IDENTITY & ACCESS MANAGEMENT ENGINEER I/II/III

The Identity and Access Management (IAM) Engineer is a member of the Information Security Office within the Office of Information Technology (OIT) assisting in the management of identities, authorization, and authentication services for Central Michigan University. This position will develop, implement, enhance, integrate, and maintain IAM tools, technologies and services, and work with campus departments on integrating new software and/or services into our authentication and authorization platforms. Secondary responsibilities may include other information security and information technology administrative activities including leading incident response, vulnerability management, risk assessment, investigations and legal discovery, penetration testing, firewall and IDS/IPS systems tuning, programming, scripting, and automating, data loss prevention, standards development, security awareness, end-point security consultation, web and application security, compliance activities, etc. Required Qualifications

IDENTITY & ACCESS MANAGEMENT ENGINEER I

Bachelor degree in Computer Science, Management Information Systems, Information Assurance or related field or a combination of comparable work experience in a related field. Two years of full-time experience working in enterprise information technology support with above degree or six years of full-time experience without degree. Demonstrated experience with standard authentication protocols and frameworks, such as SAML and OAuth. Basic knowledge of security processes and procedures relating to the confidentiality, integrity, and availability of information and information systems. Basic knowledge of information security risk assessment and management processes and standards. Basic knowledge and understanding of security concepts including malware, intrusion detection, risk analysis, and threat/vulnerability management. Basic knowledge of intrusion detection/prevention systems, SIEMs, and vulnerability scanners. Experience working with relational database management systems (RDBMS), including Microsoft SQL Server, with the ability to query, troubleshoot, and support custom databases integrated with IAM solutions. Demonstrated ability to communicate clearly and effectively and project a positive and professional image, and to work in cross-functional teams. Demonstrated ability to manage timelines and deliverables, to create and manage task lists, and to meet work and project schedules as determined by others. Ability to communicate effectively, both orally and in writing. Ability to perform the essential functions of the job.

IDENTITY & ACCESS MANAGEMENT ENGINEER II

All the requirements of Identity & Access Management Engineer I plus: General knowledge of Active Directory and Azure AD. Demonstrated ability to research and resolve complex technical issues. Demonstrated experience working with identity management applications and concepts.

IDENTITY & ACCESS MANAGEMENT ENGINEER III

All the requirements of Identity & Access Management Engineer II plus: Advanced knowledge of Active Directory and Azure AD. Demonstrated understanding of IAM concepts (including federation, authentication, authorization, access controls, access control attacks, identity and access management provisioning life cycle), Radius and MFA. Demonstrated experience with identity and access governance (including role-based access control, access request and certification, user life cycle management processes and change management).

SR IDENTITY & ACCESS MANAGEMENT ENGINEER

All the requirements of Identity & Access Management Engineer III plus: Demonstrated experience with complex ERP environments, especially related to human resources or enrollment management. Demonstrated technical architecture experience (i.e., integrating identity management, access management and access governance software into infrastructure and applications). Demonstrated experience managing projects. Preferred Qualifications Information security certifications, such as CISSP, CISM, Security+, etc. Experience working in a higher education environment. Knowledge of Security Information and Event Management (SIEM) concepts, applications and systems. Knowledge of ADFS, Azure and Shibboleth Experience with programming, scripting, and task automation. Working knowledge of requirements for organizational compliance with multiple laws, regulations, and standards such as PCI-DSS, HIPAA, FERPA, and GLBA. Duties & Responsibilities

IDENTITY & ACCESS MANAGEMENT ENGINEER I

Account provisioning and lifecycle management. Troubleshoots authentication and authorization issues. Researches and monitors the latest identity and access management trends. Maintains documentation for IAM and other ISO systems as needed. Identifies, investigates, analyzes, responds to, and reports on security events that occur within the university environment as needed. Works with OIT personnel to mitigate discovered vulnerabilities in IAM and other systems. Participates in the design, implementation, and continuous improvement of security service offerings for the ISO. This position may require occasional weekend and evening assignments as well as availability during off-hours for participation in both scheduled and unscheduled activities. Investigatory responsibilities that may require discretion and/or interaction with executive, legal, and/or law enforcement staff. Perform other duties as assigned.

