Description
Position SummaryUniversity Information Systems (UIS) provides technical services and enterprise applications to the University of Colorado’s (CU) four campuses and the Office of the President. UIS is committed to excellence in customer service, technical expertise, and the development of enterprise applications responsible for supporting CU’s students, faculty, human resources employees, finance employees, and others.

The Identity Access Management (IAM) Security Technician provides operational, project, and initiative support for all aspects of Enterprise Application Security services and products. Accountabilities include service request and release management for application security items and operational routine maintenance for application security items. This position must effectively conduct this work while proactively identifying opportunities for improvement and provide support following the implementation of improvements.

The IAM Security Technician reports to the Assistant Director of Identity Management and is exempt from the State of Colorado Classified Staff System.

Duties and ResponsibilitiesDuties and responsibilities of the position include, but are not limited to: 

University ERP Systems Security Technician:

• Conduct operational support and request resolution across IAM products
• Maintain standards, procedures, and methodologies for effective operation, access, and control of CU Enterprise Resource Planning (ERP) applications
• Establish system access to system resources by issuing identity account credentials
• Develop system enhancements for automation, operational support, and system analysis
• Develop scripts and processes to better help with automated access provisioning and policies
• Develop scripts and queries to analyze security vulnerabilities and gaps within our ERP systems
• Support yearly system audits for users, roles, and access protocols across our ERP systems

IAM Strategy & Innovation:

• Act as a strategic IAM resource for department initiatives:
  • University Testing (Quality Assurance [QA]) Strategies
  • Enterprise Database Access
  • Data Warehouse and Active Directory User and Service accounts
  • IAM Webpage Admin
• Document access services alongside our Office of Information Security (OIS) and in coordination with university and departmental university data governance guidelines and service strategy frameworks
• Liaise with development teams and CU stakeholders regarding identity governance best practices across the University
• Consult on and support cross-campus, cross-department, and university enterprise system initiatives and projects for IAM services
• Participate in Waterfall and Agile Projects within Team Dynamix
• Coordinate environment refreshes and enhancements for system initiatives and projects
• Harmonize with CU stakeholders to align campus and system level initiatives and projects to help streamline processes and user experiences across the university’s systems
• Converse with end users, information technology (IT) units, and other CU stakeholders for system enhancements and process improvements

IAM Operations & Documentation:

• Provide elevated tier 2 analytical and operational support for university account management and authorization issues
• Document and log IAM issues
• Create and continuously develop the System Administration Knowledge Base for supporting IAM services
• Provide support, training, and analysis to CU stakeholders for IAM services
• Execute automated and manual onboarding and termination processes
• Perform application group analyses and account provisioning processes
• Complete reporting and analytics related to the provisioning and de-provisioning of accesses as well as account management and authorization

Applications Used: 

• Microsoft Active Directory
• PingFederate
• Oracle Internet Directory/Oracle Unified Directory
• Oracle Identity Manager
• PeopleSoft HCM
• PeopleSoft Finance
• PeopleSoft Interaction Hub
• Salesforce
• PeopleSoft Campus Solutions
• Phire (Application Change Management)
• DUO Multifactor Authentication
• Cognos Reporting

Applications Administered: 

• PeopleSoft Security HCM
• PeopleSoft Finance Security
• PeopleSoft Campus Solutions
• Oracle Internet Directory/Oracle Unified Directory
• Oracle Identity Manager
• Microsoft Active Directory
• Ping Identity
• DUO Multi-factor

Who we are:

System Administration, which also houses the Office of the President, is located in the uptown neighborhood of Denver with a few smaller offices located on the campuses.  However,  this position has the ability to work remotely. Many of our departments support the educational and research missions of the four University of Colorado campuses, but System Administration is not considered a campus. We provide diverse opportunities for professional development, innovation, and collaboration with talented staff and faculty.  Learn more about CU System Administration.

The University of Colorado has been proactive in response to the COVID-19 pandemic. You can visit our COVID-19 webpage for more information.

What we offer:

Salary: The anticipated hiring salary range has been established at $65,000 - $72,124.

The market salary range for this position is $65,000 - $80,300.

The salary of the finalist selected for this role will be set based on a variety of factors, including but not limited to, internal equity, experience, education, specialty and training.

The above salary range (or anticipated hiring range) represents the University’s good faith and reasonable estimate of the range of possible compensation at the time of posting.

Benefits: The University of Colorado offers an excellent benefits package including:

• Medical: Multiple plan options
• Dental: Multiple plan options
• Additional Insurance: Disability, Life, Vision and Wellness
• Retirement 401(a) Plan: Employer contributes 10% of your gross pay
• Paid Time Off: Accruals over the year
  • Vacation Days: 22
  • Sick Days: 15
  • Holiday Days: 10
• Tuition Benefit: System employees have the benefit on all campuses 
• ECO Pass: RTD Bus and light rail service
• Additional Perks & Programs: Click here to access a few more Perks and Programs

Click here to access our Total Compensation Calculator to see what your total rewards could be at CU. This position is a University Staff position.

Additional taxable fringe benefits may be available.

More information on benefits programs, including eligibility, is available at www.cu.edu/employee-services/.

Knowledge, Skills, and AbilitiesTo be successful in this position, candidates will need the following:

• Knowledge of identity and access management and authorization structures, policies, and best practices.
• Knowledge of information technology systems and support practices.
• Knowledge of information technology service management (ITSM) principles and best practices
• Knowledge of Accessibility, Universal Design, and/or User Experience Design standards and best practices.
• Knowledge of cybersecurity and privacy principles and best practices.
• Knowledge of common computer operating systems and computer networking fundamentals.
• Technical computer skills, including the ability to assess complex data, utilize common operating systems, learn new software programs, and understand programming languages (e.g. SQL, Java, C++, Python)
• Organizational skills, including the ability to set and meet goals and deadlines, manage appointments, create schedules, coordinate and facilitate meetings, and make decisions.
• Oral, written, and listening communication skills, including the ability to accurately interpret what others are saying and convey messages, information, concepts, and details accurately and clearly.
• Analytical and prblem-solving skills, including the ability to examine and summarize data and trends in order to resolve issues and produce results
• Ability to collect and document business needs and translate that information into technical specifications with the intention that they can be easily understandable to the target audience.
• Ability to learn and apply new technologies
• Ability to prepare reports and briefings that can be understood by a variety of technical and non-technical audiences.
• Ability to identifying security risks and how they impact the organization.
• Ability to work independently and under pressure, to manage multiple concurrent tasks and responsibilities, and to deal with changing priorities, while maintaining personal effectiveness. 
• Ability to self-start and take initiative in completing daily tasks and special projects.
• Ability to focus on activities that have the greatest impact on meeting work commitments.

Qualifications
Minimum Requirements

• Bachelor’s degree from and accredited institution of higher education, or equivalent professional experience (professional experience may be substituted for the educational requirement on a year-for-year basis)
•  One (1) year of experience providing identity access management support, which may include one or more of the following:
  • Provisioning and de-provisioning access to ERP applications
  • Providing analytical and operational support related to IAM
  • Implementing and/or developing system enhancements, scripts, and queries to identify security vulnerabilities and/or gaps.

Preferred Qualifications

• Two (2) years of experience providing identity access management support, as indicated above.

Job Category: Information Technology
Primary Location: Denver
Schedule: Full-time
Posting Date: Apr 2, 2021
Unposting Date: Ongoing