Identity Management Specialist (Analyst/Programmer, Expert) (10572)

  • San Francisco
  • San Francisco, California
  • Jul 01, 2020
Full Time Administrative Analysis and Research

Job Description

Description:
Working Title
Identity Management Specialist
.
SF State University
San Francisco State is an Equal Opportunity Employer and does not discriminate against persons on the basis of race, religion, color, ancestry, age, disability, genetic information, gender, gender identity, gender expression, marital status, medical condition, National origin, sex, sexual orientation, covered veteran status, or any other protected status. Reasonable accommodations will be provided for qualified applicants with disabilities who self-disclose by contacting the Senior Human Resources Manager.

Applicants may visit titleix.sfsu.edu for more information on SF State's policy prohibiting discrimination, and how to file an online report using the procedures under Executive Order 1096 Revised. Inquiries can be directed to the campus Title IX Coordinator and Discrimination, Harassment, and Retaliation Administrator by calling (415) 338-2032 or emailing vpsaem@sfsu.edu.

San Francisco State is a 100% Smoke/Vapor-Free Campus. Smoking or Vaping of any tobacco/plant-based substance is not permitted on any University properties.

The person holding this position may be considered a "mandated reporter" under the California Child Abuse and Neglect Reporting Act and is required to comply with the requirements set forth in CSU Executive Order 1083 as a condition of employment.

This position may be a "designated position" in the California State University's Conflict of Interest Code. The successful candidate accepting this position may be required to file Conflict of Interest forms subject to the regulations of the Fair Political Practices Commission.
.
Department*
Information Technology Services
.
Appointment Type*
This is a one year probationary position.
.
Time Base*
Full-Time (1.0)
.
Work Schedule*
Monday to Friday: 8:00 a.m. - 5:00 p.m.
.
Anticipated Hiring Range*
$8,750.00 - $9,584.00 Per Month ($105,000.00 - $115,008.00 Annually)

Salary is commensurate with experience.
.
Position Summary*
The incumbent, reporting to the Director of Systems Services, and working under the directions and in close collaboration with the Identity Management Lead, as well as following guidance of SF State Information Security, serves as a career-level Analyst in the Accounts team. The incumbent is handling day-to-day operational tasks; such as: access provisioning and de-provisioning, access management business analysis, and maintaining compliance for centralized identity and access management functions. Additionally, the incumbent participates in design and implementation of new and improved processes, as well as tools and technologies that add automation, improve efficiency, enhance user experience. The incumbent participates in required access management audits, and ensures compliance with security policies and practice directives for various SF State assets and their related access requirements. Because this position requires a high-level of privileged access, the incumbent must possess a high-level of accountability.
.
Position Information
Accounts operations for users provisioning and access management in PeopleSoft,
Active directory, middleware, and other services

- Manage user accounts and directory information requests for additions,
changes/corrections and removals
- Manage password resets, user locks/unlocks, and administer multi-factor
authentication technologies
- Process and troubleshoot user access requests including capturing necessary
authorizations and approvals
- Manage user request for accounts setup and roles provisioning, de-provisioning in
Campus Solutions, CFS
- Perform accounts and access revokation when users┬┐ roles change or the user is no
longer affiliated with the organization
- Manage Active Directory groups and user attributes as necessary to control user
access
- Manage access control groups, object level access, and necessary approvals for
transactions
- Maintain audit trail records for changes
- Manage access approvals and records through the Service Management Tool such
as ServiceNow
- Manage the service request workflow for the request routing to the appropriate
teams
- Effectively communicate with customers and peers
- Maintain compliance with CSU and SF State security policies and practice directives
- Maintain the concept of least privilege and escalate discrepancies for proper
resolution

Processes development, improvement, and automation

- Gather necessary business requirements for accounts creation and access
provisioning processes
- Document processes and workflows with visual representation
- Continually review existing processes for gaps and areas for improvement
- Develop automation for repetitive and time sensitive processes, and to eliminate
human error factor
- Design, implement and maintain programmatic integrations for user provisioning
and access management
- Design, implement and maintain tools for user self-service
- Develop automated processes for access revocation and access reporting
- Participate in Identity and Access Management related projects

Other duties as assigned
.
Minimum Qualifications*
To enter this classification, a basic foundation of knowledge and skills in operating systems programs, maintenance and systems administration features is a prerequisite. This foundation would normally be obtained through a bachelor's degree, preferably in computer science, mathematics, or related technical fields, or equivalent technical training and/or experience. Foundation knowledge and skills for the Operating Systems Analyst include a working knowledge of the assigned computer operating systems, systems analysis, and systems-level programming.

