Job Summary

RIT is looking for a IAM Engineer III to join the Information Technology Services (ITS) team where we are always on to something amazing! The position is part of the Infrastructure Applications team responsible for centralized foundational IT services that support the greater RIT community. Primary responsibilities are for the technical design, development, and maintenance of complex software-intensive Identity and Access Management (IAM) systems, applications and integrations.


Job Responsibilities

Collaborating with business partners and end users to gather IAM requirements, communicate IAM changes, develop IAM strategies for IAM services, and facilitate new integrations with authentication and authorization services.
Performing ongoing maintenance, enhancements, integration, and improvements to authentication and authorization software platforms such as SSO, MFA, social logon, federation, and IAM source, target and downstream connectors such as HRMS, SIS, Payroll, AD, LDAP, email, API, etc.
Identifiy and maintain appropriate hardware and software technologies that are essential to the integrity and function of IAM environments.
Develops, programs, and / or deploys automation workflows for deployment, configuration, and monitoring of IAM systems / services
Manages, maintains, selects, and develops IAM automation tools and infrastructure as code, including security configurations
Build and manage relationships with relevant IAM vendors to evaluate, purchase, and implement new and emerging IAM technologies; maintain and document IAM systems, establish operational IAM procedures, and manage IAM projects.
Consulting with service owners and data stewards on the development, configuration, and deployment of design changes and enhancements to IAM dataflow and data integrations to meet business requirements.
Participating in the improvement of team skills, software techniques, system reliability and overall quality to ensure that IAM services are supported, monitored and maintained throughout their full life cycle.
Creating and maintaining documentation for IAM services, troubleshooting performance issues, and partnering with other teams and vendors to implement improvements.
Understanding the core functionality capabilities of IAM applications and assisting business partners in leveraging the technology to meet the needs of the university.
Participating in the evaluation and selection process for new services.
Participating in the evaluation and selection process for enterprise applications. This includes development of technical requirements and application assessments.
Responsible for the administration, technical deployment, support and maintenance of enterprise IAM applications.
Plans and schedules application maintenance, upgrades, and all other associated service overhead for enterprise IAM applications.
Responsible for the completion of service requests and the resolution of incidents associated with selected IAM enterprise applications.
Implements and administers application security that meets RIT security standards for IAM applications
24x7 service support, including on-call rotation responsibilities.
Participates in ITIL practices of incident, problem management, service request, and change management as highest escalation point for software programs/services.
Level Scope

Recognized subject matter expert with broad knowledge of area of specialization. Ability to transfer knowledge and application of complex principles, theories and concepts to peers. Broad understanding of industry best practices, techniques and standards. Problems and issues are unclear, increasingly difficult and are strategic in nature and require development of new approaches, methods, or techniques, requiring a high degree of innovation and creativity. Contributes to the development of area goals and planning efforts (budgets, operational plans, etc). Scope and impact of work are significant and frequently extends to a variety of other units, teams, areas of specialization, and departments. Requires broad knowledge of area(s) of specialization with ability to transfer knowledge and application of complex principles, theories and concepts to peers. Serves as trusted advisor to management and shares expertise with others. Influences parties within and outside of the area of specialization regarding policies, procedures, and practices. Typically responsible for providing guidance, coaching and training to other employees within job area. Typically responsible for managing major/complex projects at this level, involving delegation of work and review of work products.


Required Qualifications

Required Minimum Qualifications :

5 to 7 years of related information technology experience
A strong conceptual and practical understanding of IAM
Knowledge of authentication and authorization software platforms such as SSO, MFA, social logon, and federation.
Knowledge of IAM source, target, and downstream connector integrations such as HRMS, SIS, Payroll, AD, LDAP, email, API, etc.
Understanding of core networking principles
Understanding of identity & access management
Understanding of API frameworks
The ability to implement security and compliance controls
The ability to implement and analyze monitoring and logging
Understanding of CI/CD or GitOps
Understanding of web technologies
Proficient oral and written communications skills.
Collaborates well in a team environment.
Sensitive to clients’ needs & can develop warm client relationships.
Ability to work well with all areas of the organization and enable business outcomes by translating IAM and SSO concepts into plain language.
Preferred Qualifications :
Understanding of basic cloud services: vaults, storage, resource groups, etc
Recent experience working with authentication, authorization platforms in a higher education environment
Recent experience working with IAM source, target, and downstream connector integrations in a higher education environment
Ability to write and understand multiple programming languages: Python, Javascript, Bash, PHP