Senior Identity & Access Management Engineer (Analyst, IT, Sr.) - Military Veterans

POSITION SUMMARY: 
 

The Identity Management team provides authentication, authorization, and directory services to Duke University and Duke Health.  Duke’s Identity Management system is comprised of homegrown and open source applications, and the team is primarily focused on engineering. 

This position reports to the Senior Manager of Identity Management within the Office of Information Technology.
 

DUTIES & WORK PERFORMED:   

Develop, maintain, and support Duke’s Identity Management System, including connections to source systems for identity data, processes to normalize person information, and attribute interfaces to provide that information to consumers across the University and Health System. Provide support, implementation, and design services using Azure Active Directory across Azure.  Extend enterprise authorization management and develop functions to support self-service and automation on services pertaining to authentication, authorization, and account management.  

Team members (including this position) share an on-call rotation to provide Tier 4 support and periodic system maintenance oversight, including off hours.  Strong candidates will share an interest in automating solutions to recurring issues requiring IT support at any tier.

The core infrastructure technology duties include enterprise Azure Active Directory and cloud-based architecture creation, management, and global security and policy configuration within Azure. This role requires an in-depth knowledge of Azure Active Directory, Federation, App registration, and RBAC.

Key Responsibilities:

• Install, configure, and maintain Azure Active Directory and third-party software integration within IdM operational guidelines.
• Create and maintain procedures and documentation for installation, configuration, and appropriate troubleshooting steps.
• Provide guidance with industry best practices related to AAD
• Configuring the synchronization of identities and related attributes from the central Identity Management system and integrating to AAD
• Configuring access control to tenants via groups defined on-premises or Azure AD

Required Skills:

The ideal candidate for this position would have the following qualifications:

QUALIFICATIONS & EXPERIENCE:

• Experience managing AAD in Azure tenants
• Strong understanding of federation, SSO, and SAML
• Strong understanding of access control solutions using groups
• Experience with Azure AD Connect, IAM roles
• Experience with PowerShell and Python Scripting
• Ability to identify, scope, and execute on opportunities for automation or improvement in system architecture

COMPETENCIES AND BEHAVIORS
We’re looking for the next member of our team to bring:

• Curiosity: interest in learning the ins and outs of Identity and Access Management at and beyond Duke.   Enthusiasm about automation to ensure a steady stream of interesting new challenges and constant opportunities for growth
  Autonomy: ability to work with minimal oversight while investigating a problem and scoping out possible solutions.
   
• Teamwork: knowing when it’s time to bring problems back to the team for help or a second opinion.  Equipped with the disposition and desire to share insights and provide mentorship to other colleagues inside the team and outside of the team
• Commitment to quality: passion and active advocacy for best practices in software development and Identity and Access Management; refactoring or replacing code along the way for consistent, incremental improvement.
  Connection to mission: IAM services affect daily life at Duke University and Duke Health.  We’re looking for a team member who believes and executes on going the extra mile to make it easier for people in our community to access the services they need for work, research, and study.  In addition to end user services, we provide tools for developers and other departmental contacts to integrate with our services.  Help Duke meet business needs with security, convenience, and reliability.

EDUCATION AND EXPERIENCE
Bachelor’s degree and 4-7 years relevant work experience, or equivalent combination of education and experience.
BENEFITS
 

Duke’s comprehensive benefits package includes paid time-off (vacation, holidays, sick leave), health, dental, vision, disability and life insurance, educational assistance, and support for professional development and training. As an employee of Duke University you would also enjoy numerous discounted services such as health club memberships, movie tickets, and cell phone services.

ENVIRONMENT

The Office of Information Technology (OIT) is responsible for managing Duke University’s IT infrastructure, service and support including academic research and enterprise applications. OIT provides leadership and expertise in many areas of Information Technology to Duke entities, including faculty, staff, and students. Specific services delivered include voice, data & video communications, institutional email and administrative applications (payroll, financial ledger, student systems etc.), database, web infrastructure, desktop & helpdesk support, student computing, data center services, and high-performance computing & academic software systems. OIT is also responsible for developing/upgrading the physical IT infrastructure around campus and maintaining 23 student computer labs.

OIT is a member of Educause, IVY Plus, National LambdaRail (NLR), and has representation at many of the leading technology consortiums that are driving the future growth and use of technology.

Duke University and Durham are located in the Research Triangle, a region that encompasses one of the nation's premier concentrations of academic, corporate, and public research. The Triangle region is rated among the most desirable areas in North America to live and work and has been identified by Money magazine as one of the "Best Places to Live" in the U.S.

Trustworthiness, respect, diversity, learning and teamwork are the hallmarks of Duke's guiding principles. Our accomplishments are dependent on the dedication and expertise of all who work to support Duke's mission.

Duke is an Affirmative Action/Equal Opportunity Employer committed to providing employment opportunity without regard to an individual's age, color, disability, gender, gender expression, gender identity, genetic information, national origin, race, religion, sex, sexual orientation, or veteran status.

Duke aspires to create a community built on collaboration, innovation, creativity, and belonging. Our collective success depends on the robust exchange of ideas—an exchange that is best when the rich diversity of our perspectives, backgrounds, and experiences flourishes. To achieve this exchange, it is essential that all members of the community feel secure and welcome, that the contributions of all individuals are respected, and that all voices are heard. All members of our community have a responsibility to uphold these values.

Essential Physical Job Functions: Certain jobs at Duke University and Duke University Health System may include essential job functions that require specific physical and/or mental abilities. Additional information and provision for requests for reasonable accommodation will be provided by each hiring department.