Senior Manager, IAM (Identity and Access Management)

United States

Full Time Mid-level / Intermediate
Elemy logo


List of open positions | Elemy

View all employer listings

Apply now Apply later

Who We Are at Elemy:

Elemy, formerly Sprout Therapy, is building the first managed marketplace for in-home chronic medical care, starting with pediatric autism.  Over 1.5M children in the US are affected by autism, and nearly 30% of families are dissatisfied with the care they receive. Elemy is working tirelessly to change this by providing in-home care and leveraging cutting edge AI-powered technology to deliver a better experience to families, providers, and healthcare payers.

Today’s US Child Care industry for autism, ADHD, and other developmental delays is a $38B market that is heavily fragmented and skewed towards in-clinic care. Elemy is looking to change the developmental delay care industry for the better by putting families and children at the center of what Elemy does. Elemy is bringing ABA care to family homes, and providing more resources and tools for therapists to give the best care possible.

Since launching in April 2020, Elemy has become one of the fastest growing healthcare companies in the United States, scaling from 4 to over 1,000 team members in under 18 months, and on track to grow revenue by over 600% this year. The company is backed by leading investors in healthcare and technology, including General Catalyst, Founders Fund, SignalFire,, 8VC, Felicis Ventures, and Bling Capital. 

What You’ll Do

The Senior Manager of Identity & Access Management (IAM) is responsible for planning, designing, and implementing Identity and Access Management (IAM) services across Elemy to provide the correct individuals with access to the right resources – no more, no less. 

  • Drive collaboration between security & trust, compliance, IT, human resources, business, and technology staff to grant proper access to entitlements, ensuring the security of the organization's sensitive information
  • Work across departments to develop policies, standards, and strategies regarding identity and access management
  • Ensure that the identity and access management direction meet the established organizational standards
  • Continuously monitor the current access management processes, creating accurate documentation
  • Analyze user access needs, implementing new access systems when necessary
  • Develop and articulate identity and access risk management strategies that continuously monitor and improve the security of client-facing and internally facing applications
  • Implement and operate privileged and system account access management processes and tools
  • Develop and implement solutions to support access authentication, authorization and provisioning while standardizing and streamlining IT security administration processes
  • Govern and continually improve processes/procedures that focus on risk-based access controls; provide the least allowable access required for business operations, including role-based access modeling
  • Generate innovative ideas and appropriately challenges the status quo. Identifies opportunities to improve logical access provisioning processes
  • Foster a high-performance culture and team by developing their skills and effectively managing the quality of automated access security services delivered
  • Monitor automation performance by including benchmarking and tracking performance against service improvements
  • Lead discussions with business units to review and approve mitigation strategies for areas of non-compliance with information security policy and standards
  • Collaborates with business and technology teams to create and maintain IAM risk management policies and standards reflecting both the company's risk appetite and health industry regulation (e.g. HIPAA) to assure robust controls
  • Approve exception requests, user access changes, provisioning, de-provisioning, and access level changes. Provide guidance on implementing access levels for new systems

What You’ll Need

  • Minimum of five years' experience in IAM, developing, implementing and/or architecting IAM systems, directory service, active directory, Azure active directory, LDAP, and cloud-based identities
  • Minimum of five years' experience managing a team
  • Experience in gathering requirements, documenting, and assessing information for implementing information security policies and standards is required
  • Experience and advanced understanding of business processes, internal control risk management, IT controls and risk and compliance requirements
  • Subject matter expertise on IAM industry standards such as SAML 2.0, OIDC, Oauth, FIDO/WebAuthn, SCIM and others
  • Strong working knowledge of the IAM vendor landscape, including at minimum Okta, Ping Identity, Forgerock, Sailpoint, Duo Security, Auth0, Bettercloud, Savyint, Azure AD and others
  • Experience and working knowledge of cloud (IaaS, PaaS, SaaS), IT infrastructure, IAM solutions, network, compute, storage, and security technologies.  Industry regulatory experience a plus for either financial services or healthcare
  • Excellent communication skills, both written and verbal, are essential as this role will involve a great deal of cross-organizational team work

At Elemy, we are a globally distributed team with many of our team members located throughout the world, including in the following cities: San Francisco, New York, Los Angeles, Miami, Toronto, Montreal, and Kyiv. While everyone currently works remotely, we envision a future that balances face to face collaboration with a remote friendly environment.

Job region(s): Remote/Anywhere
Job stats:  127  1  0
  • Share this job via
  • or

Explore more Information Security career opportunities