Sign upLog in

Senior Identity System Engineer

Sanford Health

Marshfield, WI

Apply
JOB DETAILS
SALARY
$40–$66 Per Hour
SKILLS
Access Authorization, Application Programming Interface (API), Applications Security, Authentication, Automation, Best Practices, Business Operations, Business Support, CISA - Certified Information Systems Auditor, CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Cloud Computing, CompTIA Security+, Computer Science, Computer Skills, Cross-Functional, Digital Certificates, HIPAA (Health Insurance Portability and Accountability Act), Healthcare, Identity Data Management, Information Technology & Information Systems, Information/Data Security (InfoSec), JSON, Just in Time (JIT), Kerberos, Leadership, Maintain Compliance, Mentoring, Microsoft Active Directory, Multiplatform/Cross-Platform, OAuth, OpenID, Operational Support, PCI, Problem Solving Skills, Public Key Infrastructure (PKI), REST (Representational State Transfer), Regulatory Compliance, Regulatory Requirements, Replication and Remote Mirroring, SOAP (Simple Object Access Protocol), Sarbanes-Oxley Act (SOX), Security Assertion Markup Language (SAML), Single Sign-On (SSO), System Integration (SI), Systems Engineering, Topology
LOCATION
Marshfield, WI
POSTED
1 day ago
**Careers With Purpose**

**Sanford Health, the largest rural health system in the United States, is dedicated to transforming the health care experience and providing access to world-class health care in America’s heartland.**

**Facility:** Marsh Main
**Location:** Marshfield, WI
**Address:** 1000 N Oak Ave, Marshfield, WI 54449, USA
**Shift:** 8 Hours - Day Shifts
**Job Schedule:** Full time
**Weekly Hours:** 40.00
**Salary Range:** $40.00 - $66.00
**Pay Info:** Pay starts at $40 and increases according to years of applicable experience.

**Department Details**

Saviynt experience highly preferred.

**Job Summary**

The Senior Identity Systems Engineer is responsible for designing, implementing, and securing enterprise identity and access management infrastructure that enables reliable authentication, authorization, and access management across hybrid environments. Engineers in this family ensure that users, systems, and applications are authenticated, authorized, and protected in alignment with security standards, regulatory requirements, and business needs. The Senior Identity Systems Engineer is an advanced technical role responsible for designing, implementing, and optimizing enterprise identity infrastructure across on-premises and cloud environments. This position leads the architecture of domain topologies, forest structures, and global replication, while ensuring hybrid identity solutions provide seamless sign-in experiences across platforms. The engineer drives the adoption of modern authentication protocols such as Kerberos, OAuth, OpenID Connect, and SAML, and leads initiatives around just-in-time access, privileged session monitoring, and automated access governance. Responsibilities include integrating systems through API calls (REST, SOAP, JSON), managing enterprise PKI and certificate lifecycles, enforcing security baselines via Group Policy, and ensuring compliance with regulatory frameworks such as SOX, HIPAA, and GDPR. In addition to technical execution, the Senior Identity Systems Engineer plays a mentoring role, guiding junior engineers in best practices and fostering team knowledge growth. With a focus on innovation and automation, this role ensures that the organization's identity services remain secure, resilient, and aligned with modern zero trust principles and evolving business needs.

This role requires deep technical expertise in Active Directory, Entra ID, authentication protocols, Identity Governance Administration (IGA), Privileged Access Management (PAM) and PKI with a strong focus on information security, compliance, strong problem-solving skills, a security-first mindset, and least-privilege enforcement. The Senior Identity Systems Engineer ensures the organization's identity platforms are resilient, scalable, and secure to support business operations and protect sensitive data. The Senior Identity Systems Engineer will work closely with cross-functional IT, application, and security teams to ensure alignment with business objectives, regulatory requirements, and industry best practices.

**Qualifications**

Bachelor’s degree required, in lieu of education, leadership may consider an Associate’s Degree plus 3 years of applicable experience in computer science or related field.

Minimum of 3-4 years applicable work experience required. Including but not limited to:

* Supporting Active Directory, Domain Services, Hybrid Identities, & Entra ID

* Implementing SSO/MFA workflows using SAML 2.0 and/or OIDC

* Maintaining Public Key Infrastructure (PKI)

* Supporting Identity Lifecycle & Access Governance workflows and technical integrations

* Implementation of information security standards and procedures including HIPAA and PCI

Security Certifications (CISSP, CISA, CISM, Security+, CEH, etc.) are highly desired.

**Benefits**

Sanford offers an attractive benefits package for qualifying full-time and part-time employees. Depending on eligibility, a variety of benefits include health insurance, dental insurance, vision insurance, life insurance, a 401(k) retirement plan, work/life balance benefits, and a generous time off package to maintain a healthy home-work balance. For more information about Total Rewards, visit https://sanfordcareers.com/benefits .

Sanford is an EEO/AA Employer M/F/Disability/Vet. If you are an individual with a disability and would like to request an accommodation for help with your online application, please call 1-877-673-0854 or send an email to talent@sanfordhealth.org .

Sanford has a Drug Free Workplace Policy. An accepted offer will require a drug screen and pre-employment background screening as a condition of employment.

**Req Number:** R-0262331
**Job Function:** Information Technology
**Featured:** No

About the Company

S

Sanford Health