Under the general direction of the Identity and Access Management (IAM) Supervisor, the Senior IAM Engineer serves as a technical leader with advanced expertise in Identity, Governance and Administration (IGA) platforms and plays a critical role in the successful implementation and ongoing support of the SailPoint Identity Governance and Administration (IGA) platform, which will replace the organization's legacy IAM system. This position leads efforts to transition applications and dependencies from the legacy system to the new IGA platform, ensuring a smooth, secure migration and the ongoing optimization of the platform.
The Senior IAM Engineer applies advanced concepts and leverages deep expertise on medium to large projects of broad complexity to resolve highly complex issues and guide strategic decisions. This role is responsible for driving the onboarding of new applications to the IGA platform, the enhancement, configuration, and management of the IGA platform, ensuring secure and efficient access to mission-critical applications, systems, and entitlements across all campus units, leading access certification campaigns, and ensuring adherence to University policies and regulatory requirements. Additionally, the Senior IAM Engineer designs and implements advanced lifecycle management processes to oversee the entire identity lifecycle, including provisioning, authentication, authorization, and de-provisioning, ensuring secure solutions.
As a technical leader, this position enforces advanced security best practices, leads system changes, and prepares and approves system documentation and technical requirements. Operating with a high degree of autonomy, the Senior IAM Engineer ensures the successful implementation and ongoing support of the IGA platform while maintaining the highest standards of security and efficiency.
To see IET job postings, please visit https://iet.ucdavis.edu/jobs
Due to the sensitive nature of the data being handled, candidates must already possess authorization to work in the United States to be considered
Apply By Date
1/19/2025 at 11:59pm
Qualifications
Minimum Qualifications - For full consideration, applicants are encouraged to upload license and/or certification if required of the position
* Bachelor's degree in information technology, Computer Science, or related field and/or equivalent experience and training.
* Minimum of 5 years experience with Identity Governance and Administration (IGA) platforms such as SailPoint, Saviynt, ForgeRock or similar solutions including API intergrations, ETL processes and reporting and at least 2 years experience working on SailPoint Identity Security Cloud (previously known as SailPoint IdentityNow).
* Experience ensuring compliance with regulatory requirements and industry standards (e.g. FERPA, HIPAA, NIST Cybersecurity Framework, etc) while championing identity governance services and advising business and technology teams on product capabilities.
* Advanced level expertise in IAM concepts, including identity lifecycle management, authentication, authorization, federation, and integrating IAM solutions with directory services (e.g. Active Directory, Azure AD, and LDAP) and familiarity with non-employee lifecycle management tools such as SecZetta or NERM.
* Advanced knowledge of the SailPoint ISC platform, including its architecture, capabilities and configurations and customizations and integration with tools such as AD, Azure AD, and ADFS. Familiarity with scripting languages like PowerShell or Python for automation and cross-platform editors such as VS Code.
* Ability to lead large-scale projects, implement enterprise-level solutions, mentor team members in a senior or technical lead role, and perform technical demonstrations to diverse user groups and engineers.
* Ability to communicate effectively with stakeholders at all levels including technical teams, executives, application owners, and end-users as well as create technical documentation, policies, and training materials and elicit, document and analyze business requirements for IAM processes and systems.
Preferred Qualifications
* Experience leading medium to large scale integrations of systems with SailPoint Identity Security Cloud and integrating SailPoint ISC with Non-Employee Risk Management (NERM).
* Experience implementing custom rules, forms, workflows and a wide range of Out of the Box (OOB) connectors in an IGA Solution.
* Experience aligning IGA deliverables to security objectives and business requirements in an industry that has high compliance standard requirements.
* Experience with Databases such as Oracle or Microsoft SQL Server.
* Experience with ServiceNow integration.
* Advanced skills to analyze IAM data to generate insights and support decision-making.
* Proficiency in using data analysis tools and techniques to evaluate access trends, compliance status, and risk factors.
Key Responsibilities
* 50% - Lead IGA Platform Management and Application On-boarding
* 25% - Access Certification and Compliance
* 15% - Lead Enhancement of IGA Platform
* 10% - Documentation, Training, and Continuous Improvement
Department Overview
Enterprise Infrastructure Services (EIS) within Information & Educational Technology (IET) creates, deploys and manages business, academic and infrastructure systems. The Identity and Access Management (IAM) Team of EIS provides development and support for a variety of systems and services including single-sign on, multi-factor authentication, privileged access management, identity life cycle management, entitlement management, directory services, account provisioning and has a high campus impact as it supports mission-critical systems and applications used by the entire population of student, faculty, staff, and university affiliates.
The Senior Identity and Access Management (IAM) Engineer serves as a critical interface between federated applications, inter-campus infrastructure solutions, and IAM services, supporting the University's strategic IT objectives and ensuring the integrity and efficiency of identity and access management practices.
POSITION INFORMATION
* Salary or Pay Range: $92,000/yr. - $172,000/yr.
* Salary Frequency: Monthly
* Salary Grade: Grade 24
* UC Job Title: APPLICATIONS PROGR 4
* UC Job Code: 000652
* Number of Positions: 1
* Appointment Type: Staff: Career
* Percentage of Time: 100% Fixed
* Shift Hours: M-F, 8-5pm
* Location: Davis/Primarily Remote In-State Only
* Union Representation: 99 - Non-Represented (PPSM)
* Benefits Eligible: Yes
* Hybrid/Remote/Onsite: Davis/Primarily Remote In-State Only
Benefits
Outstanding benefits and perks are among the many rewards of working for the University of California. UC Davis offers a full range of benefits, resources and programs to help you bring your best self to work, as well as to help you and your family achieve your health, wellness, financial and career goals. Learn more about the benefits below and eligibility rules by visiting either our handy Benefits Summary for UC Davis Health Employees or Benefits Summary for UC Davis Employees and our Benefits Page.
