IAM Security Administrator

Job description

DescriptionUniversity Information Systems (UIS) provides technical services and enterprise applications to the University of Colorado’s (CU) four campuses and the Office of the President. UIS is committed to excellence in customer service, technical expertise, and the development of enterprise applications responsible for supporting CU’s students, faculty, human resources employees, finance employees, and others.

The Identity Access Management (IAM) Security Administrator provides operational and project support for all aspects of Enterprise Application Security activities and initiatives. This includes project and release management for application security items, as well as operational maintenance for application security items. This position must effectively conduct this work while proactively identifying opportunities for improvement and leading the implementation of those improvements.

The IAM Security Administrator reports to the Assistant Director of Identity Management and is exempt from the State of Colorado Classified Staff System.

Duties and ResponsibilitiesDuties and responsibilities of the position include, but are not limited to: 

University ERP Systems Security Administrator:

  • Maintain standards, procedures, and methodologies for effective operation, access, and control of CU Enterprise Resource Planning (ERP) applications
  • Gather requirements with functional and technical stakeholders for ERP single sign-on (SSO) architecture (e.g. Security Assertion Markup Language [SAML] and OAUTH authentication protocols)
  • Develop system enhancements for automation, operational support, and system analysis
  • Develop scripts and processes to better help with automated access provisioning and policies
  • Develop scripts and queries to analyze security vulnerabilities and gaps within our ERP systems
  • Support yearly system audits for users, roles, and access protocols across our ERP systems
IAM Strategy & Innovation:

  • Help formulate strategic roadmaps for current and new systems related to IAM services
  • Act as a strategic IAM Lead for department initiatives:
    • University Testing (Quality Assurance [QA]) Strategies
    • Enterprise Database Access
    • Data Warehouse and Active Directory User and Service accounts
    • IAM Webpage Admin
  • Document access services alongside our Office of Information Security (OIS) and in coordination with university and departmental university data governance guidelines and service strategy frameworks
  • Liaise with development teams and CU stakeholders regarding identity governance best practices across the University
  • Consult on and support cross-campus, cross-department, and university enterprise system initiatives and projects for IAM services
  • Participate in Waterfall and Agile Projects within Team Dynamix
  • Coordinate environment refreshes and enhancements for system initiatives and projects
  • Coordinate with CU stakeholders to align campus and system level initiatives and projects to help streamline processes and user experiences across the university’s systems
  • Coordinate with end users, information technology (IT) units, and other CU stakeholders for system enhancements and process improvements
IAM Operations & Documentation:

  • Provide elevated tier 3 analytical and operational support for university account management and authorization issues
  • Document and log IAM issues
  • Create and continuously develop the System Administration Knowledge Base for supporting IAM services
  • Provide support, training, and analysis to CU stakeholders for IAM services
  • Oversee automated and manual onboarding and termination processes
  • Perform application role analyses and account provisioning processes
  • Complete reporting and analytics related to the provisioning and de-provisioning of access as well as account management and authorization
Applications Used: 

  • Microsoft Active Directory
  • PingFederate
  • Oracle Internet Directory/Oracle Unified Directory
  • Oracle Identity Manager
  • Toad (Oracle Database)
  • PeopleSoft HCM
  • Finance
  • Enterprise Portal
  • Customer Relationship Management (CRM)
  • Campus Solutions
  • Phire (Application Change Management)
  • DUO Multifactor Authentication
  • Cognos Reporting
  • u.achieve Degree Audit
  • ISSS
Applications Managed: 

  • PeopleSoft Security for HCM
  • Finance
  • Enterprise Portal
  • CRM
  • Campus Solutions
  • Phire (Application Change Management)
  • Oracle Internet Directory/Oracle Unified Directory
  • Oracle Identity Manager
  • Microsoft Active Directory
  • FEDPROD DB
  • Ping Identity
  • ERP Firewall
  • DUO Multi-factor
Who we are: System Administration, which also houses the Office of the President, is located in the uptown neighborhood of Denver with a few smaller offices located on the campuses.  However, this position has the ability to work remotely. Many of our departments support the educational and research missions of the four University of Colorado campuses, but System Administration is not considered a campus. We provide diverse opportunities for professional development, innovation, and collaboration with talented staff and faculty.  Learn more about CU System Administration.

