The Washington Health Benefit Exchange is a public-private partnership that operates the WAPlanfinder mobile app and Washington Healthplanfinder, the eligibility and enrollment portal used by one in four Washington residents to obtain health and dental coverage. Through Washington Healthplanfinder, individuals and families can compare and enroll in health insurance coverage and gain access to financial help and public programs like Washington Apple Health.

The mission of the Exchange, a state-based marketplace, is to radically improve how Washington residents secure health insurance through innovative and practical solutions, an easy-to-use customer experience, our values of integrity, respect, equity and transparency, and by providing undeniable value to the health care community.

The Exchange is also committed to identify and reach groups at risk for obstacles to access coverage, which includes supporting those who need assistance overcoming barriers to seek, find, and use their health insurance coverage. Specifically, the Exchange is embracing the following equity statement:

Equity is a fundamental pillar to the society we seek to build. The process of advancing toward equity will be disruptive and demands vigilance, dismantling deeply entrenched systems of privilege and oppression. We must focus our efforts on people and places where needs are greatest, especially communities of color, and go beyond remedying a particular inequity to address all determinants of health.

Our goal is that all Washingtonians have full and equal access to opportunities, power and resources to achieve their full potential.

SUMMARY

The Identity & Access Management lead is responsible for managing ongoing development and configuration of the Identity and Access Management (IAM) solution for WAHBE using ForgeRock technology. This position is responsible for designing, managing, and monitoring of IAM; ensures appropriate security controls are implemented; assist risk management team in IT audits; and assist incident response team to investigate IT security incidents and breaches. This position is also responsible for assessing new IAM requirements, providing impact reports and status updates to leadership.

DUTIES AND RESPONSIBILITIES

• Lead IAM team to design, deploy, support and monitor IAM solution using ForgeRock Identity As a Service offerring
• Colloborate with ForgeRock vendor to monitor product releases and perform impact analysis for WAHBE
• Collaborate with System Integrator to ensure application integration to Forgerock is stable and meets WAHBE SLAs
• Track ForgeRock bugs, release issues for resolution and report to management
• Develop and maintain IAM requirements for cloud-based applications and services
• Perform access re-certification for privileged user accounts in IAM
• Manage and monitor day-to-day issues, incidents and ensure issues are escalated and addressed and processes are followed
• Manage and mentor the team of IAM admins and engineers
• Configure out of the box and custom reporting using industry standard reporting tools
• Stay up to date with current and emerging IAM capabilities
• Advise management on risk issues related to IAM and recommend actions in support of WAHBE’s risk management and compliance programs
• Lead the risk assessment of a proposed solution, escalate appropriately and drive to closure
• Collaborate with peer engagement leads to define and establish best-in-class, effective IAM implementation in hybrid cloud environment
• Assist WAHBE in reviewing and updating policies, procedures, and standards as applicable to IAM solution
• Work with the Risk Management Office in the remediation of vulnerabilities and audit findings
• Liaise with other architects and engineers to share best practices, insights and requirements
• Performs other duties as assigned within the scope of IAM solution

QUALIFICATIONS

Required:

• 7+ years of IAM experience using Oracle, ForgeRock or similar technology
• Excellent understanding of development SDLC, architecture design and IT operations.
• Ability to assess the impact of new requirements on IAM and all upstream and downstream applications, systems and processes
• Experience in implementing IAM solutions in cloud platform
• Experience with vendor management and oversight
• Experience in enabling SSO and Federation using SAML, OAuth and OIDC; MFA, Risk Based Authentication
• Good understanding of TCP/IP and RESTful based architectures
• Strong advanced troubleshooting skills with the ability to analyze logs, systems changes, and system health for root cause
• Experience in assisting Incident investigations during security/privacy incidents
• Experience developing and documenting business processes and workflows as implemented in IAM
• Excellent verbal and written communication skills
• Ability to prioritize and manage multiple projects simultaneously and follow-through on issues in a timely manner
• Motivated self-starter with initiative to take independent action and accept responsibility for your actions
• Ability to maintain high level of confidentiality
• Creative and proactive problem solver; must possess the ability to make independent decisions and judgments about work priorities
• Well organized, flexible, resourceful and efficient with strong attention to detail
• Strong interpersonal skills; ability to work with all levels of internal management and staff, as well as outside clients, vendors, diverse populations, stakeholder groups, and customers

Desired:

• 3+ years of experience in Forgerock IAM
• Experience understanding and implementing IT Security controls
• Ability to learn and apply new concepts
• Knowledge of Google cloud security
• Experience working with Security information and event management
• Experience in the government and/or health care fields
• Understanding of standards and guidelines in areas of IRS 1075, MARS-E, NIST, FISMA, HITECH, etc
• Contracts management experience
• Bachelor’s or Master’s degree in Cybersecurity or related field

APPLICATION INSTRUCTIONS

This position will be open until we find a suitable number of candidates to review. If interested, please submit an application as soon as possible. The Exchange reserves the right to close the recruitment at any time.

SALARY INFORMATION

The posted salary is the full salary range. The range of consideration for new hires is from $98,963.00 - $123,703. Offer will depend on qualifications.

BENEFITS

Take a peek of our benefits package.

WORKING CONDITIONS

Core business hours are 8:00 a.m. to 5:00 p.m., Monday through Friday. Travel requirements will be limited to local travel, however there may be occasions were an employee is required to travel and work irregular hours to attend meetings or trainings. Duties of this position require the use of standard office furniture and equipment (e.g. desk, filing cabinet, computer, printer, telephone, fax machine, copy machine, etc.).

The working conditions and physical demands are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

In alignment with the Governor's proclamation and WAHBE's duty to provide and maintain a safe work environment free of known hazards, to reduce business and community disruption associated with COVID-19 surges, and to reduce the risk to the public we serve, all employees must provide evidence that they have received the COVID-19 vaccination in full as a condition of employment, or have received an approved medical or religious exemption.

SPECIAL REQUIREMENTS

A criminal background screen will be conducted for candidates under final consideration, and if hired, every five years of employment where highly sensitive data is processed or maintained by the position. The result of this background screen must meet the Exchange’s eligibility standards.

OTHER INFORMATION

The above statements are intended to describe the general nature and levels of work being performed. They are not intended to be construed as an exhaustive list of responsibilities, duties and skills of personnel so classified.

This is not an employment agreement or contract. Management has the exclusive right to alter this job description at any time without notice.

The Washington Health Benefit Exchange is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, marital status, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

We participate in E-Verify. You can view the Department of Justice's Right to Work poster here.