If you are represented by a union, benefits are negotiated between the University of California (UC) and your union and finalized in a contract. Read your bargaining unit's employment contract, stay abreast of current negotiations and learn about collective bargaining at UC: https://ucnet.universityofcalifornia.edu/labor/bargaining-units/index.html
* High quality and low-cost medical plans to choose from to fit your family's needs
* UC pays for Dental and Vision insurance premiums for you and your family
* Extensive leave benefits including Pregnancy and Parental Leave, Family & Medical Leave
* Paid Holidays annually as stipulated in the UC Davis Health Policies or Collective Bargaining Agreement
* Paid Time Off/Vacation/Sick Time as stipulated in the UC Davis Health Policies or Collective Bargaining Agreement
* Continuing Education (CE) allowance and Education Reimbursement Program as stipulated in the UC Davis Health Policies or Collective Bargaining Agreement
* Access to free professional development courses and learning opportunities for personal and professional growth
* WorkLife and Wellness programs and resources
* On-site Employee Assistance Program including access to free mental health services
* Supplemental insurance offered including additional life, short/long term disability, pet insurance and legal coverage
* Public Service Loan Forgiveness (PSFL) Qualified Employer & Student Loan Repayment Assistance Program for qualified roles
* Retirement benefit options for eligible roles including Pension and other Retirement Saving Plans. More information on our retirement benefits can be found here
* UC Davis cares about building a community, which is why we provide resources to enhance diversity, equity and inclusion as well as Employee Resource Groups (ERGs) to support our staff
Physical Demands
* Standing - Occasional Up to 3 Hours
* Walking - Occasional Up to 3 Hours
* Sitting - Continuous 6 to 8+ Hours
* Lifting/Carrying 0-25 Lbs - Occasional Up to 3 Hours
* Keyboard use/repetitive motion - Continuous 6 to 8+ Hours
Mental Demands
* Sustained attention and concentration - Frequent 3 to 6 Hours
* Complex problem solving/reasoning - Frequent 3 to 6 Hours
* Ability to organize & prioritize - Frequent 3 to 6 Hours
* Communication skills - Frequent 3 to 6 Hours
* Numerical skills - Occasional Up to 3 Hours
* Constant Interaction - Occasional Up to 3 Hours
* Customer/Patient Contact - Occasional Up to 3 Hours
* Multiple Concurrent Tasks - Frequent 3 to 6 Hours
Work Environment
* Hire MUST be located in-state. (Out of state applicants will be considered but must relocate instate if hired). This position can be done primarily remote with the expectation that the employee must be available to come on site should management deem it necessary for emergencies, meetings, support activities, etc. No reimbursement of travel expenses, travel time not considered work hours.
* UC Davis is a smoke and tobacco free campus effective January 1, 2014. Smoking, the use of smokeless tobacco products, and the use of unregulated nicotine products (e-cigarettes) will be strictly prohibited on any UC Davis owned or leased property, indoors and outdoors, including parking lots and residential space.
* Due to the mission-critical services provided by this department, this position may work hours other than M-F 8-5, especially in response to system problems. Vacation is restricted during peak periods. Adhere to workplace safety practices, read information communicated about workplace safety, complete required safety training on time, and report any workplace safety issues promptly to their supervisor or the designated safety coordinator.
Special Requirements - Please contact your recruiter with questions regarding which activities apply by position
* This is a critical position, as defined by UC policy and local procedures, and as such, employment is contingent upon successful completion of background check(s), including but not limited to criminal record history background check(s)
* Misconduct Disclosure Requirement: As a condition of employment, the final candidate who accepts a conditional offer of employment will be required to disclose if they have been subject to any final administrative or judicial decisions within the last seven years determining that they committed any misconduct; received notice of any allegations or are currently the subject of any administrative or disciplinary proceedings involving misconduct; have left a position after receiving notice of allegations or while under investigation in an administrative or disciplinary proceeding involving misconduct; or have filed an appeal of a finding of misconduct with a previous employer.
Diversity, Equity, Inclusion and Belonging
At UC Davis, we're solving life's most urgent challenges to bring a fuller, healthier, and more resilient world within reach. We grow from every challenge we take on and we don't just maintain - we improve. We recognize that creating an inclusive and intellectually vibrant organization means understanding and valuing both our individual differences and our common ground. The most comprehensive solutions come from the most diverse minds and you belong here. As you consider joining UC Davis, please explore our Principles of Community, our Clinical Strategic Plan and strategic vision for research and education, and our latest efforts to outgrow the expected. The University of California, Davis is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age or protected veteran status.
For the University of California's Affirmative Action Policy, please visit: https://policy.ucop.edu/doc/4010393/PPSM-20
For the University of California's Anti-Discrimination Policy, please visit: https://policy.ucop.edu/doc/1001004/Anti-Discrimination
Because we want you to be seen, our recruiting process at UC Davis fosters authenticity, diversity, and inclusion. Studies have shown that some people may not apply to jobs unless they meet every single qualification. Each unique role at UC Davis has a set of requirements and you could be perfect for this role, or you could be perfect for the next role! Don't meet all the requirements? We still encourage you to apply! #YouBelongHere