IAM Engineer 6 Client Implementation & Automation
Company Overview
Ensemble Health Partners is a leading healthcare revenue cycle management organization focused on delivering operational excellence, innovation, and meaningful outcomes for healthcare providers and the patients they serve. Our Technology Security organization plays a critical role in protecting Ensemble, enabling secure business operations, and supporting scalable growth across enterprise and client environments.
Job Summary
The IAM Engineer 6 Client Implementation & Automation is responsible for supporting secure, scalable, and audit-ready identity and access management capabilities across Ensembles client and enterprise environments. This role helps ensure Day-1 access readiness by translating client requirements into access models, workflows, role-based access mappings, automation opportunities, testing plans, and operational support practices.
This position works within Ensembles IAM operating model, supporting an identity-first, automation-first, and RBAC-first approach to client onboarding, lifecycle management, access governance, and continuous improvement. The ideal candidate is a hands-on IAM professional with strong technical troubleshooting skills, process discipline, documentation quality, and the ability to partner effectively across IAM, ServiceNow, HR/Workday, Operations, PMO, application owners, and client stakeholders.
Essential Job Functions
Client Implementation & Readiness
- Support IAM delivery across all onboarding phases, including discovery, design, build, UAT, go-live, and stabilization.
- Translate client requirements into access models, workflows, and RBAC mappings.
- Coordinate readiness activities across key milestones, including T-30, T-10, T-0, and T+10.
- Maintain clear and complete documentation, including requirements, workflows, UAT results, and runbooks.
Access Workflow & Lifecycle Management
- Design and support access request workflows through ServiceNow or other approved intake channels.
- Ensure access requests capture the required data for provisioning, approvals, and audit evidence.
- Manage identity lifecycle processes including Joiner, Mover, Leaver, rehire, and client changes.
- Identify and resolve workflow, approval, and provisioning issues in a timely and effective manner.
RBAC & Access Governance
- Maintain RBAC models, entitlement mappings, and access profiles.
- Ensure access is aligned with least-privilege principles and approved role definitions.
- Support access reviews, certifications, and exception handling.
- Document risks, exceptions, and compensating controls.
Automation & Integration
- Develop automation that reduces manual provisioning effort and improves operational scalability.
- Support integrations across IAM, ServiceNow, HR/Workday, and applications.
- Leverage APIs, scripting, and workflows for lifecycle automation.
- Identify, document, and track automation opportunities and technical debt.
Audit & Operations
- Maintain complete and traceable audit evidence for access-related activities.
- Support SLA tracking, operational reporting, and leadership visibility.
- Manage exceptions with clear ownership, documented rationale, and remediation plans.
- Contribute to SOPs, runbooks, and workflow documentation.
Collaboration & Client Engagement
- Partner with IAM, ServiceNow, HR/Workday, Operations, PMO, and client teams.
- Communicate status, risks, dependencies, and decisions clearly and professionally.
- Support escalations and promote transparency throughout go-live and hypercare activities.
- Translate technical IAM concepts into clear business impact and operational value.
Minimum Qualifications
- Three or more years of experience in Identity and Access Management, cybersecurity, access provisioning, security operations, or a related technology function.
- Experience supporting identity lifecycle management, including joiner, mover, leaver, rehire, transfer, and access change processes.
- Experience working with workflow platforms, access request processes, system integrations, or process automation.
- Knowledge of RBAC, least privilege, and access governance.
- Experience with APIs, scripting, or automation.
- Understanding of SSO, MFA, SAML, OAuth, and LDAP.
- Strong troubleshooting, documentation, communication, and stakeholder engagement skills.
Preferred Qualifications
- Experience supporting client onboarding, implementations, or large-scale transformation initiatives.
- Background in healthcare or regulated environments.
- Familiarity with ITSM platforms, cloud identity solutions, and SaaS application environments.
- Experience supporting audit, compliance, access reviews, or control validation activities.
- Relevant certifications such as Security+, ITIL, CISSP, or CISM.
Core Competencies
- Customer obsession and commitment to delivering reliable, high-quality access services.
- Strong ownership, accountability, and follow-through across implementation and operational activities.
- Ability to simplify complex IAM concepts and communicate effectively with technical and business stakeholders.
- Continuous improvement mindset with a focus on automation, standardization, scalability, and measurable outcomes.
Technical Skills
- Identity lifecycle management (JML).
- RBAC and entitlement mapping.
- Access request workflows and SLA tracking.
- APIs and integrations such as REST, SCIM, and JSON.
- Authentication including SSO, MFA, SAML, and OAuth.
- Automation, scripting, and cloud/SaaS identity concepts.
Soft Skills
- Strong communication and stakeholder engagement.
- Client-facing professionalism.
- Attention to detail and accountability.
- Problem-solving orientation and commitment to continuous improvement.
This position pays between $84,000 - 144,900 based on experience
Must be inquisitive and demonstrate openness to innovation including AI to explore better processes and ways to alleviate friction and improve patient and client experiences.
This is a remote position; however, candidates must be willing and able to travel to and work onsite at client, temporary, or corporate office locations as business needs require.
Why Join Ensemble?
At Ensemble, you will have the opportunity to work on meaningful healthcare technology and security challenges while contributing to a growing, innovation-focused IAM program. This role offers exposure to enterprise identity platforms, client onboarding, automation, access governance, ServiceNow workflows, Workday-driven lifecycle processes, and cross-functional collaboration with teams across Technology Security, Operations, HR, PMO, and client delivery.
Posting Summary: This role is ideal for an IAM professional who wants to help deliver consistent, automated, secure, and audit-defensible access capabilities that support successful client implementations and scalable IAM operations at Ensemble Health Partners.