"Alerted.org

IT@JH Enterprise Directory and Messaging is seeking a **_Sr. IAM Administrator_** .

The Sr. Identity and Access Management (IAM) Administrator is responsible for planning, implementing, and managing IAM services for the University. Serves as the Lead Administrator and provides technical expertise in identity and user account management, including troubleshooting and operational support of university-managed directory stores. Supports the university’s two-factor authentication and privileged account management solutions.

The Sr. Identity and Access Management (IAM) Administrator is responsible for ensuring efficient, seamless, and secure access to business resources. This position is ideal for individuals with extensive experience in Identity and Access Management (IAM) who are looking to advance their careers. The Sr. IAM Administrator oversees the day-to-day operations and management of IAM on-premises and cloud-based systems, ensuring secure access to institutional resources. This role involves leading IAM initiatives, maintaining, patching, securing, evaluating, improving, and optimizing the institution’s IAM applications. Key responsibilities include managing digital identities for humans, workloads, and service accounts, as well as the use of digital certificates to enhance security.

The Sr. IAM Administrator supports the IAM Engineers in evaluating, improving, and optimizing the University’s IAM security posture. This role requires effective communication with technology teams, data owners, and application owners to implement on-premises and cloud-based IAM solutions. The Sr. IAM Administrator plays a critical role in maintaining the security and efficiency of IAM systems, contributing to the overall security strategy of the institution. Additionally, the Sr. IAM Administrator is involved in the administration of user accounts, permissions, and access controls, ensuring that authorized users have the right access to company systems, data, and applications. This position demands a high level of independent decision-making and leadership in IAM practices. Furthermore, the Senior IAM Administrator will mentor and guide IAM Administrators and IAM Analyst, fostering their development and ensuring adherence to best practices.

Specific Duties & Responsibilities

_Digital Identity Management_

+ Oversee digital identities for humans, workloads, and service accounts, ensuring accurate and secure identity lifecycle management.

_IAM Solutions Implementation_

+ Lead the deployment and maintenance of IAM solutions for both on-premises and cloud environments, ensuring seamless integration and optimal performance.

_User Account Administration_

+ Manage user accounts, permissions, and access controls to ensure authorized access, while maintaining strict adherence to security policies.

_Security Enhancements_

+ Utilize digital certificates and manage Public Key Infrastructure (PKI) to enhance security measures and protect sensitive information.

_Collaboration_

+ Work closely with technology teams, data owners, and application owners to design, develop, and implement effective IAM solutions.

_Security Posture Evaluation_

+ Continuously assess and improve the institution’s IAM security posture, identifying vulnerabilities and implementing corrective actions.

_Audits and Assessments_

+ Conduct regular audits and assessments of IAM systems to identify and mitigate risks, ensuring compliance with regulatory requirements.

_Advanced Support_

+ Provide advanced-level support for IAM-related issues, resolving complex problems and ensuring minimal disruption to services.

_Technology Updates_

+ Stay updated with the latest IAM technologies and trends, recommending and implementing improvements to enhance security and efficiency.

_IAM Tools Management_

+ Implement, configure, administer, and maintain IAM tools according to best practices, ensuring they are up-to-date and functioning optimally.

_Authentication and Authorization_

+ Ensure users are authenticated and authorized based on job responsibilities, implementing role-based access controls where appropriate.

_Policy Development_

+ Define and enforce access control policies, ensuring they align with organizational goals and regulatory requirements.

_Access Monitoring_

+ Monitor access logs and conduct periodic reviews to detect and respond to unauthorized access attempts.

_Single Sign-On (SSO)_

+ Implement and manage SSO solutions, troubleshooting issues and ensuring secure and efficient access for users.

_Collaboration with Security Teams_

+ Work closely with security operations and engineering teams to ensure appropriate access monitoring and incident response.

_Project Management_

+ Plan, manage, and monitor IAM projects and tasks, ensuring they are completed on time and within budget.

_Incident Response_

+ Participate in incident response and vulnerability remediation, leading efforts to mitigate security incidents related to identity and access.

_Business Continuity_

+ Execute IAM services business continuity and disaster recovery drills, ensuring readiness for potential disruptions.

_Technical Documentation_

+ Develop and maintain comprehensive technical support documentation for IAM services, ensuring it is up-to-date and accessible.

_Multi-Factor Authentication (MFA)_

+ Implement and sustain MFA solutions, educating users on best practices and staying updated on emerging technologies.

_Compliance and Security_

+ Enforce security policies, conduct audits, and collaborate with compliance officers to ensure adherence to regulatory requirements.

_Security Incident Management_

+ Respond to and mitigate security incidents related to identity and access, ensuring timely resolution and minimal impact.

_Support and Integration_

+ Provide timely support for access-related issues and integrate IAM systems with existing infrastructure, ensuring seamless operation.

_Leadership and Mentorship_

+ Mentor and guide IAM Administrators and Analysts, fostering their development and ensuring adherence to best practices.

_Incident Management_

+ Serve as IAM lead during Incident Management events, coordinating response efforts and ensuring effective resolution.

_Change Management_

+ Drive best practice change management, ensuring administrative documentation is organized and maintained.

_Stakeholder Engagement_

+ Work closely with the security team and business stakeholders to understand, document, and translate requirements into secure and scalable solutions.

_Strategic Planning_

+ Contribute to the strategic planning of IAM initiatives, aligning them with organizational goals and objectives.

_Customer Interaction_

+ Interact and communicate with customers to provide access controls and address their needs effectively.

_On-Call Support_

+ Provide on-call support outside of regular business hours, ensuring continuous availability for critical IAM issues.

+ Other duties as assigned.

Minimum Qualifications

+ Bachelor’s Degree.

+ Four years of experience in identity and access management or related field.

+ Additional education may substitute for required experience and additional related experience may substitute for required education beyond a high school diploma/graduation equivalent, to the extent permitted by the JHU equivalency formula.

Preferred Qualifications

Technical qualifications and specialized certifications

+ Extensive experience with Identity and Access Management (IAM) principles and technologies.

+ Proficiency in managing IAM tools and platforms, including Microsoft Entra, Privileged Access Management (PAM), and Privileged Identity Management (PIM).

+ Strong knowledge of Microsoft 365 Administration and related IAM solutions.

+ Expertise in managing digital certificates and Public Key Infrastructure (PKI).

+ Familiarity with implementing and maintaining single sign-on (SSO) and multi-factor authentication (MFA) solutions.

+ In-depth understanding of Zero Trust principles and their application in IAM.

+ Proficiency in programming or scripting languages (e.g., PowerShell, Python, SQL).

+ Strong analytical, problem-solving, and communication skills.

+ Ability to conduct regular audits and assessments of IAM systems to identify and mitigate risks.

+ Experience in collaborating with technology teams, data owners, and application owners

_Additional preferred technical skills_

+ MS SQL Server Administration

+ Windows Server Administration

+ Linux Server Administration

Classified Title: Sr. IAM Administrator

Job Posting Title (Working Title): Sr. IAM Administrator (IT@JH Enterprise Messaging and Directory)

Role/Level/Range: ATP/04/PE

Starting Salary Range: $73,300 - $128,300 Annually (Commensurate w/exp.)

Employee group: Full Time

Schedule: Mon-Fri 8:30-5:00

FLSA Status: Exempt

Department name: IT@JH Enterprise Directory and Messaging

Personnel area: University Administration