Bausch Health Jobs

Mobile bausch-health Logo

Job Information

Bausch Health IAM Architecture Manager, Identity and Access Management in Madison, New Jersey

IAM Architecture Manager, Identity and Access Management (8255)

Career Opportunities: IAM Architecture Manager, Identity and Access Management (8255)

Requisition ID 8255 - Posted - Management - IT - US - Bridgewater, NJ - City (33)

Bausch Health is a global company that develops, manufactures and markets a differentiated product portfolio across multiple high-growth therapeutic areas including Gastroenterology, Generics, Neurology, Ortho Dermatologics and Dentistry. We are delivering on our commitments as we build an innovative company dedicated to advancing global health. Each day, Bausch Health products are used by over 150 million people around the world.

Our approximately 7,000 employees are united around our mission of improving people’s lives with our health care products.

Identity and Access Management (IAM) Architecture Manager will ensure that IAM solutions will meet business requirements and strategy direction for the long term in a secure, cost-effective way leading the overall IAM transformation at Bausch Health. The IAM Architecture Manager will be empowered to identify, architect, and drive solutions utilized by security and operational teams with a focus on enterprise IAM solutions, but also including Device Access and security, Mobile Device, BYOD, Identity Governance tools, monitoring, and processes that will ensure that only authorized users, devices, or programs have appropriate access to access to enterprise systems and data. This role will also work closely with a team of highly skilled security architects collaboratively working to continuously improve our security posture by identify risks, technology gaps, and process inefficiencies in all areas of security.


  • Own Identity and Access capabilities and their features from both a strategic vision and technical execution.

  • Drive and evangelize the corporate strategy for identity features including user provisioning, multi-factor authentication (MFA), API authentication, Privileged Access Management (PAM), Single Sign-On (SSO), on-premise Active Directory Federation Services (ADFS), and ADFS in Azure.

  • Work with other functional groups such as Human Resources, Legal, and License management teams for integration and normalization of identity data across different platforms.

  • Engage directly with internal customers to understand needs and validate priorities.

  • Lead the program to define requirements and drive implementation of automated account provisioning, validation, and anomalous account detection.

  • Develop and improve processes and workflows related to the identity lifecycle including user provisioning and de-provisioning, management of identity and licensing groups, granting, and removing system and application access, and account termination, with a focus on efficiency, security, effectiveness, and improving the user experience.

  • Work closely with the IAM operations team to identify gaps in IAM, provide instructional guidance with documentation on process and workflow changes, and investigate to resolution complex privacy, security, and access management problems.

  • Develop and direct IAM Security Administration team in the investigation and resolution of complex privacy, security, and access management problems.

  • Manage team responsible for privileged account management (PAM) technologies, password vaulting and controls, and remote access for vendors and consultant.

  • Lead design and development resources in executing on IAM initiatives.

  • Work with Information technology groups to develop and improve device access controls, including policies, conditional access, MDM/MAM, application access and device security.

  • Work with infrastructure technology groups and review and improve process and security controls related to Azure AD, Active Directory, security, AADConnect and other access security technologies.

  • Identify and document business requirements while prioritizing the overall security posture of the company.

  • Utilize technical and business knowledge to support secure, risk-based practices, exercising judgment within broadly defined security practices and policies.

  • Understand, follow, and implement enterprise access standards, baselines, security procedures, and related policies.

  • Help drive buy/build/partner decisions for tools as necessary.

  • Develop and use metrics and data analysis to drive informed decisions, and to clearly communicate necessary information to senior management.

  • Manage one or more individuals.


  • 7+ years working in information technology.

  • BS in Computer Science, Information Systems, a related technical field, or the equivalent network and security experience.

  • 5+ years of experience with Active Directory and Lightweight Directory Access Protocol (LDAP).

  • 5+ years of experience with Single Sign-On (SSO), Identity Federation, Identity Lifecycle Management, and Role Based Access Control (RBAC) concepts.

  • Experience with Azure identity and Access Management Solutions and/or other Cloud Identity management solutions.

  • Knowledge of SailPoint, Saviynt, ServiceNow or other Identity Management technologies that expand access management capabilities and enhance Azure AD IAM solutions a plus.

  • Experience with Azure Intune, MDM, MAM, Application controls, and Conditional access policies.

  • Experience with modern authentication protocols including Security Assertion Markup Language (SAML), OAuth, system (PRT) and browser token authentication methods.

  • Experience with PowerShell scripting, automation, SQL and other tools and techniques to maintain identity normalization across disparate platforms and identify inconsistencies in the identity landscape.

  • Up-to-date knowledge of the Identity Management landscape including awareness of new or revised solutions, improved security processes and developments in new identity-related cyberattacks and threat vectors.

  • Demonstrated experience leading and participating in troubleshooting, managing, and solving issues related to identities, systems, access, accounts, authentication, authorization, entitlements, and permissions.

  • Demonstrated experience working with cross-functional teams and guiding, leading, and driving projects and technology initiatives to completion.

  • Good knowledge of Azure Environment and permissions required to access Azure cloud components such as tenants, subscriptions, objects, and access to application environments such as PowerBI, SQL, and Devops.

  • Good knowledge of advanced authentication concepts like Multifactor Authentication (MFA), Access control lists (ACL), (Risk Adaptive-Based Access Control( RAdAC), Attribute based authentication controls (ABAC) and Location awareness

  • Good knowledge of conditional access policies, managed service accounts, managed service principles, and Key Vaults

  • Good understanding of encryption, crypto, and security certificates.

  • Good verbal and written negotiation, presentation, and interpersonal skills.

  • Self-motivated, self-directed, and detail oriented.

  • Ability to communicate well with other team members and employees worldwide.

This position may be available in the following location(s): US - Bridgewater, NJ

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

Job Applicants should be aware of job offer scams perpetrated through the use of the Internet and social media platforms.


Bausch Health is an EEO/AA employer M/F/D/V.