Staff Identity and Access (IAM) Security Engineer
Henry Schein One is looking for a Staff Identity & Access Management (IAM) Security Engineer to lead the strategy, development, implementation, and ongoing maturity of our Identity and Access Management program. This role owns one or more IAM-related products and plays a critical part in protecting our systems, data, and users. This is a senior-level role that blends big-picture security strategy with hands-on execution. Youll bring security expertise, strong incident response knowledge, and the ability to influence technical and non-technical stakeholders across the organization. This position can be remote in the United States. What You Will Do
Lead and influence IAM strategy across one or more products, from design through ongoing maintenance
Mentor and guide junior engineers, setting technical direction, best practices, and standards
Design and advise on secure architectures, networks, and identity-related systems
Perform identity and access reviews, audits, and risk assessments
Own and manage Privileged Access Management (PAM) systems workflows
Partner closely with cross-functional teams at Henry Schein One to design and implement secure IAM solutions
Monitor user accounts and privileges to identify over-provisioning and excessive permissions
Stay current on emerging security trends, standards, and best practices in IAM and privileged access management
Provide leadership and act as a trusted security influencer across the organization
Communicate complex technical concepts clearly and effectively to senior leadership
Participate in IAM-related planning sessions, reviews, and operational meetings as needed
What You Will Have
Bachelors Degree in Information Security, Cybersecurity, or equivalent practical experience
8+ years of progressively responsible experience in Information Security
Knowledge of identity and access management principles, including SSO and federated identity
Hands-on experience with Microsoft Entra ID (Azure AD), Okta, or similar
Advanced understanding of authentication protocols (SAML, OAuth, OIDC, MFA)
Experience conducting identity audits and assessing access-related risk
Solid understanding of security architectures, tools, processes, and best practices
Ability to translate business drivers and priorities into effective IAM designs
Experience designing and implementing risk-based identity and access management controls aligned with enterprise security requirements
Exceptional written and verbal communication skills, with the ability to effectively engage stakeholders at all levels of the organization
Proven ability to mentor and support less experienced team members
Nice to Haves
Industry certifications such as CISSP or similar
Extensive experience with Privileged Access Management (PAM) tools
Experience integrating IAM solutions with SaaS, cloud, and on-prem environments
The posted range for this position is$130,000 - $160,000which is the expected starting salary range for an employee who is new to the role to fully proficient in the role. Many factors go into determining employee pay within the posted range including prior experience, current skills, location/labor market, internal equity, etc. This position is eligible for a bonus target not reflected in the range. What you get as a Henry Schein One Employee
A great place to work with fantastic people
A career in the healthcare technology industry, with the ability to grow and realize your full potential
Competitive compensation
Excellent benefits package Medical, Dental and Vision Coverage, 401K Plan with Company Match, Paid Time Off (PTO), Sick Leave (if applicable), Paid ParentalLeave, Short Term Disability, Income Protection, Work Life Assistance Program, Health Savings and Flexible Spending Accounts,Education Benefits, Worldwide Scholarship Program, Volunteer Opportunities, and more
About Henry Schein One Henry Schein One is the global leader in dental management, analytics, communication, and marketing software. Our companys products and services work together as one simple solution to provide users with a seamless and integrated experience. Our company thrives because of our people. We believe in supportive, diverse, and inclusive workforce, inclusive environments, professional development opportunities, and competitive compensation packages. We value innovation, teamwork, and encourage work-life balance. One of many reasons why Henry Schein One leads the industry is because of our products, services and most importantly, our people. In 2022, Henry Schein One was named one of Best Companies to Work for in Utah. Click here for more information:2022 Best Companies to Work For | Henry Schein One Henry Schein, Inc. is an Equal Employment Opportunity Employer and does not discriminate against applicants or employees on the basis of race, color, religion, creed, national origin, ancestry, disability that can be reasonably accommodated without undue hardship, sex, sexual orientation, gender identity, age, citizenship, marital or veteran status, or any other legally protected status. Unfortunately, Henry Schein One is not currently hiring individuals residing in Alaska, Delaware, Hawaii, Louisiana, Nebraska, North Dakota,Rhode Island,South Dakota,Vermont, West Virginia, Washington DC, orPuerto Rico and other US Territories.
