Identity and Access Management Administrator
Role details
Job location
Tech stack
Job description
Cloud Second Level Support CAN ACT! Administration MS Access ITIL Make Innovation RESTful Customer Relationship Entwicklungsumgebungen MOST TARGET Security Software-Engineering MS Azure across Übersetzungssoftware Mobile App PowerShell Python Analyse Systems Management Support DevOps Management Engineering ADA, The primary purpose of this position is to participate in the technical system design, deployment, and management of ITS and customer identity and access solutions, along with maintaining a coordinated register of centrally managed attribute and role-based access controls. In addition, this position will ideate novel solutions to multi-faceted identity complexes to safeguard critical and confidential information belonging to the university. This position will participate in the discovery of new technologies and implementation and configuration of systems and applications in support and optimization of Identity Governance and Role-Based Access Control (RBAC). This position will provide knowledge of the interactions between technologies and applications across product lines.
This position examines external and internal technology, long-term trends, and implications of alternative approaches, and articulates those concepts to other internal staff. This position will utilize in-depth knowledge of software engineering, cloud technologies, and data engineering to define target architectures, patterns, and processes in support of customer identity and access solutions. This position will lead and/or support tool and technology selection and drive standardization and reuse of industry-leading technology across the organization. This position will lead and/or support the evaluation and selection process for application packages to satisfy solution requests and related university needs.
This position collaborates with ITS Enterprise Systems management in setting guidelines and standards to ensure systems are consistent with ITS' and UNCG's long-term strategies. This position provides technical direction to project teams and understands and can explain the interrelationship of multiple concepts, and can translate these concepts, ideas, and situations into clear, understandable, and simple terms.
UNC Greensboro has invested in transforming its Identity and Access Management functions into a strategic program with modern tooling and robust governance. It has selected SailPoint as its foundation to complement Grouper, Entra, and Shibboleth IdP.
This position will participate in the technical system design, deployment, and management of identity and access solutions to implement governance, provisioning, authentication, and distributed management. This position will participate in the design, implementation, and configuration of systems and applications to achieve Identity Governance and Administration (IGA) and Role-Based Access Control (RBAC), and provide knowledge of the interactions between technologies and applications and the data flow across system boundaries., Key Responsibility Technical Solution Development Essential Tasks
-
Serve as an active team member in the selection, application, analysis, implementation, and management of technology to support the provisioning and deprovisioning of identities that are needed to interact with the electronic resources of the institution.
-
Seamlessly integrate solutions with technically complex systems that have a broad enterprise-wide impact.
-
Assist in the translation of functional goals to technical plans.
-
Provide feedback to team members, customers, and leadership regarding variance from set standards.
-
Assist with the development, implementation, and support of RBAC.
-
Ensure all evidence of authorization is documented and archived according to internal standards.
-
Manage directory account permissions via RBAC.
-
Act as the subject matter expert for Identity Governance and RBAC Percentage Of Time 20% Key Responsibility Technical Planning, Organization, and Reporting Essential Tasks
-
Assist in long-term project planning and operation planning in the institutions' IAM environment.
-
Prepare or maintain project and operational tasks that accompany the appropriate development/management lifecycle.
-
Develop and maintain detailed documentation on standard operating procedures, system configurations, and technical settings for internal team use, end user support, and other ITS teams as needed.
-
Coordinate with stakeholders to understand role-specific requirements and implement solutions accordingly.
-
Generate reports to perform in-depth analysis and data collection for issues associated with IAM.
-
Perform regular security assessments and audits to identify and mitigate vulnerabilities. Percentage Of Time 15% Key Responsibility Technical Support Essential Tasks
-
Apply knowledge and skills to analyze and troubleshoot complex problems.
-
Support ITS and University IT team members in resolving complex technical issues related directly or indirectly to customer identity and access solutions.
-
Develop and maintain technical documentation in a timely manner.
-
Provide second-level support to end-users, addressing and resolving issues related to system access and performance. Percentage Of Time 10% Key Responsibility Customer Service Essential Tasks
-
Promote a positive customer relationship.
-
Assist customers with defining requirements, solutions, and responding to issues in an effective manner.
-
Assist in training ITS and University IT team members on system functionalities and best practices. Percentage Of Time 5% Key Responsibility Professional Development Essential Tasks
-
Maintain a thorough knowledge of the IAM / IAG landscape.
-
Stay up to date on technology trends, changing tools, mandates, policies, and standards.
-
Attend professional development sessions, where applicable and cost-effective - which may include offsite week-long and/or virtual training sessions.
ADA Checklist
ADA Checklist
R for Rare (0-30%), O for Occasional (30-60%), F for Frequent (60-90%), C for Constant (90-100%). Physical Effort Hand Movement-Repetitive Motions - F, Reading - f, Writing - f, Hearing - f, Talking - f Work Environment Inside - c
Applicant Documents
Required Documents 1. Resume/CV 2. Cover Letter 3. List of References
Optional Documents 1. Reference Letter 1 2. Reference Letter 2 3. Reference Letter 3, * Anforderungspriorisierung, Architektur, Audits, Automatisierung, Benutzerunterstützung, Beurteilungen Durchführen, Cloud Computing, Datenbank-Schema, Datensammlung, Devops, Erstellung von Reports, Föderierte Identität, Governance, ITIL, Identitätsmanagement, Information Engineering, Integration (Software), Kundenbeziehungsmanagement (CRM), Kundendienst, Lifecycle Management, Microsoft Azure, Montage und Demontage, Openid, Privilegierte Zugriffsverwaltung, Produktlinie, Projektplanung, Python, Recruiting, Restful APIs, Role Based Access Control, SailPoint, Saml, Scripting, Single Sign-On, Softwareentwicklung, Standardverfahren, Streaming, System Design, Systemadministration, Technische Dokumentation, Technische Leitung, Technische Überwachung, Technischer Support, Vertraulichkeit, Webhooks, Windows Powershell, Workflows, Zutrittskontrollsysteme
Persönliche Fähigkeiten
- Führungskompetenz, Koordinierend, Problemanalyse
Schulabschluss
- Bachelor
Requirements
- Mid-career with Masters and 1-2 yrs experience.
- Bachelor's and 2-4 yrs experience; or equivalent combination of education/experience.,
- Bachelor's Degree with 3 - 5 years of experience in Identity and access management, or equivalent combination of education/experience.
- 5 years of working within a complex identity lifecycle management environment, including user and group synchronization.
- Working understanding of modern database schema design.
- Working understanding of MFA, conditional access, and zero-trust architecture.
- Knowledge of Single Sign-on protocols such as SAML or OIDC.
- Ability to implement federated identity management (IdP and SPs).
- 3+ years of experience with cross-platform provisioning/de-provisioning workflows.
- Working knowledge of SCIM standards.
- Proficient in RBAC and ABAC access control practices.
- Working understanding of Privileged Access Management (PAM) and the principle of least privilege.
- Working understanding of using RESTful APIs and webhooks for integrations and automation.
- Proficient in scripting languages such as PowerShell and Python.
- 5+ years of experience in a centralized access management platform.
- Proficient in DevOps and ITIL concepts.
- Experience with deploying services that make use of the Azure cloud platform.
- 5 years of domain experience in higher education or research.
