Identity and Access Management (IAM) Architect
report a problem
|Department:||UW INFORMATION TECHNOLOGY|
|Job Location:||Seattle Campus|
|Closing Info:||Open Until Filled|
|Salary:||Salary is commensurate with experience and education.|
|Notes:||As a UW employee, you will enjoy generous benefits and work/life programs. For detailed information on Benefits for this position, click here.
If you would like to find out more about what it is like to work for UW-IT, as well as to get a feel for our culture and our people, visit us at our employment website.
The University of Washington (UW) is proud to be one of the nation’s premier educational and research institutions. Our people are the most important asset in our pursuit of achieving excellence in education, research, and community service. Our staff not only enjoys outstanding benefits and professional growth opportunities, but also an environment noted for diversity, community involvement, intellectual excitement, artistic pursuits, and natural beauty.
UW-IT has an outstanding full time opportunity for an Identity and Access Management Architect.
UW-IT is seeking an Identity and Access Management (IAM) Architect to help shape the future of digital identity at the University and beyond. The evolution of digital identity presents many opportunities and challenges to institutions like the UW that discover and distribute knowledge. Identity services are critical to the operations of the University, enabling convenient and safe access to online resources by students, faculty, staff, clinicians, researchers, and their collaborators around the world. Identity services are also critical to the strategic direction of education and research, both within our community and across society at large. Scholars and researchers need digital identities that express their scholarly attributes, as well as claims about related work, publications, degrees, credentials, competencies, and other achievements. We need an architect who can collaborate with us and our stakeholders to ensure that identity services enable access today, while promoting confidence, choice, and innovation within the education and research community into the future.
Our IAM team is a sought-after partner on many strategic projects and initiatives within our local community and beyond. Yet we have opportunities to help small teams and many individuals on a daily basis. We are committed to:
- Customer service, clear communication, and user-centered design
- Teamwork, transparency, self-motivation, and individual accountability
- A collaborative workplace that promotes cross-disciplinary interaction
- Agility, responsiveness, and iterative means of delivering strategic value sooner
- Self-directed time for learning, innovation, and professional development
- Effective use of tools and processes to free people to do what they do best
- A healthy work/life balance, where our best work happens in 40-hour work weeks
By applying for this position you are telling us that:
- Your understanding and curiosity about digital identities is matched by your passion to help others use them.
- You believe in open engagement, dialog, and clear communication as the foundations to effective partnerships.
- You are driven to understand others and ask yourself questions like "What are their needs?" and "What are they trying to do?"
- Your decisions are guided by vision, informed by data and process, and driven by a desire to make things work better.
- You are motivated to work in higher education, at a public institution, and, more specifically, at the UW.
The IAM Architect leads our architecture practices and aligns our architecture vision with our principles and service goals. These practices include: developing criteria and consensus on how we measure strategic architecture value; overseeing the research, evaluation, selection, and evolution of IAM protocols and technologies in our environment; and collaborating with software engineers, technical and functional leads, and other stakeholders to design and deliver IAM services to our customers. Community outreach and collaboration is fundamental to this position. The IAM Architect will share and validate plans with the UW community and with peers in the wider IAM community, providing input and leadership to advance open standards development and the sourcing of software solutions that support education and research.
DAY IN THE LIFE
- Collaborate with teammates on a UML sequence diagram that illustrates how we might add RFC7662 Token Introspection to our OAuth infrastructure.
- Join an InCommon Working Group conference call to discuss operating practices on coordinated responses to federated SECURITY incidents.
- Reflect on a draft specification on OpenID Connect Federation, and contribute to related email list discussion.
- Visit the eScience Institute on campus to learn how an open science project relies on federated identities and ORCID identifiers.
- Review "strategy on a page" documents with other architects and discuss implications on future-state architecture.
- Instant message with a developer to clarify API documentation for linking institutional identities with social identities.
- Update wiki documentation describing principles behind the adoption of open vs proprietary protocols.
Bachelor's degree in Computer Science, Systems Analysis, Information Management, or related field, or equivalent experience.
Minimum work experience:
- Minimum of five years experience performing progressively more complex tasks and responsibilities participating in or leading IAM architecture and design activities to inform strategy development, technology selection, implementation projects, operations, and workforce planning.
- Ability to clearly communicate the capabilities, functions, and processes of enterprise IAM programs (e.g. identity registration, credential management, provisioning, authentication, access governance).
- Demonstrated expertise with open interoperable technical standards (e.g. SAML, OpenID Connect) used for federated authentication, multi-party federation metadata management, and identity assurance.
