You are viewing a preview of this job. Log in or register to view more details about this job.

Identity and Access Management Administrator, Senior

OPENING DATE: 05/24/22
CLOSING DATE: 06/07/22 11:59 PM Central Time
JOB TYPE: Full-time
LOCATION: Downtown Minneapolis, Minnesota
DEPARTMENT: Information Technology

THE POSITION
The Identity and Access Management (IAM) team in Hennepin County's Information Security division is seeking a Senior IAM Administrator. This position is responsible for enterprise Identity and Access Management (IAM) services and solutions at Hennepin County. Solutions and services include privileged access management (PAM), identity governance and administration (IGA), single sign-on (SSO), self-service password reset (SSPR), and multi-factor authentication (MFA).
 
Location and hours:
This position is remote. Remote workers may be required to come on-site an average of 0 to 12 days a year for work meetings, trainings, or for any other reasons that their supervisor may deem necessary (may include additional days for onboarding and new employee training). Supervisors will provide as much advance notice as practicable. Work hours will be Monday through Friday, between 7 a.m. to 5 p.m., with flexibility. This position requires the ability to occasionally work after hours and be on-call on a rotating basis. 

While this position is designated as remote, based on current requirements hires must reside in Minnesota or Wisconsin.   

New employees who are hired into remote or hybrid positions between January 2, 2022 to December 31, 2024, will receive $500 toward the cost of establishing consistent internet connectivity, payable upon completion of 6 months of employment.  

About the position:
This is a full-time, benefit earning position. 
This position is internally classified as a Senior IT Administrator within the Information Technology (IT) Administrator job class series. 
Click here to view the job classification specification.

At this time, employees may be eligible to receive an additional cash merit of up to $2,325.83 that can be earned annually based on performance.

Effective September 1, 2021, all new job offers are conditional based on the candidate being fully vaccinated for COVID-19. “Fully vaccinated” means 14 days after receiving the second dose in a two-dose vaccination series approved by the U.S. Food and Drug Administration (FDA) on a full or emergency-use basis, or 14 days after receiving a single-dose vaccine approved by the FDA on a full or emergency-use basis. After a conditional job offer is made, the candidate must show proof of full vaccination prior to their start date. A COVID-19 vaccination card from the Center for Disease Control and Prevention (CDC), a vaccination record from your doctor’s office or a personal digital vaccination record constitutes sufficient “proof.” The candidate must also attest they are vaccinated by completing a form on the first day of employment. Reasonable accommodations to this vaccination requirement will be considered upon request by a candidate for medical or religious reasons as required by applicable law.  
 
In this position, you will:
  • Build, administer, and support enterprise identity management and governance solutions and services. 
  • Administer critical identity services such as the privileged access management (PAM), identity lifecycle, multi-factor authentication (MFA), self-service password reset (SSPR), and single sign-on (SSO).
  • Lead application onboarding activities for identity management.
  • Ensure identity management systems implement and enforce access controls and frameworks such as Role Based Access Control (RBAC) and least privilege. 
  • Lead improvements to Identity and Access Management processes and services via identity management solutions, cross-team collaboration, or business process change.
  • Provide subject matter expertise and technical leadership on IT projects.

Need to have:
  • One of the following:
  • Bachelor's degree or higher in computer science/engineering, or a related information technology field and three years or more of IT administration or IT network administration experience.
  • Associate/vocational/technical degree in an information technology field and five years or more of experience in information technology.
  • Seven years or more of information technology experience.

Nice to have:
  • Experience with:
  • Administration and support of identity management and governance tools.
  • Enterprise directory and directory integration services (e.g., Active Directory, Azure Active Directory, LDAP, PKI).
  • Identity lifecycle management, multi-factor authentication (MFA), self-service password reset (SSPR), and single sign-on (SSO).
  • Planning, building, and managing solutions that scale in an enterprise environment.
  • Knowledge of and experience with:
  • Privileged access management solutions and processes.
  • SailPoint IdentityNow and/or Microsoft Identity Manager 2016.
  • Active Directory, Azure AD (e.g. Conditional Access, SSO, and Graph API), Azure AD B2C and B2B, Exchange Online, and NTFS.
  • PowerShell.
  • Application integrations via APIs.
  • Authentication protocols such as Kerberos, SAML 2.0, OAUTH, and Open ID Connect.
  • Knowledge of infrastructure security, including cloud, Windows, Unix/Linux, desktop and mobile.
  • Ability to:
  • Implement functionality provided by identity management solutions, enterprise directory services, and access management solutions.
  • Evaluate critical systems, prioritize workflow, and determine solutions.
  • Research and advise on IAM trends and capabilities.
  • Use data analysis to drive service improvement.
  • Learn new tools, processes, and work methods based on business needs.
  • Communicate via written, verbal, and presentation style to individuals of varying technical abilities and job function.

About the department: 
Technology is the foundation of our work – and the work of every county employee. The Information Technology department is here to help our employees work smarter, faster and better. They are made up of 6 divisions: business solutions, enterprise architecture, enterprise development, finance and support services, operations, and special projects.
 
About Hennepin County:
Hennepin is the largest county government organization in Minnesota. Our employees work every day to improve the health, safety and quality of life for our residents and communities. All of our jobs align to one or more of our overarching goals -- that Hennepin County residents are healthy, protected and safe, self-reliant, assured due process, and mobile.
 
Our employees receive a combination of generous benefits and positive workplace culture not found at other organizations. This includes meaningful work that impacts our community, competitive pay, work-life balance, a variety of benefits and opportunities to grow. Learn more at www.hennepin.us/employees.
 
Hennepin County envisions an organization where our commitment to diversity and the reduction of disparities is fundamental in providing excellent service to our community.
 
Your future. Made here.

This position may have access to systems or other documentation that contains HIPAA data.  

Candidates must have a right to work in the U.S. that is not based solely on possession of a student visa or a visa sponsored by an employer.
 
Invitations to interview will be based upon an assessment of education and experience. Final candidates will be required to complete a background check.