Identity and Access Management Architect - San Francisco, United States - University of California

Description

IT - Identity Management

Full Time

75906BR

Job Summary

As the Identity and Access Management (IAM) Architect, you will be responsible for designing and implementing our IAM infrastructure, applications, and services to ensure optimal performance, security, and scalability. You will collaborate with cross-functional teams to analyze business requirements, design IAM solutions, and oversee the implementation and maintenance of applications, services, and infrastructure. Your expertise in IAM, security, governance, authentication, authorization, privileged access, and credential management will be vital in supporting our organization's growth and technological advancements. These responsibilities include identifying business requirements, creating designs, developing prototypes, and executing testing and training activities while conceptualizing IAM solutions. You will help establish overall standards, guidelines, leading-edge practices, and approved IAM techniques and approaches in partnership with other IAM Engineers and Developers. The IAM Architect will act as a thought leader for the organization's IAM vision and goals while demonstrating ITS values in action.

To see the salary range for this position (we recommend that you make a note of the job code and use that to look up):

Please note: The compensation ranges listed online for roles not covered by a bargaining unit agreement are very wide, however a job offer will typically fall in the range of 80% - 120% of the established mid-point. An offer will take into consideration the experience of the final candidate AND the current salary level of individuals working at UCSF in a similar role.

For roles covered by a bargaining unit agreement, there will be specific rules about where a new hire would be placed on the range.

To learn more about the benefits of working at UCSF, including total compensation, please visit:

Department Description

The UCSF identity and access management team deals with application, service, and data security. Responsibilities are to design and maintain software and systems by which users interact with the network, systems, and data while meeting the IT security standards for UCSF and the University of California Office of the President. The team performs situational analyses and software testing to determine vulnerabilities in UCSF's applications, databases, and services to ensure that our information is appropriately protected. The IAM team, with our architect, must design and implement solutions to address any technical debt or weak points. They should also test users of systems or services, ensuring they cannot unintentionally compromise the security; they must analyze how users react to those situations, design, and help implement countermeasures.

Required Qualifications

• Bachelor's degree in a related area and/or equivalent experience/training
• Certification: AWS Solutions Architect - Professional or equivalent
• Knowledge of software, database, and infrastructure for IAM. Knowledge relating to the design, development, and use of software across the organization, including but not limited to MS AD, Shibboleth, Okta, and DUO Security.
• Enterprise-level understanding of and experience with key modeling and description languages used to map highly complex business processes to architectural components, develop common, large-scale data resource architectures, and create reference frameworks.
• Significant experience with the integration of highly complex, diverse, internally and externally developed implementations of business functions to build enterprise-class, scalable systems.
• Ten years or more of experience in IAM engineering, architecture, and related fields. Demonstrated expertise in design optimization and various architecture, with experience building scalable, diverse, and complex systems.
• Expert knowledge of IAM-related areas of technology and understanding of IAM architecture including SAML, OAuth, SSO, MFA, Directories (AD and Linux), PAM tools, IGA, RBAC, and certificates.
• Experience in developing applications, and services using web software (Apache, IIS), web software language, and object-oriented programming skills and concepts (java, python, Php). May require knowledge of network protocols and how they are used on a large (campus / medical center) network. Advanced knowledge of data storage (including Oracle and SQL server DBs), processing analysis, and visualization technologies and how they are used in administrative and/or academic endeavors at a large, top-tier research university or medical center.
• Demonstrated ability to translate business needs into long-term architecture solutions. Expertise relating to the design and development of software across the organization.
• Expert knowledge of application and services access, processing, and analysis and how they are used in administrative, medical, and/or academic endeavors (CA\\PKI).
• Expert knowledge of IAM compliance and audit in a campus / medical setting. Knowledge of NIST, ISO, and other IT security standards.
• Expertise relating to the design and development of information technology architectures across the organization
• Demonstratable expert-level troubleshooting abilities. Can quickly identify root causes and effectively propose solutions or workaround. Able to communicate with the UCSF community and management when issues or problems occur.
• Demonstrated effective communication and interpersonal skills, including the ability to communicate technical information to technical and non-technical personnel at various levels in the organization. Both verbal and written.
• Ability to understand business needs and how business systems can support those needs.
• Demonstrated ability to work with others from diverse backgrounds.
• Self-motivated and works independently and as part of a team. Demonstrates problem-solving skills. Able to learn effectively and meet deadlines.

Preferred Qualifications

• Master's degree in a related area and/or equivalent experience/training
• Professional Certified Information Systems Security CISSP
• GIAC Cyber Defense Certifications (GOSI, GCIA, GCWN, GMLE, GMON, GDSA, GCDA)

About UCSF

At UCSF Health, our mission of innovative patient care, advanced technology and pioneering research is redefining what's possible for the patients we serve - a promise we share with the professionals who make up our team.

Consistently ranked among the top 10 hospitals nationwide by U.S. News & World Report - UCSF Health is committed to providing the most rewarding work experience while delivering the best care available anywhere. In an environment that allows for continuous learning and opportunities for professional growth, UCSF Health offers the ideal atmosphere in which to best use your skills and talents.

Pride Values

UCSF is a diverse community made of people with many skills and talents. We seek candidates whose work experience or community service has prepared them to contribute to our commitment to professionalism, respect, integrity, diversity and excellence - also known as our PRIDE values.

In addition to our PRIDE values, UCSF is committed to equity - both in how we deliver care as well as our workforce. We are committed to building a broadly diverse community, nurturing a culture that is welcoming and supportive, and engaging diverse ideas for the provision of culturally competent education, discovery, and patient care. Additional information about UCSF is available at

Join us to find a rewarding career contributing to improving healthcare worldwide.

Equal Employment Opportunity

The University of California San Francisco is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.

Organization

Health

Job Code and Payroll Title

000532 IT ARCHITECT 5

Job Category

Clinical Systems / IT Professionals

Bargaining Unit

99 - Policy-Covered (No Bargaining Unit)

Employee Class

Career

Percentage

100%

Location

Mission Center Building (SF)

Shift

Days

Shift Length

8 Hours

Additional Shift Details

Mon-Fri, 8-5, some after hours, on-call