Information Security Engineer Consultant

Optum is a global organization that delivers care, aided by technology to help millions of people live healthier lives. The work you do with our team will directly improve health outcomes by connecting people with the care, pharmacy benefits, data and resources they need to feel their best. Here, you will find a culture guided by inclusion, talented peers, comprehensive benefits and career development opportunities. Come make an impact on the communities we serve as you help us advance health optimization on a global scale. Join us to start Caring. Connecting. Growing together.

As a Consultant in Manual Access Provisioning, you will be responsible for overseeing and executing manual processes related to user access management within our organization. You will work closely with various stakeholders to ensure that user access is granted, modified, or revoked in accordance with established policies and procedures.

Primary Responsibilities

• Work with Optum Connect/OITPS Leaders to understand and define the Manual Access Provisioning objectives, commitments, roadmaps specific to each client as well as under managed services (shared teams)
• Review and process access requests from users and departments. Validate the accuracy and completeness of request information
• Ensure compliance with access control policies and procedures. Coordinate with relevant stakeholders to obtain necessary approvals
• Manage access rights and privileges, including role-based access control (RBAC) and attribute-based access control (ABAC)
• Execute manual provisioning tasks using established tools and procedures. Create, modify, or revoke user accounts in various systems. Assign appropriate roles, permissions, and entitlements. Document all provisioning activities
• Conduct regular access reviews to identify and remove unused or unnecessary access rights
• Certify that user access is aligned with current job roles and responsibilities. Implement corrective actions as needed to address access anomalies
• Ensure compliance with internal access control policies and external regulations. Identify and address potential security risks related to access provisioning. Provide guidance and training to users and departments on access management best practices
• Collaborate with IT teams, business units, and security departments to understand their access requirements
• Build and maintain positive relationships with stakeholders. Provide timely and accurate information on access provisioning activities
• Mentor a team of analysts, providing guidance, support. Assign tasks, monitor progress, and ensure deadlines are met. Foster a collaborative and productive work environment
• Conduct in-depth data analysis to uncover insights and support decision-making. Utilize advanced analytical techniques and tools to extract meaningful information from large datasets
  
  

• Manage end‑to‑end Privileged Access Management (PAM) operations, including onboarding and administration of privileged accounts, enforcement of password policies, session recording, monitoring, logging, and auditing activities across PAM platforms (Delinea, CyberArk, One Identity, BeyondTrust)
• Design, deploy, and harden PAM infrastructure, performing installation, configuration, and security hardening of all PAM components (Vault, Secret Server, Password Manager, Session Manager, PTA, HA, Backup) in line with security best practices and client requirements
• Implement authentication and directory integrations, including LDAP, SAML, RADIUS, and Active Directory, ensuring proper account onboarding, access segregation through security groups, and enforcement of privileged access controls
• Administer connectors, plugins, and security policies, troubleshooting PAM integrations, managing custom plugins, enforcing AppLocker rules, and ensuring secure and continuous connectivity to target systems
• Collaborate with cross‑functional security and IT teams, providing expertise and recommendations to strengthen privileged access security, while ensuring compliance with organizational policies, procedures, and employment terms
• Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so
  
  

• Bachelors degree in computer science, Information Technology, or equivalent
• 8+ years of experience in identity and access management, with a focus on manual provisioning
• Experience with various identity and access management tools and systems
• Solid understanding of Identity Access Management concepts
• Proficiency in data analysis tools and techniques (e.g., SQL, Python, R, Excel)
• Proven excellent organizational and time management skills
• Proven excellent problem-solving and analytical skills
• Proven solid communication and interpersonal skills
  
  

• Certifications in identity and access management or security
• Experience with automated provisioning tools and workflows
• Knowledge of industry standards and regulations related to access management (e.g., GDPR, HIPAA)