Systems Analyst Architect - Systems Access - (T227916)
Description
Compensation:
Pay Range: $94,375 - $153,355 /year
- Benefits available for eligible positions include: 100% tuition assistance, wellness initiatives, generous paid time off, paid parental leave, Public Service Loan Forgiveness Program eligible employer, plus more. In addition to our many benefits and perks, UAB Medicine provides a variety of resources to support employees both personally and professionally.
Job Highlights:
A team of more than 400 professionals, Health System Information Services (HSIS) works to keep UAB Medicine’s IT systems and infrastructure running smoothly to deliver quality care to our patients. Join our nationally ranked team at UAB Medicine, the No. 1 Best Large Employer in 2021 as ranked by Forbes magazine.
Work with the Best at UAB Medicine:
UAB Medicine is Alabama’s largest single-site employer and operates over 1,200 beds and over 200 clinics in Birmingham, Alabama. When you become part of UAB Medicine, you join a nationally ranked academic medical center committed to education and advancing medical science through research.
- U.S. News & World Report's Best Hospitals, #1 in Alabama
- America’s No. 1 Best Large Employer, Forbes, 2021
- Level I Trauma Center
- NCI-Designated Comprehensive Cancer Center, Comprehensive Transplant Institute, Comprehensive Stroke Center
Our success in patient care, innovation, and education is a direct result of our supportive and inclusive culture. Whether you are looking to start your career, fast-track your development, or diversify your skills, UAB Medicine offers avenues for advancement that other employers cannot match.
Duties
The System Access Architect collaborates with other teams, subject matter experts, and key decision-makers to design, implement, and support Access Management systems across a large health system. This role ensures secure, reliable, and seamless integration of critical hospital applications within a high-availability enterprise framework. By aligning Access Management strategy with business and clinical goals, the Architect develops scalable and secure Access Management solutions that support patient care, compliance, and hospital operations. This position requires expertise in Active Directory, Azure Active Directory (Entra ID), AD Certificate Services, SAML-based SSO configurations, and hybrid identity infrastructures.
Primary Responsibilities
- Lead the planning, architecture, and implementation of access management systems, including on-premises Active Directory and Azure-based identity services.
- Serve as the subject matter expert for enterprise identity infrastructure, ensuring secure, seamless integration across on-premises, cloud, and hybrid environments.
- Troubleshooting and resolution guidance for authentication and directory synchronization issues.
- Design and implement Azure Entra ID integrations, including B2B, B2C, Conditional Access, and Identity Protection policies to support secure access for internal and external users.
- Manage and maintain Active Directory Certificate Services (AD CS) for internal PKI, ensuring secure certificate issuance and lifecycle management.
- Evaluate and implement identity federation solutions, including cross-domain trust, SAML, and OAuth integrations for internal and vendor applications.
- Collaborate with network, security, and application teams to ensure secure, interoperable identity solutions across enterprise systems.
- Communicate complex concepts for clinical, operational, and executive stakeholders.
- Stay current on access management trends, cloud authentication frameworks, and regulatory requirements to inform architecture decisions.
- Mentor junior team members and promote best practices in access management and secure access design.
Qualifications
Minimum Qualifications
Associate's degree in Information Systems or a related field and ten (10) years of relevant experience required. Equivalent work experience may substitute for the education requirement.
Desired Qualifications
- 10+ years of enterprise identity and access architecture experience.
- Experience managing and integrating identity systems with other clinical platforms.
- Expertise in Microsoft Active Directory, including multi-domain forest design, replication, GPO management, and delegated administration.
- Proven experience architecting and supporting Azure Active Directory (Entra ID), including hybrid identity configurations, and Conditional Access.
- Hands-on experience implementing and managing Active Directory Certificate Services (AD CS), including certificate templates, auto-enrollment, and internal PKI lifecycle management.
- Strong experience configuring and troubleshooting SAML-based SSO integrations across internal and vendor-hosted applications.
- Demonstrated ability to manage directory synchronization tools (e.g., Azure AD Connect) and resolve identity replication or authentication issues.
- Proficiency in scripting (PowerShell preferred) for automation of identity tasks, reporting, and certificate management.
- Solid understanding of identity federation protocols (SAML, OAuth, OpenID Connect) and how they integrate with cloud and SaaS applications.
- Familiarity with RBAC configuration for fine-grained access control.
- Strong troubleshooting skills related to identity lifecycle issues, permissions, authentication failures, and application access.
- Awareness of current cybersecurity best practices as applied to identity systems, including MFA, Zero Trust, and least privilege principles.
- Effective communication and collaboration skills to work across infrastructure, application, and clinical teams.
- Availability for after-hours support and participation in change management or incident response activities as needed.
- Other duties as assigned.
Primary Location
: UAB Health System
Job Category
: Information Technology
Organization
: 702150000 Health System Information Services
Employee Status
: Regular
Job Level
: Mid-Level
Shift: Day/1st Shift
Read Full Description