About the job
Apply for this position
Staff Identity and Access (IAM) Security Engineer
Henry Schein One is looking for a Staff Identity & Access Management (IAM) Security Engineer to lead the strategy, development, implementation, and ongoing maturity of our Identity and Access Management program. This role owns one or more IAM-related products and plays a critical part in protecting our systems, data, and users. This is a senior-level role that blends big-picture security strategy with hands-on execution. Youll bring security expertise, strong incident response knowledge, and the ability to influence technical and non-technical stakeholders across the organization. This position can be remote in the United States. What You Will Do
Lead and influence IAM strategy across one or more products, from design through ongoing maintenance
Mentor and guide junior engineers, setting technical direction, best practices, and standards
Design and advise on secure architectures, networks, and identity-related systems
Perform identity and access reviews, audits, and risk assessments
Own and manage Privileged Access Management (PAM) systems workflows
Partner closely with cross-functional teams at Henry Schein One to design and implement secure IAM solutions
Monitor user accounts and privileges to identify over-provisioning and excessive permissions
Stay current on emerging security trends, standards, and best practices in IAM and privileged access management
Provide leadership and act as a trusted security influencer across the organization
Communicate complex technical concepts clearly and effectively to senior leadership
Participate in IAM-related planning sessions, reviews, and operational meetings as needed
What You Will Have
Bachelors Degree in Information Security, Cybersecurity, or equivalent practical experience
8+ years of progressively responsible experience in Information Security
Knowledge of identity and access management principles, including SSO and federated identity
Hands-on experience with Microsoft Entra ID (Azure AD), Okta, or similar
Advanced understanding of authentication protocols (SAML, OAuth, OIDC, MFA)
Experience conducting identity audits and assessing access-related risk
Solid understanding of security architectures, tools, processes, and best practices
Ability to translate business drivers and priorities into effective IAM designs
Experience designing and implementing risk-based identity and access management controls aligned with enterprise security requirements
Exceptional written and verbal communication skills, with the ability to effectively engage stakeholders at all levels of the organization
Proven ability to mentor and support less experienced team members
Nice to Haves
Industry certifications such as CISSP or similar
Extensive experience with Privileged Access Management (PAM) tools
Experience integrating IAM solutions with SaaS, cloud, and on-prem environments
The posted range for this position is$130,000 - $160,000which is the expected starting salary range for an employee who is new to the role to fully proficient in the role. Many factors go into determining employee pay within the posted range including prior experience, current skills, location/labor market, internal equity, etc. This position is eligible for a bonus target not reflected in the range. What you get as a Henry Schein One Employee
A great place to work with fantastic people
A career in the healthcare technology industry, with the ability to grow and realize your full potential
Competitive compensation
Excellent benefits package Medical, Dental and Vision Coverage, 401K Plan with Company Match, Paid Time Off (PTO), Sick Leave (if applicable), Paid ParentalLeave, Short Term Disability, Income Protection, Work Life Assistance Program, Health Savings and Flexible Spending Accounts,Education Benefits, Worldwide Scholarship Program, Volunteer Opportunities, and more
About Henry Schein One Henry Schein One is the global leader in dental management, analytics, communication, and marketing software. Our companys products and services work together as one simple solution to provide users with a seamless and integrated experience. Our company thrives because of our people. We believe in supportive, diverse, and inclusive workforce, inclusive environments, professional development opportunities, and competitive compensation packages. We value innovation, teamwork, and encourage work-life balance. One of many reasons why Henry Schein One leads the industry is because of our products, services and most importantly, our people. In 2022, Henry Schein One was named one of Best Companies to Work for in Utah. Click here for more information:2022 Best Companies to Work For | Henry Schein One Henry Schein, Inc. is an Equal Employment Opportunity Employer and does not discriminate against applicants or employees on the basis of race, color, religion, creed, national origin, ancestry, disability that can be reasonably accommodated without undue hardship, sex, sexual orientation, gender identity, age, citizenship, marital or veteran status, or any other legally protected status. Unfortunately, Henry Schein One is not currently hiring individuals residing in Alaska, Delaware, Hawaii, Louisiana, Nebraska, North Dakota,Rhode Island,South Dakota,Vermont, West Virginia, Washington DC, orPuerto Rico and other US Territories.