Identity & Access Management Engineer I/II/III
Central Michigan University
Mount Pleasant, MI
IDENTITY & ACCESS MANAGEMENT ENGINEER I/II/III Position Number: S-3852 Position Summary: The Identity and Access Management (IAM) Engineer is a member of the Information Security Office within the Office of Information Technology (OIT) assisting in the management of identities, authorization, and authentication services for Central Michigan University. This position will develop, implement, enhance, integrate, and maintain IAM tools, technologies and services, and work with campus departments on integrating new software and/or services into our authentication and authorization platforms. Secondary responsibilities may include other information security and information technology administrative activities including leading incident response, vulnerability management, risk assessment, investigations and legal discovery, penetration testing, firewall and IDS/IPS systems tuning, programming, scripting, and automating, data loss prevention, standards development, security awareness, end-point security consultation, web and application security, compliance activities, etc. Required Qualifications: IDENTITY & ACCESS MANAGEMENT ENGINEER I:
Bachelor degree in Computer Science, Management Information Systems, Information Assurance or related field or a combination of comparable work experience in a related field.
Two years of full-time experience working in enterprise information technology support with above degree or six years of full-time experience without degree.
Demonstrated experience with standard authentication protocols and frameworks, such as SAML and OAuth.
Basic knowledge of security processes and procedures relating to the confidentiality, integrity, and availability of information and information systems.
Basic knowledge of information security risk assessment and management processes and standards.
Basic knowledge and understanding of security concepts including malware, intrusion detection, risk analysis, and threat/vulnerability management.
Basic knowledge of intrusion detection/prevention systems, SIEMs, and vulnerability scanners.
Experience working with relational database management systems (RDBMS), including Microsoft SQL Server, with the ability to query, troubleshoot, and support custom databases integrated with IAM solutions.
Demonstrated ability to communicate clearly and effectively and project a positive and professional image, and to work in cross-functional teams.
Demonstrated ability to manage timelines and deliverables, to create and manage task lists, and to meet work and project schedules as determined by others.
Ability to communicate effectively, both orally and in writing.
Ability to perform the essential functions of the job. IDENTITY & ACCESS MANAGEMENT ENGINEER II:
All the requirements of Identity & Access Management Engineer I plus:
General knowledge of Active Directory and Azure AD.
Demonstrated ability to research and resolve complex technical issues.
Demonstrated experience working with identity management applications and concepts. IDENTITY & ACCESS MANAGEMENT ENGINEER III:
All the requirements of Identity & Access Management Engineer II plus:
Advanced knowledge of Active Directory and Azure AD.
Demonstrated understanding of IAM concepts (including federation, authentication, authorization, access controls, access control attacks, identity and access management provisioning life cycle), Radius and MFA.
Demonstrated experience with identity and access governance (including role-based access control, access request and certification, user life cycle management processes and change management). SR IDENTITY & ACCESS MANAGEMENT ENGINEER:
All the requirements of Identity & Access Management Engineer III plus:
Demonstrated experience with complex ERP environments, especially related to human resources or enrollment management.
Demonstrated technical architecture experience (i.e., integrating identity management, access management and access governance software into infrastructure and applications).
Demonstrated experience managing projects. Preferred Qualifications: Information security certifications, such as CISSP, CISM, Security+, etc.
Experience working in a higher education environment.
Knowledge of Security Information and Event Management (SIEM) concepts, applications and systems.
Knowledge of ADFS, Azure and Shibboleth
Experience with programming, scripting, and task automation.
Working knowledge of requirements for organizational compliance with multiple laws, regulations, and standards such as PCI-DSS, HIPAA, FERPA, and GLBA. Duties & Responsibilities: IDENTITY & ACCESS MANAGEMENT ENGINEER I:
Account provisioning and lifecycle management.
Troubleshoots authentication and authorization issues.
Researches and monitors the latest identity and access management trends.
Maintains documentation for IAM and other ISO systems as needed.
Identifies, investigates, analyzes, responds to, and reports on security events that occur within the university environment as needed.
Works with OIT personnel to mitigate discovered vulnerabilities in IAM and other systems.
Participates in the design, implementation, and continuous improvement of security service offerings for the ISO.
This position may require occasional weekend and evening assignments as well as availability during off-hours for participation in both scheduled and unscheduled activities.
