Apply on Employer Site

University of California, San Francisco · 16 hours ago

Senior Credential Administrator

San Francisco, CA

Full-time

Onsite

Senior Level

$118K/yr - $269K/yr

7+ years exp

The University of California, San Francisco (UCSF) is a leading academic healthcare organization, and they are seeking a Senior Credential Administrator for their Identity and Access Management team. This role involves overseeing IAM solutions, ensuring secure access to information systems, and collaborating with various departments to enhance the university's security posture.

AssociationBiotechnologyEducationMedicalPharmaceutical

No H1B

Hiring Manager

Ricardo Moran, RACS

Responsibilities

Serve as a key strategic leader in the university's digital identity and access management initiatives

Drive the development and implementation of advanced IAM solutions across all departments

Oversee the creation and maintenance of university IDs for faculty, staff, and students

Ensure the IAM infrastructure supports secure, efficient, and scalable access to critical information systems and resources

Play a key role in the design, implementation, and optimization of badge login solutions to enhance secure authentication, single sign-on (SSO), and identity governance

Collaborate with university leadership and various departments to establish and enforce best practices

Leverage cutting-edge technologies for identity lifecycle management

Work closely with Security Operations to proactively address and mitigate security incidents related to identity and access

Mentor the IAM team and guide the resolution of complex issues

Shape policies that enhance the university's security posture

Strategically allocate departmental resources to align with the university's overarching goals

Qualification

Imprivata OneSignMicrosoft Active DirectoryIdentity managementMultifactor authenticationIdentity lifecycle managementPowerShell scriptingZero-trust security modelsHealthcare IT regulationsData encryption technologiesIncident responseIAM toolsTechnologiesTechnical documentationCommunication skillsProblem-solving skillsTeam collaborationSelf-motivation

Required

Bachelor's Degree or four years of equivalent experience/training in computer science, information technology, cybersecurity, or related field

Seven (7) years or more of experience working in one or more of the following fields: information technology, cybersecurity, computer science, management, higher education, or a related field

Expert knowledge administering Imprivata OneSign or other identity/access management solutions in production for a large complex organization

Expert knowledge administering Microsoft Active Directory (AD) in a large, complex, multi-domain environment

Expert knowledge of identity management, multifactor authentication, privileged access management, identity verification and authentication methods, including password management, MFA, and single sign-on (SSO)

Extensive knowledge of Active Directory, Azure AD, LDAP, SAML, OAuth, single sign-on technologies (SSO), and multi-factor authentication (MFA) solutions

Demonstrated industry-level experience strategically managing user credentials across various systems and platforms, ensuring the secure provisioning, maintenance, and revocation of user credentials

Experience integrating badge login solutions (e.g., Imprivata) with HER/EMR systems (Epic, Cerner), Citrix, VMware, and cloud IAM or similar platforms

Strong PowerShell scripting skills

Familiarity with zero-trust security models, privileged access management (PAM) and endpoint security

Understanding of healthcare IT regulations (HIPAA, HITRUST, NIST 800-53, etc.) Extensive knowledge of regulatory requirements, such as GDPR and FERPA, governing credential management in higher education institutions

Broad knowledge of data encryption technologies and experience selecting and applying appropriate data encryption technologies

Expert knowledge of computer security best practices and policies, particularly in the context of IAM. Ability to contribute to institution-wide policy efforts

Expert experience determining how IAM systems should operate most efficiently and understanding the impact of changes to these systems on outcomes, operations, and business objectives

Advanced experience in incident response and digital forensics including reporting

Advanced ability to write and edit technical documentation in a clear and concise manner, ensuring that all relevant stakeholders understand the systems and processes being described

Expert knowledge of the design, development, and application of technology and systems to meet business needs, paired with a clear understanding of system performance monitoring and ways to improve or correct performance

Comprehensive understanding of systems-related issues and the potential impact of system management actions on other systems, users, and dependent/related functions. Demonstrated skills associated with adapting equipment and technology to serve user needs. Demonstrated comprehensive understanding of how system management actions affect other systems, system users, and dependent/related functions

Expert experience writing and editing complex scripts used for system maintenance and administration

Demonstrated knowledge, skills, and abilities associated with system problem identification and resolution, including design, configuration, operation, repair, and tuning of technology systems

Extensive familiarity with IAM tools and technologies, such as identity governance and administration (IGA) platforms, directory services, and identity federation protocols

Exceptional communication and interpersonal skills, with demonstrated ability to collaborate effectively with diverse stakeholders at all levels, and to lead and mentor a team

Demonstrated self-motivation, strong problem-solving skills, effective learning abilities, and a commitment to meeting deadlines, both independently and as part of a team

This position requires on-site work based on business needs. Also, we are not sponsoring any type of Visa's

Preferred

Ten years or more of experience working in one or more of the following fields: information technology, cybersecurity, computer science, management, higher education, or a related field

Expert knowledge of identity standards and protocols, such as OpenID Connect, SCIM, and OAuth 2.0

Extensive expertise with identity lifecycle management tools (e.g., Microsoft Identity Manager, ForgeRock Identity Platform)

Experience in complex higher education environments, serving academic, medical, and research and administrative functions of a large public university