Unpublished
Job Title: Identity and Security Systems Administrator
Regular/Temporary: Regular
Full/Part Time: Full-Time
Job ID: 24808
Job Code: 0410 Operating Systems Analyst -12
Department: Computing Services
|
||||||||||||||||||||||||
|
||||||||||||||||||||||||
About the Position
|
||||||||||||||||||||||||
The Identity and Security Systems Administrator designs, implements and administer s campus-wide identity and information security systems. The incumbent¿s core responsibilities are to maintain systems (i.e. active directory, automated identity provision using FIM, SSO service using Okta/Shibboleth, IBM Big Fix patching and more); Proactively seek feedback and make recommendations to ensure users/departments have most up to date technological solutions to perform their job and serve the university community effectively; and consult with campus technical staff, customers and constituents to provide reliable and secure centralized services as well as document critical assets and serve as liaison/consultant to departments.
Responsibilities include but are not limited to the following: 1. Active Directory Administration: -System Administrator for SJSU central Active Directory. Maintain security groups, group policies, user accounts, computer accounts, group policy and delegates access. -Define and execute ongoing administration and directory maintenance programs, procedures and operations including troubleshooting of system failures and ensuring business continuity. -Maintain internal DNS, updates, deletions, etc. -Maintain internal Radius service for campus Wi-Fi. -Diagnose, resolve, and communicate advanced problems. -Communicate with internal and external technicians, vendors, and stakeholders. -Collaborate with Identity Programmers to code, test, automate, and document processes through Microsoft FIM 2010 R2 and other tools. -Maintain and document security, integrity, business continuity, compliance and controls of AD environment when designing solutions. -Train various department desktop support technicians. 2. Single Sign-On Application & Server Administration -System administrator for external Identity Management Tools. -Specify Virtual Machines, install software, patches and maintain system in support of Identity and Security services. -Implement software solutions for integration of Unix/Linux/Mac into Active Directory. -Communicate with internal and external technicians, vendors, and stakeholders. Diagnose problems and proposes solutions. -Current knowledge on emerging tools, techniques and technologies. -Perform as primary server, application, and support contact for Shibboleth Single Sign On application integrations. 3. Information Security Application Administration - System Administrator for Patch Management software: -Perform system Administrator for Patch Management software IBM Big-Fix -Perform system Administration for all IEM Servers -Maintain minimum patch baseline for SJSU workstations and servers as per recommendation through QualysGuarad scan reports, remediate all the vulnerabilities finding in the reports, manages software inventory, implements policies, configuration changes, etc. -Maintain groups within software, delegate access, suggests improvements, and troubleshoot issues with campus technicians. -Train campus technicians on usage of tools, troubleshoots technical issues and ensures secure operation of campus Servers and Workstations. -Update and maintain critical AD services and other system accounts password in Thycotic Secret Server. |
||||||||||||||||||||||||
|
||||||||||||||||||||||||
|
||||||||||||||||||||||||
Minimum Qualifications
|
||||||||||||||||||||||||
Bachelor's degree, preferably in computer science, mathematics, or a related technical field, or equivalent technical training and/or experience and three years of operating systems experience.
|
||||||||||||||||||||||||
|
||||||||||||||||||||||||
|
||||||||||||||||||||||||
Preferred Qualifications
|
||||||||||||||||||||||||
-Minimum two years of experience in Microsoft Active Directory administration
-Experience with DNS and Radius administration within Microsoft Active Directory -Experience with Microsoft AD Lightweight Directory Services -Experience documenting processes |
||||||||||||||||||||||||
|
||||||||||||||||||||||||
|
||||||||||||||||||||||||
Knowledge, Skills & Abilities
|
||||||||||||||||||||||||
-Knowledge and technical proficiency in Microsoft Active Directory 2016/2012 and 2008 administration including ADUC, and GPO management on the enterprise level.
