LVT is looking for a Senior IAM Engineer to join our team. You will be responsible for the design, implementation, administration, and ongoing optimization of Imprivata solutions—primarily Imprivata OneSign, Confirm ID, and Enterprise Access Management (EAM). This role enables secure, efficient, and reliable authentication workflows that support clinical and enterprise operations.
What You'll Do
- Lead the administration and lifecycle management of the Imprivata EAM platform.
- Configure and maintain authentication workflows including Single sign-on (SSO), Badge tap / Tap n Go, FIDO2 security Key workflows, Multi-factor authentication (MFA), and Electronic prescribing of controlled substances (EPCS).
- Maintain system stability through proactive performance monitoring, patching, upgrades, and capacity planning.
- Manage the full upgrade lifecycle for Imprivata appliances, agents, and components, including planning, testing, deployment, validation, and rollback strategies.
- Integrate Imprivata solutions with clinical and enterprise applications such as EHRs (Epic), virtual desktops (Citrix/VMware Horizon), Active Directory, MFA tokens, and identity providers.
- Deploy and optimize endpoint agents, authentication devices, badge readers, FIDO compliant hardware keys, and API-driven integrations.
- Create and maintain application profiles, SSO configurations, workflows, identity policies, and Tap n Go device mappings.
- Ensure compliance with regulatory requirements such as HIPAA, EPCS, HITRUST, and internal security policies.
- Implement secure identity and authentication controls across the healthcare and workforce ecosystem.
- Collaborate with Security and Compliance teams for audits, risk assessments, and access reviews.
- Serve as a Tier 2 expert for escalations related to authentication, SSO, MFA, badge access, FIDO key workflows, or clinical workflow issues.
- Conduct root-cause analysis, resolve complex issues, and implement long-term remediation.
- Engage Imprivata technical support and vendors when needed to resolve escalated issues.
- Ensure 24x7 availability and stability of services.
- Develop and maintain KB articles, documentation for system configurations, deployment procedures, upgrade runbooks, and operational standards.
- Identify opportunities for workflow enhancements, automation, and optimization of authentication pathways.
- Mentor, train and transfer knowledge to junior engineers, analysts and support staff.
What We're Looking For
- 8+ years of Information Technology delivery or support experience in a large, complex environment, or in a Healthcare organization.
- 3+ years of proven experience with Imprivata EAM in an enterprise or healthcare environment.
- 3+ years of experience analyzing and resolving complex access and authentication issues.
- 2+ years of hands-on experience with Windows Server, Active Directory, Group Policy/Ivanti EM.
- 2+ years of hands-on experience with Citrix / VMware Horizon virtual desktop environments.
- 2+ years of hands-on experience with MFA technologies, certificate services, badge authentication, and FIDO security keys, Identity access management (IAM), SSO, and MFA principles.
- 1+ years of hands-on experience with Tap n Go badge workflows and FIDO2 based authentication.
- 1+ years of experience managing agent and appliance upgrade cycles, including planning, testing, and deployment.
- 1+ years of experience with ITIL processes, change management, and large-scale enterprise support.
- Proven ability to support on-call rotations and respond to incidents when required, providing off-business hours support as needed.
Nice to Have
- Imprivata certifications (e.g., Imprivata Certified Engineer).
- Information security or IAM background and related certifications.
- 5+ years of experience supporting Imprivata and Healthcare applications and customers.
- Experience supporting EHR systems (Epic Hyperspace, Epic Slingshot).
- PowerShell or other scripting experience for automation.
- Knowledge of Cloud, Networking, Database and Virtual Infrastructure concepts.
- Proven excellent communication and collaboration skills, and ability to work with customers and peers in multiple time zones or regions.
- Proven good understanding of Clinical workflows.
- Proven excellent troubleshooting and root cause diagnosis skills.
Technical Stack
- Imprivata OneSign, Imprivata Confirm ID, Imprivata Enterprise Access Management (EAM)
- Single Sign-On (SSO), Multi-factor Authentication (MFA), FIDO2 Security Keys
- Active Directory, Group Policy, Ivanti EM
- Citrix, VMware Horizon, Epic EHR, PowerShell
Team & Environment
You will be part of the Enterprise Information Security (EIS) team and Enterprise Security and Resilience Office (ESRO).
Benefits & Compensation
- Compensation: $91,700 to $163,700 annually
- Comprehensive benefits package
- Incentive and recognition programs
- Equity stock purchase
- 401k contribution
Work Mode
This role offers a hybrid work mode and is open to candidates located in the United States.
UnitedHealth Group is an Equal Employment Opportunity employer under applicable law and qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations.
