Identity/Access Management Specialist Associate

1 day left

California, United States
18 Jun 2019
End of advertisement period
18 Aug 2019
Contract Type
Full Time

Job Summary

Reports to the Chief Information Security Officer. The successful candidate will work across the entire identity lifecycle, including but not limited to: Caltech account creation and provisioning; access control and assignment of application-specific roles and responsibilities for in-house developed applications, on-premises commercial software applications, and cloud-hosted applications; management of multi-factor authentication account profiles; account deprovisioning for both routine and immediate terminations and corresponding account closure processing; annual bulk account terminations for graduated students; participate in the evaluation and selection process for new online software applications services. Advise and assist Campus personnel at all levels with questions regarding account access controls; troubleshoot profile and role/responsibility conflicts. Assist in data preservation and investigation of incidents. 

Job Duties

Working collaboratively as part of a team, create new access.caltech accounts and assign and maintain appropriate roles and responsibilities using the principle of least privilege, for locally developed as well as commercial or cloud-hosted centrally-managed services such as:

  • Access.caltech web portal
  • Kronos license management
  • Oracle roles and responsibility management via Oracle GRC
  • Cognos
  • Ellucian Advance
  • RADR
  • TitleIX Advocate
  • Division Personnel Management
  • Windstar
  • PowerFAIDS
  • fsaAtlas
  • ​ Convey
  • ​ Exeter
  • ​ Box
  • ​ Duo Security Multi-factor Authentication
  • ​Conduct account deprovisioning process for terminations both voluntary and involuntary
  • Perform ad hoc and scripted SQL queries in Oracle databases as needed
  • Monitor critical central systems for signs of unauthorized account activity or abuse
  • Independently research and make technical recommendations regarding Information Security policies and practices around identity and access management
  • Work both autonomously and collaboratively with team members to develop and maintain tools and resources for improved prevention, detection and response for unauthorized or abusive account activity
  • Work with resource owners to determine appropriate account and access policies and practices; interpret and ensure compliance with existing Institute and departmental policies and procedures
  • Stay current on identity and access management techniques and tools and as well as threats, and contribute to periodic security briefings and updates for members of the campus community at all levels
  • Assist Audit Services and Institute Compliance as well as third-party auditors with information and data requests
  • Document policies, internal processes, user tutorials and FAQs

Basic Qualifications

  • The selected candidate must have a BS/BA degree in a related field, or equivalent experience, with a working knowledge of current identity and access management practices, including federated authentication and multifactor authentication (MFA)
  • 4+ years related IT experience and appropriate subject-area knowledge, including identity lifecycle management, role-based access controls, federated authentication, and multifactor authentication technologies. Familiarity with Structured Query Language and Windows, Mac or linux command-line utilities
  • Must have excellent oral and written communication skills (email and phone communication as well as written documentation are crucial components of the job)
  • Candidates must be able to work within a collegial group of Information Security analysts and should exhibit an understanding of issues relating to workload sharing and documentation
  • Candidates should be customer-oriented and comfortable working with a user base with widely varying computer skills and support needs
  • Must be able to think and work independently in an organized and effective manner within a dynamic environment with shifting demands and priorities
  • Working knowledge of relevant state and federal legislation and best practice security standards

Preferred Qualifications

  • 6+ plus years of directly-related IT systems experience and expertise, with a thorough understanding of federated authentication technologies, multi-factor authentication, identity lifecycle management and current data privacy issues
  • Experience with the following: ad-hoc SQL; Oracle databases and Oracle web applications including Oracle E-Business Suite; Active Directory; Lightweight Directory Access Protocol; Powershell; Python; Perl; familiarity with Windows, Macintosh, and linux (especially Red Hat Enterprise Linux) operating systems
  • Experience working in Information Technology at Caltech.

Required Documents