Investigatory responsibilities that may require discretion and/or interaction with executive, legal, and/or law enforcement staff.
Perform other duties as assigned. IDENTITY & ACCESS MANAGEMENT ENGINEER II:
All the duties of the Identity & Access Management Engineer I plus:
Works with departments on configuring Single Sign-On (SSO) for new and existing applications as necessary.
Assists IAM Engineers in troubleshooting issues with IAM tools and processes.
Assists with the development, implementation, and support of RBAC.
For systems and software applications in scope for IAM Team, reconcile discrepancies between access rights assigned and access rights required for users to perform job duties.
Participates in projects and production support operations focused on implementing Identity and Access Management (IAM) integrations and Roles Based Access Control (RBAC) strategies and integrations. IDENTITY & ACCESS MANAGEMENT ENGINEER III:
All the duties of the Identity & Access Management Engineer II plus:
Develops, implements, enhances, integrates, and maintains IAM tools, technologies and services, including Active Directory, ADFS, F5 APM, Azure and Shibboleth.
Collaborates in the design, implementation, and support of the IAM technologies.
Assists in efficiency improvements by recommending process changes as well as developing solutions to automate and orchestrate repeatable tasks for IAM.
Develops system access and security implementation plans derived from operational customer needs and requests. SR IDENTITY & ACCESS MANAGEMENT ENGINEER:
All the duties of the Identity & Access Management Engineer III plus:
Participates as a subject matter expert in the analysis and design of identity and access management solutions and services.
Identifies the broader impact of current decisions related to user access, data access and information security.
Aligns IAM processes across the University and develop and document standards for university use. Supervision Exercised: None. Employee Group: Professional & Administrative -Salary
Staff Pay Level:
Pay Range: $70,000 - $90,000
Division: President
Department: Information Security - OIT
Position Status: Regular
Position End Date:
Employment Status: Full-Time
FTE: 1.0
Position Type: 12 month
Weekly Work Schedule: 8am-5pm, M-F, occasional weekends and evenings
Location: Mount Pleasant, MI
Posting Ends:
Open Until Filled: Yes About the Department: About CMU: Central Michigan University has a more than 125-year legacy of preparing students to become leaders and changemakers in their communities and in their personal and professional lives. We serve nearly 15,500 students on our Mount Pleasant campus, in satellite locations around the state and throughout the country, and through flexible online programs. Many of our approximately 300 undergraduate, masters, specialist and doctoral programs in the arts, media, business, education, human services, health professions, liberal arts, social sciences, medicine, science and engineering are nationally ranked for excellence. CMU leads the nation in leadership development programming through our Sarah R. Opperman Leadership Institute, and we are proud to be among only 5% of U.S. universities in the top two Carnegie research classifications. Our faculty work with graduate and undergraduate students in areas such as Great Lakes research, medical innovation, engineering technology and more. Central is home to 17 mens and womens Division 1 sports including football, basketball, gymnastics, baseball, wrestling and more. Our student-athletes achieve great success in competition and in the classroom, capturing Mid-American Conference championships and maintaining an average cumulative GPA of 3.17. CMU is located in Mount Pleasant, a community that blends the best of small-town living with big-city amenities. Its part of the culturally varied and vibrant Great Lakes Bay Region that also includes Saginaw, Bay City, Midland and the states largest Native American community, centered on the Saginaw Chippewa Isabella Reservation in Mount Pleasant. Area residents enjoy the mix of outdoor activities, cultural events, shopping and dining options, and family attractions. Other major Michigan destinations and attractions - Lansing, Grand Rapids, Detroit, Traverse City, wineries, beaches, golf and ski resorts, and many more - are within easy reach of the citys central location in Michigans Lower Peninsula. CMU employees enjoy access to a nationally recognized wellness program along with health care and benefits that exceed regional, state and national norms. CMU Leadership Standards: Central Michigan University is a place where we value students and work for their success, where we act as family, and where employees are engaged, appreciated and have extraordinary opportunities to make a difference. We intentionally maintain and strengthen the hallmark CMU culture that sets us apart from our peers by expecting CMU leaders and employees to model the following Leadership Standards and develop them within their teams. Please review the Leadership Standards before applying for this position. Message to Applicants: Central Michigan University is dedicated to fostering an environment that is reflective of the communities we serve. We are especially interested in highly qualified candidates who will advance and promote CMUs mission, vision, and leadership standards. You must submit an on-line application in order to be considered as an applicant for this position. Cover letters may be addressed to the Hiring Committee. This position will remain open until filled. The university reserves the right to close the recruitment process once a sufficient applicant pool has been identified. For best consideration, please submit application materials on or before April, 27th 2026. To apply, visit CMU is an Equal Opportunity Employer and institution. CMU does not discriminate against persons based on age, color, disability, ethnicity, familial status, gender, gender expression, gender identity, genetic information, height, marital status, national origin, political persuasion, pregnancy, childbirth or related medical conditions, race, religion, sex, sex-based stereotypes, sexual orientation, transgender status, veteran status, or weight. If you wish to see "Know Your Rights " posters, please click here . CMU does not discriminate on the basis of sex in the education program or activity that it operates, including admission and employment, and is required by Title IX of the Education Amendments of 1972 not to discriminate in such a matter. Inquiries about the application of Title IX can be made to CMUs Title IX Coordinator, the US Department of Educations Assistant Secretary, or both. CMUs Title IX Coordinator can be reached at: Phone: 989-774-3253
Office: 103 E. Preston St.