IDENTITY & ACCESS MANAGEMENT ENGINEER II

All the duties of the Identity & Access Management Engineer I plus: Works with departments on configuring Single Sign-On (SSO) for new and existing applications as necessary. Assists IAM Engineers in troubleshooting issues with IAM tools and processes. Assists with the development, implementation, and support of RBAC. For systems and software applications in scope for IAM Team, reconcile discrepancies between access rights assigned and access rights required for users to perform job duties. Participates in projects and production support operations focused on implementing Identity and Access Management (IAM) integrations and Roles Based Access Control (RBAC) strategies and integrations.

IDENTITY & ACCESS MANAGEMENT ENGINEER III

All the duties of the Identity & Access Management Engineer II plus: Develops, implements, enhances, integrates, and maintains IAM tools, technologies and services, including Active Directory, ADFS, F5 APM, Azure and Shibboleth. Collaborates in the design, implementation, and support of the IAM technologies. Assists in efficiency improvements by recommending process changes as well as developing solutions to automate and orchestrate repeatable tasks for IAM. Develops system access and security implementation plans derived from operational customer needs and requests.

SR IDENTITY & ACCESS MANAGEMENT ENGINEER

All the duties of the Identity & Access Management Engineer III plus: Participates as a subject matter expert in the analysis and design of identity and access management solutions and services. Identifies the broader impact of current decisions related to user access, data access and information security. Aligns IAM processes across the University and develop and document standards for university use. Supervision Exercised None. Message to Applicants Central Michigan University is dedicated to fostering an environment that is reflective of the communities we serve. We are especially interested in highly qualified candidates who will advance and promote CMU's mission, vision, and leadership standards. You must submit an on-line application in order to be considered as an applicant for this position. Cover letters may be addressed to the Hiring Committee. This position will remain open until filled. The university reserves the right to close the recruitment process once a sufficient applicant pool has been identified. For best consideration, please submit application materials on or before April 27, 2026. Employee Group Professional & Administrative

• Salary Staff Pay Level Pay Range $70,000
• $90,000 Division President Department Information Security
• OIT Position Status Regular Position End Date Employment Status Full-Time FTE 1.

0 Position Type 12 month Weekly Work Schedule 8am-5pm, M-F, occasional weekends and evenings Location Mount Pleasant, MI About the Department About CMU Central Michigan University has a more than 125-year legacy of preparing students to become leaders and changemakers in their communities and in their personal and professional lives. We serve nearly 15,500 students on our Mount Pleasant campus, in satellite locations around the state and throughout the country, and through flexible online programs. Many of our approximately 300 undergraduate, master's, specialist and doctoral programs in the arts, media, business, education, human services, health professions, liberal arts, social sciences, medicine, science and engineering are nationally ranked for excellence. CMU leads the nation in leadership development programming through our Sarah R. Opperman Leadership Institute, and we are proud to be among only 5% of U.S. universities in the top two Carnegie research classifications. Our faculty work with graduate and undergraduate students in areas such as Great Lakes research, medical innovation, engineering technology and more. Central is home to 17 men's and women's Division 1 sports including football, basketball, gymnastics, baseball, wrestling and more. Our student-athletes achieve great success in competition and in the classroom, capturing Mid-American Conference championships and maintaining an average cumulative GPA of 3.17. CMU is located in Mount Pleasant, a community that blends the best of small-town living with big-city amenities. It's part of the culturally varied and vibrant Great Lakes Bay Region that also includes Saginaw, Bay City, Midland and the state's largest Native American community, centered on the Saginaw Chippewa Isabella Reservation in Mount Pleasant. Area residents enjoy the mix of outdoor activities, cultural events, shopping and dining options, and family attractions. Other major Michigan destinations and attractions — Lansing, Grand Rapids, Detroit, Traverse City, wineries, beaches, golf and ski resorts, and many more — are within easy reach of the city's central location in Michigan's Lower Peninsula. CMU employees enjoy access to a nationally recognized wellness program along with health care and benefits that exceed regional, state and national norms. CMU Leadership Standards Central Michigan University is a place where we value students and work for their success, where we act as family, and where employees are engaged, appreciated and have extraordinary opportunities to make a difference. We intentionally maintain and strengthen the hallmark CMU culture that sets us apart from our peers by expecting CMU leaders and employees to model the following Leadership Standards and develop them within their teams. Please review the Leadership Standards before applying for this position.