Identity and Security Systems Administrator
Job ID: 24369
Full/Part Time: Full-Time
Job Code: 0410
Department: Computing Services
Classification: Operating Systems Analyst - Career
Salary Range: $4,372/month - $9,877/month
FLSA status: Exempt
San Jose State University offers employees a comprehensive benefits package. For more information on programs available, please visit http://www.sjsu.edu/hr/benefits/
About the Position
Responsible to design, implement and administer campus-wide identity and information security systems. Primary responsibility will be to manage systems like active directory, automated identity provision using FIM, SSO service using Okta/Shibboleth, IBM Big Fix patching and more. Proactively seek feedback and make recommendations to ensure users/departments have most up to date technological solutions to perform their job and serve the university community effectively. Effective planner and strategist will interact with campus technical staff, customers and constituents to provide reliable and secure centralized services as well as document critical assets and serve as liaison/consultants to departments.
Responsibilities include, but are not limited to:
Active Directory Administration:
- System Administrator for SJSU central Active Directory. Manages security groups, group policies, user accounts, computer accounts, group policy and delegates access.
- Helps to define and execute ongoing administration and directory maintenance programs, procedures and operations including troubleshooting of system failures and ensuring business continuity.
- Manages internal DNS, updates, deletions, etc.
- Manages internal Radius service for campus Wi-Fi.
- Diagnoses, resolves, and communicates advanced problems.
Single Sign-On Application & Server Administration:
- System Administrator for external Identity Management Tools.
- Specifies Virtual Machines, installs software, patches and maintains systems in support of Identity and Security services. Implements software solutions for integration of Unix/Linux/Mac into Active Directory.
- Serves as primary server, application and support contact for Shibboleth Single Sign On application integrations.
Information Security Application Administration - System Administrator for Patch Management software:
- System Administrator for Patch Management software IBM Big-Fix
- System Administration for all IEM Servers
- Maintains minimum patch baseline for SJSU workstations and servers as per recommendation through QualysGuarad scan reports, remediate all the vulnerabilities finding in the reports, manages software inventory, implements policies, configuration changes, etc.
Automated Identity Management Application & Server Administration:
- System Administrator for MS FIM 2010 R2 servers.
- Work with Programmers and DBA team to implement management agents, modify AD/FIM Schema to accommodate customization of various FIM agents to automate user accounts/groups for Active Directory, Gmail, Shibboleth and other applications.
Computing Services Server Administration:
- System administrator for various application servers.
- Communicates with internal and external technicians, vendors, and stake holders. Diagnoses problems, proposes solutions, maintains the system, recommends and implements upgrades.
Education and Experience
Bachelor's degree, preferably in computer science, mathematics, or a related technical field, or equivalent technical training and/or experience and three years of operating systems experience.
- Minimum 3 years demonstrable experience in Microsoft Active Directory administration.
- Experience with DNS and Radius administration within Microsoft Active Directory.
- Experience with Microsoft AD Lightweight Directory Services.
Knowledge, Skills & Abilities
- Technical proficiency in Microsoft Active Directory 2016/2012 and 2008 administration including ADUC, and GPO management on the enterprise level.
- Administration of AD management through Quest AD integration tool.
- Working knowledge of DNS and Radius administration within Microsoft Active Directory.
- Working knowledge of AD organizational units, user objects, computer objects, attributes, etc.
- Demonstrated ability to determine overall functional and technical system requirements and specifications using structured design analysis techniques.
- Demonstrated ability to plan, organize and direct the work of assigned projects, and manage multiple projects simultaneously.
- Ability to maintain confidentiality and appropriately handle sensitive communications with employees and external agencies.
- Knowledge of Microsoft FIM 2010 R2 or similar Identity Management Application.
- Knowledge of Microsoft AD Lightweight Directory Services.
- Ability to communicate well with internal and external technicians.
- Knowledge of Shibboleth 3.0, SAML2, Okta and Single Sign On.
- Demonstrated ability to specify, create and administer Windows Servers.
- Ability to quickly adapt to new technologies.
- Strong communication skills.
- Working knowledge of current patch management technologies (IBM BigFix, Microsoft SCCM 2012 R2, etc.)
- Working knowledge for QualysGuard scan reporting system.
December 13, 2017
Application Screening begins January 3, 2018
Applications received before that date will receive first consideration.
This position is open until filled; however, applications received after screening has begun will be considered at the discretion of the university.
Required Application Material:
Letter of interest
List of References
Complete SJSU Online Employment Application
Please note that failure to completely fill out each section of the online application may result in your application not receiving consideration.
Note To Applicant
Every applicant who reaches the final level of interviews will be required to complete a background check. The standard background check includes: criminal check, employment and education verification. Depending on the position, a motor vehicle and/or credit check may be required. All background checks are conducted through the university's third party vendor, Accurate Background. SJSU will pay all costs associated with this procedure. Evidence of required degree(s) or certification(s) will be required at time of hire.
SJSU IS NOT A SPONSORING AGENCY FOR STAFF OR MANAGEMENT POSITIONS. (i.e. H1-B VISAS)
All San Jos State University employees are considered mandated reporters under the California Child Abuse and Neglect Reporting Act and are required to comply with the requirements set forth in CSU Executive Order 1083 as a condition of employment.
Equal Employment Statement
SJSU is an Equal Opportunity Affirmative Action employer. We consider qualified applicants for employment without regard to race, color, religion, national origin, age, gender, gender identity/expression, sexual orientation, genetic information, medical condition, marital status, veteran status, or disability.
It is the policy of SJSU to provide reasonable accommodations for applicants with disabilities who self disclose.
One Washington Square San Jose, CA 95192-0046