Bovee University Center, suite 306
Mount Pleasant, MI 48858
Email: [email protected] jeid-503cf627f6419b479d8727502d6771e0
Bachelor degree in Computer Science, Management Information Systems, Information Assurance or related field or a combination of comparable work experience in a related field.
Two years of full-time experience working in enterprise information technology support with above degree or six years of full-time experience without degree.
Demonstrated experience with standard authentication protocols and frameworks, such as SAML and OAuth.
Basic knowledge of security processes and procedures relating to the confidentiality, integrity, and availability of information and information systems.
Basic knowledge of information security risk assessment and management processes and standards.
Basic knowledge and understanding of security concepts including malware, intrusion detection, risk analysis, and threat/vulnerability management.
Basic knowledge of intrusion detection/prevention systems, SIEMs, and vulnerability scanners.
Experience working with relational database management systems (RDBMS), including Microsoft SQL Server, with the ability to query, troubleshoot, and support custom databases integrated with IAM solutions.
Demonstrated ability to communicate clearly and effectively and project a positive and professional image, and to work in cross-functional teams.
Demonstrated ability to manage timelines and deliverables, to create and manage task lists, and to meet work and project schedules as determined by others.
Ability to communicate effectively, both orally and in writing.
Ability to perform the essential functions of the job. IDENTITY & ACCESS MANAGEMENT ENGINEER II:
All the requirements of Identity & Access Management Engineer I plus:
General knowledge of Active Directory and Azure AD.
Demonstrated ability to research and resolve complex technical issues.
Demonstrated experience working with identity management applications and concepts. IDENTITY & ACCESS MANAGEMENT ENGINEER III:
All the requirements of Identity & Access Management Engineer II plus:
Advanced knowledge of Active Directory and Azure AD.
Demonstrated understanding of IAM concepts (including federation, authentication, authorization, access controls, access control attacks, identity and access management provisioning life cycle), Radius and MFA.
Demonstrated experience with identity and access governance (including role-based access control, access request and certification, user life cycle management processes and change management). SR IDENTITY & ACCESS MANAGEMENT ENGINEER:
All the requirements of Identity & Access Management Engineer III plus:
Demonstrated experience with complex ERP environments, especially related to human resources or enrollment management.
Demonstrated technical architecture experience (i.e., integrating identity management, access management and access governance software into infrastructure and applications).
Demonstrated experience managing projects. Preferred Qualifications: Information security certifications, such as CISSP, CISM, Security+, etc.
Experience working in a higher education environment.
Knowledge of Security Information and Event Management (SIEM) concepts, applications and systems.
Knowledge of ADFS, Azure and Shibboleth
Experience with programming, scripting, and task automation.
Working knowledge of requirements for organizational compliance with multiple laws, regulations, and standards such as PCI-DSS, HIPAA, FERPA, and GLBA. Duties & Responsibilities: IDENTITY & ACCESS MANAGEMENT ENGINEER I:
Account provisioning and lifecycle management.
Troubleshoots authentication and authorization issues.
Researches and monitors the latest identity and access management trends.