The University of Colorado has been proactive in response to the COVID-19 pandemic. You can visit our COVID-19 webpage for more information.

What we offer:

Salary: The budgeted salary has been established at $80,340

The established salary range for this position is $72,331 - $89,239. 

Benefits: The University of Colorado offers an excellent benefits package including:

  • Medical: Multiple plan options
  • Dental: Multiple plan options
  • Additional Insurance: Disability, Life, Vision and Wellness
  • Retirement 401(a) Plan: Employer contributes 10% of your gross pay
  • Paid Time Off: Accruals over the year
    • Vacation Days: 22
    • Sick Days: 15
    • Holiday Days: 10
  • Tuition Benefit: System employees have the benefit on all campuses 
  • ECO Pass: RTD Bus and light rail service
  • Additional Perks & Programs: Click here to access a few more Perks and Programs
Click here to access our Total Compensation Calculator to see what your total rewards could be at CU. This position is a University Staff position.

More information on benefits programs, including eligibility, is available at www.cu.edu/employee-services/.

Knowledge, Skills, and Abilities:To be successful in this position, candidates will need the following:

  • Knowledge of identity and access management and authorization structures, policies, and best practices
  • Knowledge of information technology systems and support practices
  • Knowledge of information technology service management (ITSM) principles and best practices
  • Knowledge of Accessibility, Universal Design, and/or User Experience Design standards and best practices
  • Knowledge of cybersecurity and privacy principles and best practices
  • Knowledge of common computer operating systems and computer networking fundamentals
  • Technical computer skills, including the ability to assess complex data, utilize common operating systems, learn new software programs, and understand programming languages (e.g. SQL, Java, C++, Python)
  • Organizational skills, including the ability to set and meet goals and deadlines, manage appointments, create schedules, coordinate and facilitate meetings, and make decisions
  • Oral, written, and listening communication skills, including the ability to accurately interpret what others are saying and convey messages, information, concepts, and details accurately and clearly
  • Analytical and problem-solving skills, including the ability to examine and summarize data and trends in order to resolve issues adn produce results 
  • Ability to collect and document business needs and translate that information into technical specifications with the intention that they can be easily understandable to the target audience
  • Ability to learn and apply new technologies
  • Ability to prepare reports and briefings that can be understood by a variety of technical and non-technical audiences
  • Ability to identifying security risks and how they impact the organization
  • Ability to work independently and under pressure, to manage multiple concurrent tasks and responsibilities, and to deal with changing priorities, while maintaining personal effectiveness
  • Ability to self-start and take initiative in completing daily tasks and special projects
  • Ability to focus on activities that have the greatest impact on meeting work commitments


QualificationsMinimum Requirements
  • Bachelor’s degree from and accredited institution of higher education, or equivalent professional experience (professional experience may be substituted for the educational requirement on a year-for-year basis)
  • Three (3) years’ experience supporting identity and access management for enterprise systems in a large and distributed enterprise. This work may include one or more of the following:
    • Security configuration experience (e.g. User Profile Management, Roles and Permission Lists, Query Security, Row Level Security, and Application Specific security)
Preferred Qualifications
  • Five (5) years’ experience supporting identity and access management for enterprise systems, as indicated above. This may also include:
    • Relational database systems and SQL experience
    • Experience with business process analysis, gathering and/or writing functional requirements, and testing 
    • PeopleSoft Campus Solutions, HR, Finance, Enterprise Portal, and/or CRM experience
    • Experience with security in PeopleSoft upgrades and/or implementations
    • Experience with Identify Management systems such as Oracle Identity Manager or Sun Identity Manager


Job Category: Information Technology
Primary Location: Denver
Schedule: Full-time
Posting Date: Dec 21, 2020
Unposting Date: Ongoing

 

 

 

Diversity Profile: University

 

AAUP COMPENSATION SURVEY DATA

View more

Learn more on Inside Higher Ed's College Page for University

Arrow pointing right
Job No:
Posted: 12/22/2020
Application Due: 1/28/2021
Work Type: Full Time
Salary: