Staff IAM Engineer

Staff IAM Engineer ABOUT OPENLOOP OpenLoop was co-founded by CEO, Dr. Jon Lensing, and COO, Christian Williams, with the vision to bring care anywhere. Our telehealth support solutions are thoughtfully designed to streamline and simplify go-to-market care delivery for companies offering meaningful virtual support to patients across an expansive array of specialties, in all 50 states. ABOUT THE ROLE OpenLoop’s mission is to bring care anywhere by powering telehealth solutions at scale. We are seeking a Staff IAM Engineer to lead and evolve our Identity & Access Management program in a fast-paced, high-growth environment. This role combines deep technical expertise with people leadership. You will lead a small team of IAM analysts, act as a player-coach, and drive IAM strategy, architecture, and operational excellence across the organization. The ideal candidate thrives in ambiguity, collaborates cross-functionally, and brings strong knowledge of healthcare regulatory requirements including HIPAA and PHI-related IAM best practices. WHAT YOU’LL DO: Leadership & Strategy - Lead, mentor, and develop a small team of IAM analysts; serve as a hands-on technical leader. - Define and execute IAM strategy aligned with business growth and regulatory requirements. - Establish and maintain IAM governance, policies, standards, and procedures. - Partner with Security, Compliance, Engineering, IT, and Product teams to ensure secure access controls across platforms. Technical Ownership - Design, implement, and manage IAM solutions across cloud and SaaS environments. - Oversee identity lifecycle management (joiner/mover/leaver processes). - Implement RBAC/ABAC models aligned with least privilege principles. - Manage SSO, MFA, PAM, and directory services integrations. - Conduct access reviews and certifications to meet compliance requirements. - Support audit readiness (HIPAA, SOC 2, HITRUST, etc.). - Monitor IAM metrics and continuously improve automation and controls. Strategy - Ensure IAM controls align with HIPAA requirements and PHI protection standards. - Maintain documentation and evidence for audits and regulatory reviews. - Partner with Compliance and Legal to interpret regulatory requirements, towards identifying and remediating access-related risks and vulnerabilities. WHO YOU ARE: REQUIRED - 7+ years of experience in Identity & Access Management, with 2+ years in a senior or lead capacity. - Experience leading or mentoring a small team. - Strong experience with SSO, MFA, identity lifecycle management, and privileged access management. - Deep knowledge of IAM best practices in regulated healthcare environments. - Strong understanding of HIPAA, PHI safeguards, and related healthcare security standards. - Experience in cloud-native environments (AWS, Azure, or GCP). - Ability to thrive in a fast-paced startup environment with evolving priorities. - Excellent communication skills and a collaborative, positive mindset. PREFERRED - Experience supporting SOC 2, HITRUST, or similar compliance frameworks. - Familiarity with Zero Trust principles. - Relevant certifications (CISSP, CISM, CIAM, Azure/AWS Security certs, etc.). - Experience with IAM automation and infrastructure-as-code practices. OUR BENEFITS In addition, for salaried positions you would also be eligible for: - Medical, Dental, and Vision plans - Flexible Spending/Health Savings Accounts - Flexible PTO - 401(k) + Company Match - Life Insurance, Pet insurance, and more OUR COMPANY We have a relatively flat organizational structure here at OpenLoop. Everyone is encouraged to bring ideas to the table and make things happen. This fits in well with our core values of Autonomy, Competence and Belonging, as we want everyone to feel empowered and supported to do their best work. Sound like a good fit? We’d love to meet you.