Identity and Access Management Systems Administrator (0520U), Berkeley IT - 73286
University of California, Berkeley
Application
Details
Posted: 29-Sep-24
Location: Berkeley, California
Type: Full-time
Salary: Open
Categories:
Information Technology
Internal Number: 5679499
Identity and Access Management Systems Administrator (0520U), Berkeley IT - 73286
About Berkeley
At the University of California, Berkeley, we are committed to creating a community that fosters equity of experience and opportunity, and ensures that students, faculty, and staff of all backgrounds feel safe, welcome and included. Our culture of openness, freedom and belonging make it a special place for students, faculty and staff.
The University of California, Berkeley, is one of the world's leading institutions of higher education, distinguished by its combination of internationally recognized academic and research excellence; the transformative opportunity it provides to a large and diverse student body; its public mission and commitment to equity and social justice; and its roots in the California experience, animated by such values as innovation, questioning the status quo, and respect for the environment and nature. Since its founding in 1868, Berkeley has fueled a perpetual renaissance, generating unparalleled intellectual, economic and social value in California, the United States and the world.
We are looking for equity-minded applicants who represent the full diversity of California and who demonstrate a sensitivity to and understanding of the diverse academic, socioeconomic, cultural, disability, gender identity, sexual orientation, and ethnic backgrounds present in our community. When you join the team at Berkeley, you can expect to be part of an inclusive, innovative and equity-focused community that approaches higher education as a matter of social justice that requires broad collaboration among faculty, staff, students and community partners. In deciding whether to apply for a position at Berkeley, you are strongly encouraged to consider whether your values align with our Guiding Values and Principles, our Principles of Community, and our Strategic Plan.
At UC Berkeley, we believe that learning is a fundamental part of working, and our goal is for everyone on the Berkeley campus to feel supported and equipped to realize their full potential. We actively support this by providing all of our staff employees with at least 80 hours (10 days) of paid time per year to engage in professional development activities. To find out more about how you can grow your career at UC Berkeley, visit grow.berkeley.edu.
Departmental Overview
Berkeley IT believes in and fosters a workplace environment where people can bring their diverse skills, perspectives and experiences toward achieving our goals through a process of critical inquiry, discovery, innovation, while simultaneously committing to making positive contributions towards the betterment of our world.
In addition, members of the Berkeley IT community have created and endorse the following values for our organization to augment and amplify the campus principles:
We champion diversity.
We act with integrity.
We deliver.
We innovate.
Diversity, Inclusion, and Belonging are more than just suggestions for us. They are the guiding principles underlying how we come together, develop leaders at all levels of the organization, and create an environment that unites us. We affirm the dignity of all individuals, call upon our leaders to address critical issues with integrity and intention, respect our differences as well as our commonalities, and strive to uphold a just community free from discrimination and hate.
Team Overview
The Identity and Access Management Systems Administrator is a part of the Berkeley Information Security Office and is responsible for designing, building, testing, deploying, and maintaining hardware systems and software applications which handle user authentication and authorization for campus electronic resources, user account provisioning and de-provisioning, roles definition and assignment, and the delegated administration of these functions. The incumbent researches, conceptualizes, plans and implements complete and integrated identity management technical solutions for the UC Berkeley campus. These systems include but are not limited to central campus directory services, single sign-on technologies, federated identity management technologies, systems for integrating data from upstream authoritative sources and for providing identity and access information to downstream application providers, and web applications for users and administrators to update identity management systems. As new technologies emerge, the incumbent is expected to learn these technologies quickly, evaluate them, and if appropriate, determine best strategies for integrating new technologies with existing UCB identity management infrastructure.
Position Summary
The Identity and Access Management Systems Administrator is responsible for designing, building, testing, deploying, and maintaining hardware systems and software applications which handle user authentication and authorization for campus electronic resources, user account provisioning and de-provisioning, roles definition and assignment, and the delegated administration of these functions. The incumbent researches, conceptualizes, plans and implements complete and integrated identity management technical solutions for the UC Berkeley campus. These systems include but are not limited to central campus directory services, single sign-on technologies, federated identity management technologies, systems for integrating data from upstream authoritative sources and for providing identity and access information to downstream application providers, and web applications for users and administrators to update identity management systems. As new technologies emerge, the incumbent is expected to learn these technologies quickly, evaluate them, and if appropriate, determine best strategies for integrating new technologies with existing UCB identity management infrastructure.
Application Review Date
The First Review Date for this job is: 10/10/2024.
Responsibilities
Applies advanced systems/infrastructure concepts to define, design and implement highly complex systems, services and technology solutions, specifically technologies that manage the integration of identity data from multiple authoritative sources, user authentication and authorization for campus electronic resources, user account provisioning and de-provisioning, roles definition and assignment, and the delegated administration of these functions
Initiates, plans, designs and implements middleware solutions for the campus.
