Senior Active Directory / IAM Engineer - Remote

Join the transformative team at City of Hope where we are changing lives and making a real difference in the fight against cancer, diabetes, and other life-threatening illnesses. City of Hopes growing national system includes its Los Angeles campus, a network of clinical care locations across Southern California, a new cancer center in Orange County, California, and treatment facilities in Atlanta, Chicago, and Phoenix. Our dedicated and compassionate employees are driven by a common mission: To deliver the cures of tomorrow to the people who need them today.

This is a Fully Remote Opportunity within the United States.

As a successful candidate, you will join City of Hopes Information Technology team as a Senior Identity and Access Management Active Director Engineer. This individual will lead the design, implementation, and ongoing management of our hybrid identity infrastructure-including on-premises Active Directory and Entra ID formerly Azure AD-to ensure secure, efficient, and scalable access to enterprise systems.

The Senior IAM Active Directory Engineer will collaborate with cross-functional teams and regularly present technical strategies, risks, and performance metrics to executive leadership. This position plays a critical role in advancing City of Hopes security posture through innovation, standardization, and continuous improvement in identity and access management practices.

IAM Solution Design and Implementation

Design, implement, and maintain IAM solutions to manage user identities, access privileges, and authentication mechanisms.

Collaborate with stakeholders to gather requirements and ensure that IAM solutions align with business needs.

System Integration and Optimization

Integrate IAM solutions with existing systems, applications, and directory services.

Optimize IAM workflows and processes to enhance efficiency and user experience.

Access Control and Authorization

Implement and manage role-based access controls (RBAC) to ensure that users have appropriate access permissions.

Conduct regular access reviews and audits to maintain a secure access environment.

Authentication and Federation

Evaluate, implement, and manage authentication mechanisms, including multi-factor authentication (MFA).

Implement and maintain identity federation solutions for seamless and secure access across systems.

Incident Response and Troubleshooting

Participate in incident response activities related to IAM, investigating and resolving security incidents.

Troubleshoot and resolve IAM-related issues in a timely manner.

Leadership Responsibilities

Lead the administration, maintenance, and optimization of Microsoft Active Directory, including Group Policy Objects (GPOs), OU structures, trusts, and replication.

Design, implement, and manage hybrid identity solutions between on-prem Active Directory and Entra ID (Azure AD).

Maintain and enhance identity lifecycle processes, provisioning, deprovisioning, role-based access control for both cloud and on-prem environments.

Manage synchronization and federation services, such as Azure AD Connect, ADFS, or Entra Connect Cloud Sync.

Enforce identity governance policies, including conditional access, MFA, and privileged access management in Entra ID.

Monitor and troubleshoot authentication and authorization issues across Active Directory and Entra services.

Develop and maintain automation scripts (e.g., PowerShell) to support IAM tasks and improve operational efficiency.

Support audits and ensure compliance with security standards, such as NIST, HIPAA, or ISO 27001, by maintaining clean identity records and access logs.

Partner with cybersecurity infrastructure and application teams to integrate IAM services with enterprise platforms.

Qualifications

• Bachelors degree in a related field
• 4 additional years of experience plus the minimum experience requirement may substitute for minimum education
• Seven or more years in a technology-related field with a minimum of 5 years in Identity and Access Management specific experience
• Hospital/healthcare industry experience is desirable but not required
• Working knowledge of Information Security tools, practices, policies, and processes in a multi-vendor environment with an emphasis on risk analysis, risk assessment, and risk management
• Computer Information Systems, MISCIS, Computer, Electrical Engineering, Computer Science, or related field

City of Hope Employee Benefits

City of Hope employees pay is based on the following criteria: work experience, qualifications, and work location.

City of Hopes Commitment to Diversity, Equity, and Inclusion

City of Hope is an equal opportunity employer. To learn more about our commitment to diversity, equity, and inclusion, please click here.

Comprehensive Benefits

To learn more about our Comprehensive Benefits, please click here.