Expert:
Incumbents at the expert level work almost completely independently on the most complex problems and work assignments. They possess an advanced and comprehensive knowledge of the technical specialty and working knowledge of related specialties and are able to apply this extensive expertise as a generalist or specialist. Experts are proactive and understand problems from broad, interactive perspective and are able to develop solutions that combine information and ideas in new, unprecedented ways. Incumbents at this level are capable of leading teams and implementation efforts for assigned projects using advanced communication and listening skills
.
Preferred Qualifications
Education:
- Education: Bachelor's degree in Computer Science, Engineering or related technical field.

Work Experience:
- Minimum of three years of operational experience with Enterprise level Identity and Access Management in production environment
- Minimum of three years of experience in design, implementation, automation and ongoing support of the processes and tools for user accounts provisioning and administration, and Access Management
- Experience supporting Federated SSO (Single Sign On) such as Shibboleth, Okta, ADFS, or others
- Experience working in a trusted role, with a focus on confidentiality

Technical skills and expertise:
- Solid understanding of the core of the Identity and Access Management principles and concepts, such as, but not limited to:
- Authentication and Authorization, including multi-factor
- User Lifecyle Management
- Best practices such as Principle of Least Privilege.
- Mandatory, Discretionary and Role-Based access models, and ability to apply them in practice
- Solid coding skill in Java programming language
- Proficiency in at least one common scripting language - Python, PowerShell, or other
- Proficiency in SQL (Oracle Preferred)
- Solid knowledge of Active Directory and/or LDAP accounts and group management for the purpose of access controls
- Knowledge of PeopleSoft (or comparable ERP) system for accounts provisioning, de-provisioning and role/access management
- Desire and ability to automate repetitive processes in a scalable and sustainable way

Soft skills:
- Passion to understand, learn, and dissect new technologies quickly on your own.
- Strong analytical and problem-solving skills
- Demonstrated ability to analyze and resolve multi-faceted technology problems
- Excellent interpersonal and customer communication skills
- Ability to effectively work in a team and independently
- Ability to work under pressure and maintain positive demeanor

Preferred certifications and specialized technical experience:
- Certified Identity and Access Manager (CIAM)
- Familiarity with Change Management and ITIL
- Experience with Oracle Identity Manager
- Possession of a professional security certification, such as: CISSP, GIAC-GISP
- DevOps experience
.
Environmental/Physical/Special
Some work outside of business hours would be required to provide systems maintenance. The incumbent will be required to be available by cell phone and may be called after work hours to response to critical service outages.
.
Pre-Employment Requirements
This position requires the successful completion of a background check.
.
Eligibility to Work*
Applicants must be able to provide proof of US Citizenship or authorization to work in the United States, within three business days from their date of hire.
.
Benefits
Threaded through our Total Compensation package is a commitment to Bridging Life's Transitions. SF State is committed to providing our employees with a comprehensive program that rewards efforts that are appreciated by your colleagues, students and the customers we serve.

We offer a competitive compensation package that includes Medical, Dental, Vision, Pension, 401k, Healthcare Savings Account, Life Insurance, Disability Insurance, Vacation and Sick Leave as well as State Holidays and a dynamic Fee Waiver program, all geared towards the University's commitment to attract, motivate and retain our employees.
.
CSUEU Position
Eligible and qualified on-campus applicants, currently in bargaining units 2, 5, 7, and 9 are given hiring preference.
.
How To Apply
**THE ONLINE RECRUITMENT SYSTEM WILL ALLOW ONLY ONE FILE ATTACHMENT FOR EACH SUBMISSION**

Submit an online application and upload in one file attachment your resume, cover letter, describing your specific qualifications for each position AND three (3) professional references who can comment upon your education and/or job related experience.

SF STATE IS NOT A SPONSORING AGENCY FOR STAFF OR MANAGEMENT POSITIONS. (i.e. H1-B VISAS).

The Human Resources office is open Mondays through Fridays from 8 a.m. to 5 p.m., and can be reached at (415) 338-1872.
Closing Date/Time: Open until filled

Job Address

San Francisco, California 94132 United States View Map