Maintains documentation for IAM and other ISO systems as needed.
Identifies, investigates, analyzes, responds to, and reports on security events that occur within the university environment as needed.
Works with OIT personnel to mitigate discovered vulnerabilities in IAM and other systems.
Participates in the design, implementation, and continuous improvement of security service offerings for the ISO.
This position may require occasional weekend and evening assignments as well as availability during off-hours for participation in both scheduled and unscheduled activities.
Investigatory responsibilities that may require discretion and/or interaction with executive, legal, and/or law enforcement staff.
Perform other duties as assigned. IDENTITY & ACCESS MANAGEMENT ENGINEER II:
All the duties of the Identity & Access Management Engineer I plus:
Works with departments on configuring Single Sign-On (SSO) for new and existing applications as necessary.
Assists IAM Engineers in troubleshooting issues with IAM tools and processes.
Assists with the development, implementation, and support of RBAC.
For systems and software applications in scope for IAM Team, reconcile discrepancies between access rights assigned and access rights required for users to perform job duties.
Participates in projects and production support operations focused on implementing Identity and Access Management (IAM) integrations and Roles Based Access Control (RBAC) strategies and integrations. IDENTITY & ACCESS MANAGEMENT ENGINEER III:
All the duties of the Identity & Access Management Engineer II plus:
Develops, implements, enhances, integrates, and maintains IAM tools, technologies and services, including Active Directory, ADFS, F5 APM, Azure and Shibboleth.
Collaborates in the design, implementation, and support of the IAM technologies.
Assists in efficiency improvements by recommending process changes as well as developing solutions to automate and orchestrate repeatable tasks for IAM.
Develops system access and security implementation plans derived from operational customer needs and requests. SR IDENTITY & ACCESS MANAGEMENT ENGINEER:
All the duties of the Identity & Access Management Engineer III plus:
Participates as a subject matter expert in the analysis and design of identity and access management solutions and services.
Identifies the broader impact of current decisions related to user access, data access and information security.
Aligns IAM processes across the University and develop and document standards for university use. Supervision Exercised: None. Employee Group: Professional & Administrative -Salary
Staff Pay Level:
Pay Range: $70,000 - $90,000
Division: President
Department: Information Security - OIT
Position Status: Regular
Position End Date:
Employment Status: Full-Time
FTE: 1.0
Position Type: 12 month
Weekly Work Schedule: 8am-5pm, M-F, occasional weekends and evenings
Location: Mount Pleasant, MI
Posting Ends:
Open Until Filled: Yes About the Department: About CMU: Central Michigan University has a more than 125-year legacy of preparing students to become leaders and changemakers in their communities and in their personal and professional lives. We serve nearly 15,500 students on our Mount Pleasant campus, in satellite locations around the state and throughout the country, and through flexible online programs. Many of our approximately 300 undergraduate, masters, specialist and doctoral programs in the arts, media, business, education, human services, health professions, liberal arts, social sciences, medicine, science and engineering are nationally ranked for excellence. CMU leads the nation in leadership development programming through our Sarah R. Opperman Leadership Institute, and we are proud to be among only 5% of U.S. universities in the top two Carnegie research classifications. Our faculty work with graduate and undergraduate students in areas such as Great Lakes research, medical innovation, engineering technology and more. Central is home to 17 mens and womens Division 1 sports including football, basketball, gymnastics, baseball, wrestling and more. Our student-athletes achieve great success in competition and in the classroom, capturing Mid-American Conference championships and maintaining an average cumulative GPA of 3.17. CMU is located in Mount Pleasant, a community that blends the best of small-town living with big-city amenities. Its part of the culturally varied and vibrant Great Lakes Bay Region that also includes Saginaw, Bay City, Midland and the states largest Native American community, centered on the Saginaw Chippewa Isabella Reservation in Mount Pleasant. Area residents enjoy the mix of outdoor activities, cultural events, shopping and dining options, and family attractions. Other major Michigan destinations and attractions - Lansing, Grand Rapids, Detroit, Traverse City, wineries, beaches, golf and ski resorts, and many more - are within easy reach of the citys central location in