Identity (IAM) and Collaboration Platform System Integration Engineer

Summary: UC Santa Barbara is consistently recognized for excellence across broad fields of study. The Identity (IAM) and Collaboration Platform System Integration Engineer is responsible for designing, engineering, and managing the full lifecycle of secure and efficient identity and access management solutions across the organization. Responsibilities: - Engineer and manage the lifecycle of IAM platforms and technologies - Design and implement automated user provisioning, de-provisioning, and lifecycle events - Develop, implement, and integrate authentication systems (e.g., single sign-on, multi-factor authentication) - Perform functional analysis to design and engineer authorization mechanisms (e.g., access control lists, attribute-based access control, role-based access control, least privilege) - Perform technical risk assessments to ensure the security and compliance of IAM and collaboration platforms and their integrations - Engineer and implement Observability tools to perform system optimization and ensure platform performance and availability - Provide engineering analysis for complex system integration incidents related to Identity and Collaboration services, including SSO, Google Workspace, and campus identity provisioning - Coordinate with Tier 1 and Tier 2 support to identify common support issues - Collaborate closely with other IT teams (e.g., network, security, application development, database) to ensure successful integration and operation of IAM solutions - Maintain comprehensive documentation of IAM and collaboration platforms, integrations, and processes, including technical specifications, user guides, and run books - Design and implement complex, multi-system integrations between IAM systems (e.g., identity providers, directory services, access management platforms) and other IT systems (e.g., HR systems, CRM, ERP, cloud platforms) - Develop and maintain integration interfaces using APIs, connectors, and other technologies - Perform complex troubleshooting and validation to resolve integration issues related to data flow, connectivity, and authentication/authorization - Ensure data quality and accuracy during data exchange between systems - Identify and implement opportunities to improve the IAM and Collaboration platforms' performance, reliability, and user experience - Stay current on the latest features and updates to IAM platforms and toolsets - Research, prototype, and perform effectiveness analyses on new IAM or collaboration technologies and tools Required Qualifications: - Bachelor's degree in Computer Science, Information Technology, or a related field or equivalent experience - 1-3 years: Strong understanding of IAM concepts, tools (e.g., Okta, Azure EntraID, AWS IAM), and technologies (e.g., identity providers, directory services, access control models) - 1-3 years: Experience in system integration technologies (e.g., APIs, connectors, ETL tools), with a strong focus on IAM integrations - 1-3 years: Experience with scripting languages (e.g., Python, PowerShell), Infrastructure as Code (e.g., Terraform Cloudformation, CDK), Configuration Management (e.g., Ansible), and potentially low-code/no-code integration platforms - 1-3 years: Knowledge of security best practices and compliance standards (e.g., NIST, ISO 27001) Preferred Qualifications: - 1-3 years: Relevant industry certifications (e.g., CISSP, CISM, CISA, relevant cloud certifications) - 1-3 years: Experience with cloud-based IAM solutions and integrations (e.g., AWS, Google, Microsoft EntraID, Okta) - 1-3 years: Experience with observability and security information and event management (SIEM) systems - 1-3 years: Experience with Agile development methodologies - Identity and Access Management (IAM): strong understanding of identity and access management concepts, tools (e.g., Ping Directory, Google Directory, Azure Entra ID, AWS IAM, Okta), and standard protocols (e.g., SAML, OIDC, SCIM), including authentication, authorization, single sign-on, multi-factor authentication, and access control models - System Integration: a deep understanding of system integration principles, methodologies, and best practices (e.g., APIs, connectors, ETL tools, integration platforms) - Collaboration Platforms: in-depth knowledge of Google Workspace and Microsoft 365 suites, including their features, functionalities, and limitations - Cloud Computing: familiarity with cloud computing concepts and technologies (e.g., IaaS, PaaS, SaaS, cloud security) - Security Best Practices: Knowledge of security best practices and compliance standards (e.g., NIST Cybersecurity Framework, ISO 27001, GDPR, CCPA) - Development Skills: proficiency in version control systems (e.g., Git) and scripting languages (e.g., Python, PowerShell) - Development Skills: experience with API development and integration (e.g., REST, GraphQL, SOAP, ETL) - DevOps Skills: proficiency in Infrastructure-as-Code and Configuration Management concepts and tools (e.g., Terraform, Cloudformation, CDK, Ansible) and CI/CD workflows - DevOps Skills: experience with Observability and Monitoring platforms (e.g., Datadog, Splunk, AWS Cloudwatch) and practices - Problem-solving: ability to analyze and troubleshoot complex problems, identify root causes, and develop effective solutions - Analytical Skills: analyzing data, identifying trends, and making informed decisions - Adaptability: ability to adapt to new technologies and changing business requirements - Proactive: ability to proactively identify and address potential issues - Attention to detail: meticulous attention to detail and accuracy in all aspects of work Required Skills: Identity, Access Management (IAM), System Integration, Collaboration Platforms, Cloud Computing Important Skills: Scripting Languages, Security Best Practices, Development Skills, DevOps Skills Nice-to-Have Skills: Analytical Skills, Proactive, Problem-solving, Adaptability, Attention to detail Benefits: Excellent retirement and health are just one of the rewards., Full Benefits