Sr. Security Analyst, Identity Access Management

Description

Protecting our users' privacy and securing our data is critical to us at Lyra Health. This role will drive identity lifecycle management, identity governance and administration, and own the IAM strategy. The ideal candidate will be able to self-organize and work cross-functionally (with legal, product, engineering, data, clinical, and other business teams) to lead business efforts while enabling appropriate access levels. This role reports to the Head of Security.

This role can be carried out from our Burlingame, CA headquarters, hybrid, or fully remote/virtually. Remote candidates must be physically located within the United States.

Responsibilities

Design and Implementation of Role Based Access Controls, Multi-Factor authentication, conditional access policies, and adaptive IAM based on organization requirements using risk based approach

Leverage various IAM technologies (such as Okta, other ID/SaaS management tools) to verify or audit necessity and scope of individual or group access

Process system access requests for a variety of business and technology applications, per internal procedure/policy and SLAs, furthering Lyra’s identity lifecycle management

Participate in team discussions to offer additional perspectives and knowledge

Active identification and management of internal and external IAM risks and opportunities for improvement

Analyze and improve operational effectiveness as well as defining and upholding program objectives and access control standards

Serve as SME for IAM related controls and activities

Qualifications

5+ years of relevant professional experience working within an organization in the areas of security, privacy, data protection and/or data governance

Knowledge of the principles, practices and techniques of security and access control

Proficiency in IAM technologies/solutions, such as identity governance, privileged access management, single sign-on, multi-factor authentication and how they integrate with other IT functions

Functional abilities in SQL and database level access

Excellent, effective communication skills (both written and oral)

Bachelor's degree in a related field, or equivalent experience with relevant industry certification (CISSP, Sec+, GSEC, or other comparable certificates)

Strong understanding of security domains outside of access control, such as Incident Response, BC/DR, network security design and architecture, endpoint protection, SSO, vulnerability management, intrusion detection, risk management, data loss prevention, and forensics.

Preferred Qualifications

Working knowledge of Amazon Web Services and knowledge of cloud security concepts

Past contributions to developing Information Technology and Information Security policies and controls in a regulated environment – Health Information Trust Alliance (HiTrust), SOC 2, ISO, SOX, and experience with other frameworks

Diversity & Inclusion at Lyra

Diversity, equity, inclusion, and belonging (DEIB) at Lyra is essential to the way we deliver culturally responsive care, build and manage our provider network, and support holistic efforts to strengthen DEIB in workplaces around the world—including our own.

People come to Lyra with a range of needs, backgrounds, and abilities that influence their response to mental health support. Our diverse network of providers delivers comprehensive mental health treatment and support rooted in culturally responsive care, a multicultural approach that accounts for the impact of cultural backgrounds on each person’s care experience.

Learn more at https://www.lyrahealth.com/diversity-equity-inclusion-belonging/