shift : 5x8 hr days Start Date : 11 / 10 / 2025 Duration : 13 weeks Pay : $2403.Atlas Medstaff is currentl...Show moreLast updated: 8 days ago
    • Promoted
    Customs and Border Protection Officer

    Customs and Border Protection Officer

    U.S. Customs and Border ProtectionYanceyville, North Carolina, US
    Full-time +1
    Customs and Border Protection (CBP) offers those interested in a career in law enforcement an exceptional opportunity to work with an elite team of highly trained professionals whose camaraderie, p...Show moreLast updated: 30+ days ago
    • Promoted
    Business Planning & Support Consultant - Enterprise Digital Strategy & Planning

    Business Planning & Support Consultant - Enterprise Digital Strategy & Planning

    First Citizens BankRaleigh, NC, US
    Full-time
    This is a remote position that may only be hired in North Carolina.This position in the Digital Strategy and Planning function provides support for strategic planning, internal governance, communic...Show moreLast updated: 7 days ago
    • Promoted
    Senior Enterprise Data Consultant

    Senior Enterprise Data Consultant

    First Citizens BankRaleigh, NC, US
    Full-time
    This position leads Bank initiatives that improve enterprise data quality, governance, reporting, and analytics at an advanced level of ability and technical expertise. Drives positive change across...Show moreLast updated: 30+ days ago
    • Promoted
    Customs and Border Protection Officer - Experienced (GS9)

    Customs and Border Protection Officer - Experienced (GS9)

    U.S. Customs and Border ProtectionRoxboro, North Carolina, US
    Permanent
    Customs and Border Protection (CBP) offers those interested in a career in law enforcement an exceptional opportunity to work with an elite team of highly trained professionals whose camaraderie, p...Show moreLast updated: 30+ days ago
    • Promoted
    D365 SCM Functional Consultant

    D365 SCM Functional Consultant

    Tech Mahindra LimitedDurham, NC, US
    Full-time
    Job Title : D365 SCM Functional Consultant Location : Durham, NC Job Description : JD for D365 Functional consultant.Supply chain Experience : 10+ Years of overall working experience in D365 Finance ...Show moreLast updated: 21 days ago
    • Promoted
    • New!
    United States Customs and Border Protection Officer

    United States Customs and Border Protection Officer

    U.S. Customs and Border ProtectionStem, NC, US
    Full-time
    Customs and Border Protection (CBP) offers those interested in a career in law enforcement an exceptional opportunity to work with an elite team of highly trained professionals whose camaraderie, p...Show moreLast updated: 19 hours ago
    • Promoted
    Systems Analyst

    Systems Analyst

    Altec Industries, Inc.Creedmoor, NC, US
    Full-time
    Provide excellent systems user experience through installation, troubleshooting, and / or repair of computer hardware and software . Resolves simple technical issues.Provides excellent customer servic...Show moreLast updated: 23 hours ago
    • Promoted
    Sr. Audit Manager- Enterprise Risk Management

    Sr. Audit Manager- Enterprise Risk Management

    City National BankNorth Hills, North Carolina, US
    Full-time
    AUDIT MANAGER- ENTERPRISE RISK MANAGEMENT WHAT IS THE OPPORTUNITY? The Sr.Audit Manager position is a leadership role as an auditor-in-charge to guide a team of auditors to assess risks, develop d...Show moreLast updated: 27 days ago
    • Promoted
    Oracle CX Implementation Consultant (Utilities) - Director

    Oracle CX Implementation Consultant (Utilities) - Director

    PwCRaleigh, NC, United States
    Full-time
    At PwC, our people in business application consulting specialise in consulting services for a variety of business applications, helping clients optimise operational efficiency.These individuals ana...Show moreLast updated: 3 days ago
    • Promoted
    VP, Identity & Access Management Engineering Lead

    VP, Identity & Access Management Engineering Lead

    Banc of CaliforniaDurham, NC, United States
    Full-time
    BANC OF CALIFORNIA AND YOUR CAREER.NYSE : BANC) is a bank holding company headquartered in Los Angeles with one wholly-owned banking subsidiary, Banc of California (the "bank").Banc of California is...Show moreLast updated: 3 days ago
    • Promoted
    Microsoft Endpoint Configuration Manager / Microsoft Intune System Engineer

    Microsoft Endpoint Configuration Manager / Microsoft Intune System Engineer

    ExcelraiseNorth Hills, NC, US
    Full-time
    HYBRID Microsoft Intune / MECM System Engineer - M365 Security Migration (NC State) Job ID : 779407 Client : State of North Carolina - NCDIT Role : Microsoft Endpoint Configuration Manager / Microsoft...Show moreLast updated: 12 days ago
    • Promoted
    Quadient Inspire Consultant

    Quadient Inspire Consultant

    Syntricate TechnologiesCary, NC, United States
    Full-time
    Job Description : Performs design and development of applications on complex projects utilizing both packaged software applications (Quadient Inspire) and custom-built applications.Minimum 10 years ...Show moreLast updated: 30+ days ago