IAM Identity Engineer

The University of California San Francisco (UCSF) is a leading academic healthcare organization seeking an IAM Identity Engineer to assist in the development, implementation, and maintenance of IAM solutions. This role involves collaborating with various departments and external vendors to ensure secure access and identity data management while supporting the lifecycle of user identities within UCSF.

Responsibilities:

• Assist in the development, implementation, and maintenance of IAM solutions that adhere to the University's security policies and requirements
• Support the evaluation of hosting platforms and configuration technologies to ensure consistency across production and non-production environments
• Collaborate with IAM Managers, Senior Engineers, Administrators, Analysts, various University departments, and external vendors to ensure secure, compliant, and efficient access and identity data management
• Help design, implement, and maintain the technical infrastructure that supports the lifecycle of user identities within UCSF
• Work with various IAM tools and technologies to securely manage identities from creation to deactivation, ensuring compliance with UCSF policies and regulatory requirements

Requirements:

• Three or more years of experience working in one or more of the following fields: cybersecurity, computer science, or computer information systems
• Bachelor's Degree or four years of relevant experience/training in one or more of the following fields: cybersecurity, information technology, computer science, public administration, business administration, communications
• Experience with the implementation and integration of Identity and Access Management (IAM) systems and tools
• Demonstrated skills applying security controls to computer software and hardware
• Hands-on experience with directory services (e.g., Active Directory, Lightweight Directory Access Protocol (LDAP)), Single Sign-On (SSO) technologies, and multi-factor authentication (MFA) solutions
• Knowledge of data encryption technologies and experience selecting and applying appropriate data encryption technologies
• Knowledge of Identity Governance and Administration (IGA) solutions, including SailPoint, Saviynt, Bravura Identity, and similar platforms
• Proficient in scripting and programming languages (e.g., PowerShell, Python, Java) for automation and integration purposes
• Experience in incident response and digital forensics including reporting
• Strong written and verbal communication skills and ability to communicate technical information and ideas to a diverse community of colleagues and stakeholders
• Ability to establish and advance positive working relationships and a strong rapport with team members, stakeholders, and customers
• Strong organizational skills and ability to balance competing priorities and support concurrent projects. Experience working in a project-based environment using leading project management practices including schedule management, status reporting, and communication of project risks and issues
• Strong demonstrated problem-solving skills; scopes solutions based on knowledge of available resources and timelines. Ability to ask questions, gather information, evaluate options, and make decisions with integrity
• Thinks creatively and proposes innovative ideas, including the incorporation of new technologies or processes. Ability to work with agility in a fast-paced environment
• Experience in complex higher education environments, serving academic, medical, and research, medical, and research and administrative functions of a large public university
• One or more of the following certifications: CCNP Security, Cisco Certified Internetwork Expert (CCIE) Security, Offensive Security Certified Professional (OSCP), Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH)
• Cisco Certified Internetwork Expert (CCIE) Security