-Working knowledge of Administration of AD management through Quest AD integration tool. -Working knowledge of DNS and Radius administration within Microsoft Active Directory. -Working knowledge of AD organizational units, user objects, computer objects, attributes, etc. -Ability to determine overall functional and technical system requirements and specifications using structured design analysis techniques. -Ability to maintain confidentiality and appropriately handle sensitive communications with employees and external agencies. -Knowledge of Microsoft FIM 2010 R2 or similar Identity Management Application. -Knowledge of Microsoft AD Lightweight Directory Services. -Knowledge of Shibboleth 3.0, SAML2, Okta and Single Sign On. -Working knowledge of current patch management technologies (IBM BigFix, Microsoft SCCM 2012 R2, etc.) -Working knowledge for QualysGuard scan reporting system. -Knowledge of maintaining workstation and patch server baselines for proactive threat management across multiple operating systems in an enterprise setting. -Ability to stay current on knowledge of emerging tools, techniques and technologies. -Knowledge of installation packages, command line switches, etc. -Ability to identify and remediate issues which create a negative impact on user experience, and create/follow a clear testing plan. -Ability to effectively communicate patch baseline changes to department technicians and document exceptions. -Working knowledge of network infrastructure and firewalls. -Ability to analyze, preserve, track, and document processes across multiple systems. -Knowledge of Database and other application systems. -Ability to communicate and work with campus technicians and external technicians to ensure adequate segmentation. -Ability to effectively establish and maintain cooperative working relationships within a diverse multicultural environment. -Ability to perform work lead duties as documented in the classification standards for this position. This includes conducting performance evaluations, and providing work direction or feedback. -Ability to apply campus information security policy and standards to develop specific security requirements. -Ability to apply security models and frameworks to ensure appropriate security is maintained. |
||||||||||||||||||||||||
|
||||||||||||||||||||||||
|
||||||||||||||||||||||||
Posting Date
|
||||||||||||||||||||||||
October 26, 2018
|
||||||||||||||||||||||||
|
||||||||||||||||||||||||
|
||||||||||||||||||||||||
Application Screening
|
||||||||||||||||||||||||
Application Screening begins November 10, 2018
Applications received before that date will receive first consideration. This position is open until filled; however, applications received after screening has begun will be considered at the discretion of the university. |
||||||||||||||||||||||||
|
||||||||||||||||||||||||
|
||||||||||||||||||||||||
Required Application Material
|
||||||||||||||||||||||||
Resume-PDF
Letter of interest-PDF List of References-PDF Please note that failure to completely fill out each section of the online application may result in your application not receiving consideration. |
||||||||||||||||||||||||
|
||||||||||||||||||||||||
|
||||||||||||||||||||||||
Additional Information
|
||||||||||||||||||||||||
Satisfactory completion of a background check (including a driminal records check) is required for employment. SJSU will issue a conditional offer of employment to the selected candidate, which may be rescinded if the background check reveals disqualifying information, and/or it is discovered that the candidate knowingly withheld or falsified information. Failure to satisfactorily complete the background check may affect the continued employment of a current CSU employee who was conditionally offered the position.
The standard background check includes: criminal check, employment and education verification. Depending on the position, a motor vehicle and/or credit check may be required. All background checks are conducted through the university's third party vendor, Accurate Background. SJSU will pay all costs associated with this procedure. Evidence of required degree(s) or certification(s) will be required at time of hire. SJSU IS NOT A SPONSORING AGENCY FOR STAFF OR MANAGEMENT POSITIONS. (i.e. H1-B VISAS) All San José State University employees are considered mandated reporters under the California Child Abuse and Neglect Reporting Act and are required to comply with the requirements set forth in CSU Executive Order 1083 as a condition of employment. |
||||||||||||||||||||||||
|
||||||||||||||||||||||||
|
||||||||||||||||||||||||
Equal Employment Statement
|
||||||||||||||||||||||||
SJSU is an Equal Opportunity Affirmative Action employer. We consider qualified applicants for employment without regard to race, color, religion, national origin, age, gender, gender identity/expression, sexual orientation, genetic information, medical condition, marital status, veteran status, or disability.
It is the policy of SJSU to provide reasonable accommodations for applicants with disabilities who self disclose. |
||||||||||||||||||||||||
|
||||||||||||||||||||||||
|
||||||||||||||||||||||||
Contact Information
|
||||||||||||||||||||||||
One Washington Square San Jose, CA 95192-0046
Phone: 408-924-2250 |
||||||||||||||||||||||||
|
||||||||||||||||||||||||
|