Bachelor's degree in computer science, information technology, cybersecurity, or a closely related field, or an equivalent combination of education and directly related experience.
5+ years of progressively responsible experience in information technology, cybersecurity, or identity and access management, including areas such as IAM engineering, systems administration, enterprise application integration, directory services, or authentication services.
4+ years of hands-on experience implementing, configuring, and supporting enterprise IAM platforms and related services, including single sign-on (SSO), multifactor authentication (MFA), directory integrations, and application onboarding.
Experience with scripting, APIs, or automation tools used to support integrations, workflow automation, and operational efficiency.
Hands-on experience with enterprise IAM technologies and protocols such as Okta, SailPoint, Ping Identity, Active Directory, LDAP, SAML, OAuth, OpenID Connect, or similar tools and standards.
Working knowledge of IAM architecture and core identity services, including single sign-on (SSO), multifactor authentication (MFA), directory services, role-based access, provisioning, and deprovisioning.
Knowledge of information security principles and access governance practices, including least privilege, role governance, secure authentication, and audit readiness.
Ability to troubleshoot complex technical issues, evaluate solution options, and implement sustainable improvements in a dynamic environment.
Ability to communicate technical concepts clearly and effectively with technical teams, support staff, vendors, and business stakeholders.
Master's degree in computer science, information
Benefits
Vision insurance
Additional Information
Engineering a world of possibilities
The Identity Access Management (IAM) Engineer designs, implements, and supports enterprise identity services that enable secure, reliable access to university systems, data, and applications. This role engineers and administers IAM solutions across the institution, including single sign-on (SSO) integrations for applications at Mines, authentication services, directory integrations, and identity lifecycle processes. The IAM Engineer advances identity services through automation, scalable design, and continuous improvement, and partners with stakeholders across IT and the institution to deliver solutions aligned with security, compliance, and operational best practices.
This position currently operates in a hybrid work model with regular campus presence required. Work arrangements are subject to change based on institutional needs. The successful candidate must be able to commute to campus in Golden, Colorado.
Primary Responsibilities
IDENTITY SYSTEM ADMINISTRATION
Design, implement, administer, and continuously improve enterprise IAM services and integrations that protect institutional systems, data, and applications.
Configure and maintain IAM platforms, authentication services, directory services, and related integrations, including documentation, configuration standards, and operational procedures.
Lead and support single sign-on (SSO) and multifactor authentication (MFA) integrations for applications at Mines through the university's enterprise identity platform, Okta, in partnership with vendors and campus stakeholders.
Troubleshoot and resolve IAM-related issues, implement enhancements, and optimize services to improve reliability, performance, and user experience while minimizing technical debt.
Create and maintain technical documentation, knowledge base content, and operational guidance, and provide knowledge transfer and training to support staff, system administrators, and other IT partners.
Collaborate with teams across IT and institutional stakeholders to ensure identity services align with security, infrastructure, application, compliance, and business requirements.
STRATEGY DEVELOPMENT
Plan, design, and enhance IAM solutions, workflows, and automation that support scalable, consistent, and secure service delivery.
Develop and refine role-based access models, identity lifecycle standards, and access governance practices that support appropriate access and operational efficiency.
Evaluate current-state services and authentication patterns to identify modernization opportunities, improve usability, and strengthen long-term sustainability.
OUTREACH AND COMMUNICATIONS
Provide guidance and training to support staff and partners to strengthen understanding of IAM services, support processes, and common user issues.
Communicate planned maintenance, service disruptions, and other service impacts to appropriate stakeholders and support teams.
Engage with campus partners and the broader professional community to understand identity-related needs, share knowledge, and support service improvement.
Participate in relevant working groups, communities of practice, and institutional initiatives related to IAM and supporting technologies.
Mines · CO