HeartFlow is a Software as a Service (SaaS) medical device company. We use cutting-edge technology (deep learning, computational fluid dynamics, cloud-based computing) combined with advanced clinical expertise to revolutionize the treatment of coronary artery disease. We have an exciting and challenging opportunity for an experienced, talented, highly technical, Identity and Access Management (IAM) Engineer with significant hands-on Identity and Access Control experience. This person will help continue to shape and expand the foundation to support Identity and Access Management operations for HeartFlow.

The ideal candidate will be a subject matter expert (SME) with the nuts and bolts of privileged access and identity access management technologies and workflows. They will have in depth experience working with group policy objects (GPOs) and manually provisioning, deprovisioning and modifying user access. They will have previously implemented a leading IAM and/or PAM solution (ideally both) and associated workflows in a medium or higher sized company.

Job Responsibilities:

• Implement and maintain the enterprise-wide Identity Access Management (IAM) and Privileged Access Management (PAM) solutions and program.
• Architect, implement, support and maintain the security infrastructure to support all enterprise access under a centralized Identity Access Management (IAM) System.
• Administer and support single sign on, two-factor authentication, and SAML technologies.
• Provide administrative support for the IAM, PAM and associated systems.
• Perform periodic access reviews while working closely with the Information Security Governance, Risk and Compliance (GRC) team.
• Manually respond to access control requests (on-boarding/new access, off-boarding/access removal, access changes, etc.) until IAM solution is implemented providing automated access provisioning, modification and deprovisioning.
• Identify, document, and develop process improvements and streamline systems access requests during new hire, transfer and terBuild-out IAM connectors to requested applications or systems.
• Test patches and upgrades and implement advanced authentication methodologies and coordinate maintenance on all associated IAM servers.
• Establish and maintain the approval workflows required for each connecting application.
• Manage the web interfaces used for user logins and user password self-service systems.
• Identify, investigate and mitigate issues with existing access management workflows.
• Research and implement emerging technologies related to user authentication.
• Assist with the managing the login and access control lists (ACL), such as but not limited to: Application Client, Single Sign-On, and Client Trust services.

Qualifications:

• Strong understanding of SAML 2.0, OAuth, SSO, PKI, Active Directory and LDAP
• Project management and implementation expertise in an enterprise organization
• Experience implementing IAM technologies in mission critical networks which require the highest levels of security
• Strong understanding of Active Directory Architecture in highly secure environments (Red Forest), hardening of directory, secure structure, auditing of the directory and implementation of controls into the directory
• Strong knowledge of Auditing Tools and ability to identify and manage risk in the IAM space
• Strong understanding of PKI and smartcard deployments (password less environments for on-premises and cloud environments)
• Strong understanding of REST API and integration of tools
• In-depth experience with implementing and administering Privileged Access Management solutions to control, monitor, and manage privileged user access to critical systems
• Experience in network user account security, compliance, and access best practices
• Experience with web services security solutions and application integration concepts
• Familiarity with Governance, Risk and Compliance issues and solutions as it relates to Identity Management
• Experience designing IAM solutions for heterogeneous environments and systems
• Working knowledge of a broad range of current security appliances, tools, and applications and security methodologies
• Excellent verbal and written communication skills, as well as ability to present and explain technical information
• Strong analytical and organizational skills
• Demonstrated competency in resolving diverse and complex business problems
• Must be able to occasionally work outside of normal working hours as needed to support and resolve security needs
• Individual contributor with strong teamwork and leadership skills
• 6+ years' experience with Identity and Access Management operations
• 4-6 years' experience with IAM Administration, Microsoft Active Directory and Project Management

About HeartFlow, Inc.

HeartFlow, Inc. is a medical technology company redefining the way heart disease is diagnosed and treated. Our non-invasive HeartFlow FFRct Analysis leverages deep learning to create a personalized 3D model of the heart. By using this model, clinicians can better evaluate the impact a blockage has on blood flow and determine the best treatment for patients. Our technology is reflective of our Silicon Valley roots and incorporates decades of scientific evidence with the latest advances in artificial intelligence. The HeartFlow FFRct Analysis is commercially available in the United States, Canada, Europe and Japan. For more information, visit www.heartflow.com.

HeartFlow, Inc. is an Equal Opportunity Employer. We are committed to a work environment that supports, inspires, and respects all individuals and do not discriminate against any employee or applicant because of race, color, religion, marital status, age, national origin, ancestry, physical or mental disability, medical condition, pregnancy, genetic information, gender, sexual orientation, gender identity or expression, veteran status, or any other status protected under federal, state, or local law. This policy applies to every aspect of employment at HeartFlow, including recruitment, hiring, training, relocation, promotion, and termination.

Positions posted for HeartFlow are not intended for or open to third party recruiters / agencies. Submission of any unsolicited resumes for these positions will be considered to be free referrals.