The IAM Senior Privileged Access Management (PAM) Engineer will lead the strategic development, implementation, and maintenance of advanced IAM solutions that align with the University’s security policies while anticipating future requirements and technological advancements. This role involves conducting in-depth evaluations of hosting platforms and configuration technologies to ensure seamless integration and consistency across production and non-production environments, driving efficiency and scalability.
The Senior PAM Engineer is responsible for the advanced design, implementation, and maintenance of the technical infrastructure that manages privileged accounts and access within the University. They will ensure that privileged access is secure, monitored, and compliant with university policies and regulatory requirements. Working on complex projects, the Senior PAM Engineer will provide technical guidance and collaborate closely with the IAM Director, IAM Managers, Engineers, Administrators, Analysts, key stakeholders across various University departments, and external vendors to enhance the organization’s PAM capabilities.
The IAM Senior PAM Engineer will positively impact UCSF’s operations and culture by ensuring UCSF’s IT infrastructure is operable, secure, efficient, and effective in service of the University’s mission. This team member will advance the University’s mission by delivering exceptional information technology services comprehensively and consistently across customers and stakeholders. This role will execute UCSF’s vision while modeling UCSF’s culture and values.
The final salary and offer components are subject to additional approvals based on UC policy.
Your placement within the salary range is dependent on a number of factors including your work experience and internal equity within this position classification at UCSF. For positions that are represented by a labor union, placement within the salary range will be guided by the rules in the collective bargaining agreement.
The salary range for this position is $143,100 - $214,600 (Annual Rate).
To learn more about the benefits of working at UCSF, including total compensation, please visit: https://ucnet.universityofcalifornia.edu/compensation-and-benefits/index.html

DEPARTMENT DESCRIPTION

University of California, San Francisco (UCSF) is distinguished as a leading academic healthcare organization, home to groundbreaking discoveries, world-class education, and exceptional healthcare services. Infrastructure Services (IS) is the backbone of the technological infrastructure, assuring the technical services that enable the academic, medical, and research missions of the organization. Beyond a focus on maintaining systems and resolving issues, we are committed to nurturing the potential of our team members and empowering them to excel. UCSF Infrastructure Services provides 24/7 support to the University community, always upholding the highest level of responsiveness and reliability for our customers. IS values innovation and excellence in ensuring secure and efficient IT services, regardless of the hour or complexity of the issue.
The Identity and Access Management Services team within Infrastructure Services protects UCSF’s resources through access management, including accounts, authentication, access, and role-based provisioning at the enterprise level. This team implements rigorous regulation of UCSF data through granular access control and the auditing of all UCSF assets on the premises and in the cloud. By ensuring information security at UCSF, the IAM Services team enables the academic, medical, and research mission of UCSF.

REQUIRED QUALIFICATIONS

• Bachelor’s Degree or equivalent combination of experience/training in one or more of the following fields: cybersecurity, information technology, computer science, public administration, business administration, communications.
• 5+ years experience working in one or more of the following fields: cybersecurity, computer science, computer information systems, etc.
• One or more of the following certifications: CCNP Security, CCIE Security, OSCP, CISSP, CEH, or equivalent certification
• Advanced experience in administering and providing support for Privileged Access Management (PAM).
• Advanced knowledge of authentication infrastructures, including extensive experience with troubleshooting skills.
• Broad experience with Linux, Windows, and Unix server technology.
• Advanced implementation and integration experience with IAM systems and tools.
• Demonstrated skills applying security controls to computer software and hardware.
• Demonstrated hands-on experience with directory services (e.g., Active Directory, LDAP), Single Sign-On (SSO) technologies, and multi-factor authentication (MFA) solutions.
• Advanced knowledge of data encryption technologies and experience selecting and applying appropriate data encryption technologies.
• Advanced proficiency in scripting and programming languages (e.g., PowerShell, Python, Java) for automation and integration purposes.
• Advanced experience in incident response and digital forensics, including reporting.
• Strong written and verbal communication skills and ability to communicate technical information and ideas to a diverse community of colleagues and stakeholders.
• Strong ability to establish and advance positive working relationships and a strong rapport with team members, stakeholders, and customers.
• Strong organizational skills and ability to balance competing priorities and support concurrent projects. Experience working in a project-based environment using leading project management practices, including schedule management, status reporting, and communication of project risks and issues.
• Strong demonstrated problem-solving skills; scopes solutions based on knowledge of available resources and timelines. Ability to ask questions, gather information, evaluate options, and make decisions with integrity.
• Strong ability to think creatively and propose innovative ideas, including the incorporation of new technologies or processes. Ability to work with agility in a fast-paced environment.

PREFERRED QUALIFICATIONS

• Experience with the Delinea solutions.
• Experience in complex higher education environments, serving academic, medical, and research and administrative functions of a large public university.

Please refer the Job description for details