Senior Director –Identity & Access Management

City/State

Albemarle, NC

Work Shift

First (Days)

Overview:

Role Description:

The Senior Director – Identity & Access Management will be the senior leader and architect of a unified identity ecosystem for Sentara Health. You will lead a "Total Identity" strategy that bridges clinical, corporate, and consumer realms. Own the "Digital Front Door," ensuring patients have a single secure login that traverses across the Sentara ecosystem.

Unique to this role is the ownership of the Epic Security Team and the governance of Non-Human Identities (NHI). You will optimize a multi-million-dollar identity stack including Entra, Ping, ForgeRock, Saviynt, and CyberArk/Beyond Trust, etc. to deliver secure, frictionless care.

Key Responsibilities:

Strategic Leadership & Vision

· Unified Strategy: Define and execute a multi-year roadmap for “Total Identity” across Enterprise and Consumer identity, aligning with broader cyber security and digital transformation goals.

· Executive Alignment: Serve as the primary advocate for identity at the executive level, managing budgets, vendor relationships, and large-scale change management initiatives.

· Product Ownership: Treat identity as a product, ensuring high availability, scalability, and superior user experience for “Total Identity”.

Enterprise IAM (Workforce & Partners)

· Lead the lifecycle management (Joiner/Mover/Leaver) for employees, vendors, and partners.

· Oversee SSO, MFA, and Privileged Access Management (PAM) to enforce Zero Trust and Least Privilege principles.

· Ensure seamless integration of identity services across the internal application landscape.

Consumer IAM (CIAM)

· Own the customer journey for registration, login, and profile management, prioritizing a low-friction "security-first" user experience.

· Drive the implementation of social logins, self-service recovery, and personalization features.

· Collaborate with Marketing and Product teams to ensure identity data enhances customer insights while maintaining trust.

Identity Platform & Engineering

· Direct the development of the core tech stack, including APIs, microservices, and identity data lakes.

· Ensure the reliability and performance of identity products (e.g., Saviynt, Ping ForgeRock, CyberArk/Beyond Trust, etc.).

· Standardize identity patterns across the organization to enable developer self-service.

Epic Security Development/Administration

· Lead the Epic Security Development/Administration team, overseeing the design of security records (EMP), provider records (SER), and sub-templates.

· Clinical Alignment: Partner with CMIO, Clinical Operations, and IT to ensure Epic security profiles (Hyperdrive/Canto/Haiku) enable "tap-and-go" provider workflows without compromising HIPAA standards.

· Security Matrix Governance: Maintain the enterprise Epic Security Matrix, ensuring clinical role-based access (RBAC) is synchronized with enterprise governance (IGA) systems.

Governance & Compliance

· IGA: Establish robust Identity Governance and Administration (IGA) for automated access reviews and role-based access control (RBAC).

· Privacy: Ensure strict adherence to global regulations, including specifically regarding consent management and data residency.

· SecOps Integration: Partner with the Cyber Threat Operations Center (CTOC) to monitor identity-based threats, credential stuffing, and account takeovers.

Non-Human Identity (NHI) & Machine Governance

· Machine Inventory: Establish a comprehensive inventory and ownership model for all non-human identities, including service accounts, API keys, RPA bots, and secrets.

· Secrets Management: Direct the lifecycle—discovery, vaulting, and automated rotation—of credentials used by applications and automated workflows to prevent static "shadow credentials".

· IoMT Security: Extend IAM principles to the Internet of Medical Things (IoMT). Ensure medical devices (infusion pumps, monitors) are authenticated via unique machine identities before accessing clinical networks.

· Workload Identities: Oversee Entra Workload ID or similar tools to secure machine-to-machine (M2M) communications across cloud-native and legacy hospital systems.

Qualifications:

· Bachelor’s or master’s degree in computer science, Information Security, or a related field.

· Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent certifications preferred.

· Extensive experience (15+ years) in technology and cyber security, with 5+ years in a senior leadership role at a Healthcare IDN or Health Plan preferred.

· Proven leadership experience managing teams and driving cross-functional collaboration.

· Strong understanding of regulatory requirements, industry standards, and best practices related to cyber security.

· Deep understanding of identity protocols (SAML, OIDC, OAuth 2.0, FIDO2) and experience managing both cloud-native and hybrid identity environments.

· Excellent communication skills, with the ability to articulate complex security concepts to technical and non-technical audiences.

· Strategic thinker with the ability to translate business needs into effective security solutions.

· Demonstrated ability to thrive in a fast-paced, dynamic environment and adapt to evolving threats and challenges.

· Strong leadership and management skills, with the ability to build and lead high-performing security teams.

· Excellent communication and interpersonal skills, with the ability to effectively interact with stakeholders at all levels of the organization.

· Proven track record of driving security initiatives and achieving measurable results.

· Ability to work effectively in a fast-paced and dynamic environment, with a strong sense of urgency and attention to detail.

· Agile, LEAN or Six Sigma experience.

Sentara Health is an equal opportunity employer and prides itself on the diversity and inclusiveness of its close to an almost 30,000-member workforce. Diversity, inclusion, and belonging is a guiding principle of the organization to ensure its workforce reflects the communities it serves.

In support of our mission “to improve health every day,” this is a tobacco-free environment.

For positions that are available as remote work, Sentara Health employs associates in the following states:

Alabama, Delaware, Florida, Georgia, Idaho, Indiana, Kansas, Louisiana, Maine, Maryland, Minnesota, Nebraska, Nevada, New Hampshire, North Carolina, North Dakota, Ohio, Oklahoma, Pennsylvania, South Carolina, South Dakota, Tennessee, Texas, Utah, Virginia, Washington, West Virginia, Wisconsin, and Wyoming.