- Demonstrated expertise designing service interfaces (preferably REST APIs) and applying technical standards (e.g. OAuth) to enable and protect API access while meeting enterprise architecture, SECURITY, and privacy needs.
- Experience with IAM requirements for cloud-based services, including strategies, trust models, and open standards (e.g. SAML, OAuth, SCIM) used to improve manageability, access governance, provisioning, information SECURITY, and privacy.
- Ability to analyze alternative architectures and service designs and communicate their potential strategic and tactical benefits and risks in terms of business and architecture value.
- Ability to remain unbiased toward specific vendors, other service providers, and sources of technology, advocating for business and architecture value over personal background and preferences.
- Excellent interpersonal skills in areas such as collaboration, teamwork, facilitation, and negotiation.
- Effective leadership skills for building consensus and fostering relationships in diverse stakeholder communities.
- Excellent written and verbal communication skills.
- Excellent analytical ability.
Equivalent education/experience will substitute for all minimum qualifications except when there are legal requirements, such as a license/certification/registration.
- Familiarity with IAM initiatives, architectures, solutions, technologies, and standards developed in and for the research and education community (e.g. Internet2 TIER, InCommon, eduGAIN, Shibboleth, Grouper, eduPerson, eduroam, REFEDS, ORCID).
- Experience designing and building IAM solutions that integrate applications and other services with IAM services, align IAM processes with business processes, and identify required governance and policy needs for campus and federated use cases. Experience with standards development processes and bodies, particularly open standards bodies and other groups developing standards related to digital identity (e.g. IETF, Kantara, OIDF, OASIS, FIDO, IDESG, W3C).
- Experience with access control modeling methodologies (e.g. RBAC, ABAC), authorization policy management, and risk-based methods of access lifecycle management for applications and data.
- Familiarity with existing architectures for user authentication and SSO for native mobile applications, and an ability to evaluate emerging solutions to improve privacy, SECURITY, and user experience.
- Familiarity with national and international initiatives, groups, and projects (e.g. NSTIC, IDESG, InCommon, REFEDS, OIX) working to improve the SECURITY, privacy, and convenience of online transactions involving trusted digital identities.
- Familiarity working with privacy professionals to ensure practices (such as privacy impact assessments) exist to identify privacy obligations and to include privacy-sensitive thinking in IAM solutions and architectures.
- Experience operating and maintaining IAM infrastructure, leading or participating in their day-to-day operations and maintenance, as well as monitoring, reporting, and auditing technical, SECURITY, and business activities.
- Experience estimating the financial cost of alternative technical architectures and solutions.
- Experience developing and applying enterprise architecture principles and practices.
- Knowledge of or experience applying IT service management practices (e.g. ITIL) to strategy and design.
- Experience applying master data management principles and practices.
- Ability to manage multiple priorities and ambiguous timelines, working independently, with minimal supervision.
- Experience in a major research University setting.
CONDITION OF EMPLOYMENT:
Appointment to this position is contingent upon obtaining satisfactory results from a criminal background check.
The application process for UW positions may include completion of a variety of online assessments to obtain additional information that will be used in the evaluation process. These assessments may include Work Authorization, Criminal Conviction History, Cover Letter and/or others. Any assessments that you need to complete will appear on your screen as soon as you select “Apply to this position”. Once you begin an assessment, it must be completed at that time; if you do not complete the assessment you will be prompted to do so the next time you access your “My Jobs” page. If you select to take it later, it will appear on your "My Jobs" page to take when you are ready. Please note that your application will not be reviewed, and you will not be considered for this position until all required assessments have been completed.
Share this job:
University of Washington
Founded in 1861, the University of Washington is one of the oldest state-supported institutions of higher education on the West Coast and is one of the preeminent research universities in the world. Located minutes from downtown Seattle, the main UW campus provides gorgeous views of the Cascade and Olympic mountain ranges and, every spring, attracts visitors from all over to world who come to witness the blooming of its cherry blossom trees. As the state’s flagship university, the UW serves more students than any other institution in the Northwest. In addition to its Seattle campus, the University has thriving campuses in Tacoma and Bothell and a robust professional and continuing education program. Anyone can enjoy and be enriched by all the UW has to offer, including world-class libraries, art, music, drama, sports and the highest quality medical care in Washington state. Being public also means being engaged with our communities, and through knowledge and discovery we are elevating the quality of lives of others.
Company Industry: Education Management
Company Type: Educational
Company Size: 10,001+
Company Type: Educational
Company Size: 10,001+