Michigans Lower Peninsula. CMU employees enjoy access to a nationally recognized wellness program along with health care and benefits that exceed regional, state and national norms. CMU Leadership Standards: Central Michigan University is a place where we value students and work for their success, where we act as family, and where employees are engaged, appreciated and have extraordinary opportunities to make a difference. We intentionally maintain and strengthen the hallmark CMU culture that sets us apart from our peers by expecting CMU leaders and employees to model the following Leadership Standards and develop them within their teams. Please review the Leadership Standards before applying for this position. Message to Applicants: Central Michigan University is dedicated to fostering an environment that is reflective of the communities we serve. We are especially interested in highly qualified candidates who will advance and promote CMUs mission, vision, and leadership standards. You must submit an on-line application in order to be considered as an applicant for this position. Cover letters may be addressed to the Hiring Committee. This position will remain open until filled. The university reserves the right to close the recruitment process once a sufficient applicant pool has been identified. For best consideration, please submit application materials on or before April, 27th 2026. To apply, visit CMU is an Equal Opportunity Employer and institution. CMU does not discriminate against persons based on age, color, disability, ethnicity, familial status, gender, gender expression, gender identity, genetic information, height, marital status, national origin, political persuasion, pregnancy, childbirth or related medical conditions, race, religion, sex, sex-based stereotypes, sexual orientation, transgender status, veteran status, or weight. If you wish to see "Know Your Rights " posters, please click here . CMU does not discriminate on the basis of sex in the education program or activity that it operates, including admission and employment, and is required by Title IX of the Education Amendments of 1972 not to discriminate in such a matter. Inquiries about the application of Title IX can be made to CMUs Title IX Coordinator, the US Department of Educations Assistant Secretary, or both. CMUs Title IX Coordinator can be reached at: Phone: 989-774-3253
Office: 103 E. Preston St.
Bovee University Center, suite 306
Mount Pleasant, MI 48858
Email: [email protected] jeid-503cf627f6419b479d8727502d6771e0
Posted 2026-04-12
Recommended Jobs
Civil Project Engineer
Detroit, MI
Civil Project Engineer We currently seek a high caliber Civil Project Engineer for a long-term basis within our client’s team of experienced professionals. Based in Detroit, MI. Our client is s…
View Details
Posted 2026-01-22
PART-TIME Handyman Assistant / Home Service Technician Assistant
TruBlue Home Service Ally
Royal Oak, MI
TruBlue Home Service Ally is a national franchise with over 120 locations that provides trusted handyman repairs, home safety upgrades, and maintenance services to help seniors age in place and suppor…
View Details
Posted 2026-02-09
Call Center Representative/ BDC Agent
Gordon Chevrolet
Garden City, MI
Job Description Job Description JOIN OUR TEAM AS A BDC REPRENSENTATIVE/ CALL CENTER REPRESENTATIVE Are you a cheerful and positive individual with a knack for great phone conversations? We're …
View Details
Posted 2026-04-05
Full Time Hospice Case Manager
AdvisaCare
Lapeer, MI
Join AdvisaCare as a Full Time Hospice Case Manager! At AdvisaCare, we are dedicated to providing compassionate hospice care that empowers patients and their families during challenging times. We…
View Details
Posted 2026-04-10
Orthopedic Hand Surgery Position with University of Michigan Health-Sparrow
University of Michigan Health Partners
Lansing, MI
Orthopedic Hand Surgery Position with University of Michigan Health-Sparrow University of Michigan Health-Sparrow is seeking an enthusiastic and dedicated, full-time BC/BE Orthopedic Hand S…
View Details
Posted 2026-04-08
Job Offer: Produce Organic Team Lead - Wallkill
Michigan
Do you love Fruit? Produce Organic Team Lead - Wallkill At Adams Fairacre Farms, we see everyday as an opportunity to share our unique shopping practice from the backyard to the kitchen table. …
View Details
Posted 2026-01-31
Assistant Administrator - Licensed NHA
Medilodge of West Bloomfield
West Bloomfield, MI
Job Description Job Description Description: Essential Functions: · Leads planning process to develop goals for quality care, employee retention and financial performance. · Assists the da…
View Details
Posted 2026-03-20
Citizens Banker- Bilingual Spanish Required
Citizens Bank
Branch County, MI
Description Starting Salary: $24.50 / hour and up Citizens Bankers are the face of the branch. They devote their time getting to know their customers and building lasting relationships by pr…
View Details
Posted 2026-03-17