Designs and deploys an identity management systems and software environment that is highly available, fault tolerant, scalable, and meets campus business needs
Proposes and implements highly complex system enhancements (software and hardware updates) that will improve the performance and reliability of campus identity management and data integration solutions
Specifies, writes and executes highly complex software and scripts to support systems management, and other system administration duties for multiple, highly integrated systems.
Conducts highly complex systems programming and systems support activities on a variety of platforms, particularly RHEL, as well as integration with Microsoft Windows.
Integrates data across systems and DB platforms.
Independently manages centralized identity and access management campuswide, and makes recommendations for purchases or upgrades.
Performs complex and advanced analysis, acquires, installs, modifies and supports operating systems, databases, utilities and web-related tools for UC Berkeley's identity and access management infrastructure.
Interacts with senior management.
Work in collaboration with others to ensure security of identity and access management systems and data.
Executes security controls to prevent malicious intrusion of campus identity management systems.
Administers security policies to control access to systems, including working with campus data proprietors to process requests for privileged access to identity data.
Professional development and training.
Required Qualifications
Expert-level knowledge of system and applications design and implementation.
Solid understanding of and experience managing LDAP directory services and integration.
Substantial experience with *NIX systems, particularly Redhat Enterprise Linux.
Familiarity with web servers (especially NGIX and Apache/Tomcat), load balancers, firewalls, DNS.
Familiarity with technologies/frameworks/concepts critical to implementing middleware solutions, including messaging technologies, a variety of DB platforms (especially Oracle), and SOA/REST/Web Services/etc.
Ability to write complex code in one or more of the following: Ruby, Java, Javascript, Python, and Groovy.
Expert knowledge of PostgreSQL.
Experience developing and maintaining secure web applications.
Experience running Tomcat or similar application servers.
Experience performing log analysis with ELK.
Advanced level judgment and leadership to solve the most complex technical problems.
Ability to establish and maintain effective working relationships at all levels with staff internal and external to bIT as well as with vendors and clients.
Must be able to communicate technical information in a clear and concise manner across the organization and at varying levels.
Ability to produce clearly written technical documentation.
Has knowledge necessary to design, set-up, operate, and correct malfunctions involving application of technology systems.
Demonstrated commitment to the advancement of diversity, equity, inclusion, belonging, and justice at UC Berkeley and Berkeley IT.
Knowledge of other areas of IT.
Bachelor's degree in related area and/or equivalent experience/training.
Preferred Qualifications
Expert knowledge of Identity and Access Management practices and technologies.
Experience with ForgeRock Directory Services.
Experience with the Internet2 Trusted Access Platform, specifically Grouper and Shibboleth.
Experience with AWS, Azure and/or Google Cloud.
Experience automating systems build and provisioning using tools such as Ansible, Terraform, and CloudFormation.
Experience deploying containerized systems in a production environment.
This is a 100% full-time (40 hrs a week) exempt career position, which is paid monthly and eligible for UC Benefits.
For information on the comprehensive benefits package offered by the University, please visit the University of California's Compensation & Benefits website.
Under California law, the University of California, Berkeley is required to provide a reasonable estimate of the compensation range for this role and should not offer a salary outside of the range posted in this job announcement. This range takes into account the wide range of factors that are considered in making compensation decisions including but not limited to experience, skills, knowledge, abilities, education, licensure and certifications, analysis of internal equity, and other business and organizational needs. It is not typical for an individual to be offered a salary at or near the top of the range for a position. Salary offers are determined based on final candidate qualifications and experience.
The budgeted annual salary that the University reasonably expects to pay for this position is $109,200.00 - $158,500.00.
How to Apply
To apply, please submit your resume and cover letter.
Other Information
This is not a visa opportunity.
This position is eligible for 100% fully remote schedule.
This recruitment has 1 opening.
Conviction History Background
This is a designated position requiring fingerprinting and a background check due to the nature of the job responsibilities. Berkeley does hire people with conviction histories and reviews information received in the context of the job responsibilities. The University reserves the right to make employment contingent upon successful completion of the background check.
This job is part of the Employee Referral Program. If a UC Berkeley employee is referring you, please ensure you select the Referral Source of 'UCB Employee'. Then enter the employee's Name and Berkeley email address in the Specific Referral Source field. Please enter only one name and email.
The University of California was chartered in 1868 and its flagship campus - envisioned as a "City of Learning" - was established at Berkeley, on San Francisco Bay. Today the world's premier public university and a wellspring of innovation, UC Berkeley occupies a 1,232 acre campus with a sylvan 178-acre central core. From this home its academic community makes key contributions to the economic and social well-being of the Bay Area, California, and the nation.