We are seeking a senior Identity & Lifecycle Management & Operations to own and operate the complete identity lifecycle and IAM operations across a regulated healthcare environment. This role is accountable for strategy, governance, engineering, and day-to-day IAM operations, including Joiner–Mover–Leaver (JML), Identity Governance, and continuous improvement of IAM processes. The role will also drive AI-enabled IAM operations (AIOps) to improve efficiency, security posture, and user experience while protecting PHI and meeting healthcare compliance requirements.
Key Responsibilities
End-to-End Identity & Lifecycle Operations Ownership
• Own end-to-end Identity & Lifecycle Management (ILM) operations, covering workforce, clinical staff, third-party users, service accounts, and non-human identities.
• Act as the Operations Lead for IAM, ensuring high availability, stability, and performance of identity services.
• Define and execute the IAM operations model, including L1/L2/L3 support, on-call processes, and escalation paths.
Joiner–Mover–Leaver (JML) & Lifecycle Excellence
• Lead 24x7 operational delivery of JML processes with strong SLAs for onboarding, role changes, and offboarding.
• Ensure zero-delay de-provisioning for leavers to reduce insider and compliance risk.
• Continuously optimize lifecycle workflows to reduce manual effort, cycle time, and access errors.
Identity Governance & Administration (IGA) Operations
• Own operational health of IGA platforms (SailPoint, Saviynt, Entra ID Governance, Oracle IGA).
• Ensure timely execution of access certifications, SoD reviews, exception handling, and remediation activities.
• Monitor entitlement sprawl and drive cleanup initiatives to maintain least-privilege access.
IAM Process Optimization & Continuous Improvement
• Design, document, and enhance IAM operational processes, SOPs, and runbooks aligned to ITIL/ITSM.
• Define and track KPIs and SLAs (provisioning time, access errors, certification completion, audit findings).
• Drive automation of repetitive IAM operational tasks using workflows, scripts, and APIs.
AI-Enabled IAM Operations (AIOps)
• Identify and implement AI/ML use cases within IAM operations, such as:
• Predictive access anomaly detection
• Intelligent role recommendations and access approvals
• Automated risk-based access reviews
• Proactive detection of orphaned, excessive, or toxic access
• AI-assisted root cause analysis for IAM incidents
• Leverage analytics and AI to improve decision-making, operational efficiency, and security posture.
• Partner with security and data teams to integrate IAM telemetry into enterprise AIOps platforms.
Healthcare Security & Compliance Operations
• Ensure IAM operations comply with HIPAA, HITECH, and internal healthcare security policies.
• Support continuous audit readiness, evidence generation, and remediation tracking.
• Ensure protection of PHI through strong operational controls and monitoring.
Technology & Integration Operations
• Oversee IAM integrations with Active Directory, Azure AD / Entra ID, LDAP, cloud platforms, and healthcare applications.
• Ensure operational stability of IAM integrations with EHR/EMR systems (Epic, Cerner, Meditech).
• Manage incident, problem, and change processes related to IAM systems.
Leadership & Stakeholder Management
• Lead and manage IAM operations, engineering, and support teams.
• Act as the single point of accountability for IAM operational outcomes.
• Collaborate with HR, IT Operations, Clinical Leadership, Application Owners, Security, and Compliance teams.
• Drive operational maturity and adoption of best practices across the enterprise.
Required Skills & Experience
• 10–12 years of experience in IAM / Identity & Lifecycle Management, including operations leadership.
• Proven ownership of end-to-end JML operations in large enterprises.
• Strong experience operating and supporting IGA platforms.
• Experience in healthcare or other highly regulated environments.
• Hands-on expertise with AD, Azure AD / Entra ID, LDAP, and enterprise IAM integrations.
• Strong understanding of RBAC, SoD, access certifications, and operational governance.
• Experience with ITSM tools and ITIL-aligned operations.
• Scripting and automation experience (Java, Python, PowerShell, REST APIs).
Preferred
• Experience implementing AI / analytics use cases in IAM or security operations.
• Exposure to PAM operations (CyberArk, BeyondTrust).
• Knowledge of Zero Trust and modern identity architectures.
• Certifications (nice to have): SailPoint, Microsoft Identity, ITIL, CISSP, CISM.
Key Success Factors
• Measurable reduction in access provisioning time and operational errors.
• Improved audit outcomes and compliance posture.
• Increased automation and AI adoption within IAM operations.
• High availability and reliability of identity services.
Why GSK?
Uniting science, technology and talent to get ahead of disease together.
GSK is a global biopharma company with a purpose to unite science, technology and talent to get ahead of disease together. We aim to positively impact the health of 2.5 billion people by the end of the decade, as a successful, growing company where people can thrive. We get ahead of disease by preventing and treating it with innovation in specialty medicines and vaccines. We focus on four therapeutic areas: respiratory, immunology and inflammation; oncology; HIV; and infectious diseases – to impact health at scale.
People and patients around the world count on the medicines and vaccines we make, so we’re committed to creating an environment where our people can thrive and focus on what matters most. Our culture of being ambitious for patients, accountable for impact and doing the right thing is the foundation for how, together, we deliver for patients, shareholders and our people.
Inclusion at GSK:
As an employer committed to Inclusion, we encourage you to reach out if you need any adjustments during the recruitment process.
Please contact our Recruitment Team at IN.recruitment-adjustments@gsk.com to discuss your needs.
Important notice to Employment businesses/ Agencies
GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site.
It has come to our attention that the names of GlaxoSmithKline or GSK or our group companies are being used in connection with bogus job advertisements or through unsolicited emails asking candidates to make some payments for recruitment opportunities and interview. Please be advised that such advertisements and emails are not connected with the GlaxoSmithKline group in any way.
GlaxoSmithKline does not charge any fee whatsoever for recruitment process. Please do not make payments to any individuals / entities in connection with recruitment with any GlaxoSmithKline (or GSK) group company at any worldwide location. Even if they claim that the money is refundable.
If you come across unsolicited email from email addresses not ending in gsk.com or job advertisements which state that you should contact an email address that does not end in “gsk.com”, you should disregard the same and inform us by emailing askus@gsk.com, so that we can confirm to you if the job is genuine.