Security Administrator, Enterprise Applications IT Solutions

TITLE

SecurityAdministratorEnterprise Applications

The Security Administrator is responsible for designing implementing and managing comprehensive security practices and access control frameworks for enterprise applications including Oracle Applications Cloud Oracle Integration Cloud ERP Student InformationSystem (Ellucian Colleague or similar) Salesforce CRM OnBase and other enterprise applications.

The Security Administrator role will ensure the development and enforcement of role-based access controls (RBAC) and segregation of duties (SoD) to ensure regulatory compliance and reducesecurityrisks. The administratorwill collaboratecloselywithfunctionalteamstotranslate business requirements into secure auditable access models while maintaining full observability of user activity and resource usage.

This position is instrumental in implementing secure identity and access management (IAM) solutions including SSO MFA directory integration and automated provisioning & de- theroleincludescontinuousmonitoringof accesspatterns detection of anomalies and active participation in audit and compliance initiatives

As amemberof theITServices(ITS)team the SecurityAdministrator isexpectedtoupholdthe divisions mission and contribute positively to a collaborative human-centered innovative accountable transparent and inclusive culture within ITS. Work is performed under general supervision and performance evaluation is based upon completion of assignments and results obtained. The performance evaluation is conducted through the performance evaluation system and in accordance with the University Policies & Procedures.

ORGANIZATIONALRELATIONSHIPS

Reportsto:ManagerBusinessApplications

Supervises:None

ESSENTIALDUTIES-Mayincludebutnotlimitedtothefollowing:

OracleCloud:

• CreateandmaintainsecurityrolescatalogforOraclecloudapplications.
• Administer user roles and permissions within Oracle cloud (HCMFinancialsEPM ATP OIC etc.).
• Administer the Oracle Cloud Security Console to create and manage custom security roles. Design and configure security roles duty roles abstract roles and data access sets based on business needs and best practices.
• Ensure compliance with internal controls audit requirements and segregation of duties (SoD) policies.
• Collaborate with functional and technical teams to troubleshoot access issues and implement security solutions.
• Monitorandmaintainuserprovisioningincludingonboarding/offboardingprocesses.
• Regularlyreviewandauditaccesslogsanduseractivitiesforanomaliesorviolations.
• Developandmaintaindocumentationof security configurationsrolespoliciesand procedures.
• Conductregularreviewsofuseraccessrightsandapplicationrolestoenforcethe principle of least privilege.
• Supportinternalandexternalauditsensuringcompliancewithstandardssuchas FERPA HIPAA etc.
• Staycurrentonsecuritytrendsadvancementsandtechnologysolutionsapplicableto enterprise applications.

ColleagueStudentInformationSystem:

• CreateandmaintainsecurityrolescatalogforColleague SIS.
• AdministeruseraccountsrolesandpermissionswithintheColleagueSIS environment.
• Developandenforcesecuritypoliciesforrole-basedaccesstostudentandadministrative data.
• ManageColleagueUIsecurityclassdefinitionsmnemonicsandsecuritygroups.
• Collaboratewithfunctionaldepartments(RegistrarFinancialAidHRetc.)to determine and implement appropriate access levels.
• Conductperiodicsecurityauditsandreviewsofuseraccessanddatapermissions.
• Support onboarding and offboarding of employees ensuring proper provisioning and deprovisioning of system access.

SalesforceCRM:

• CreateandmaintainsecurityrolescatalogforSalesforce.
• Administer and manage user profiles permission sets role hierarchies and sharing rules in Salesforce.
• Implementandmaintainorg-widedefaultsettingsfield-levelsecurityandrecord-level access controls.
• Ensurecompliancewithinternalsecuritypoliciesdataprotectionregulationsand access control best practices.
• CollaboratewithSalesforcedevelopersadminsandbusinessstakeholdersto support secure solution design and deployment.
• Auditandreportonuseraccessroleassignmentsandpermissionusageona

regularbasis.

• Supporttheuserprovisioning/de-provisioningprocessintegratedwithidentitymanagement systems.

OnBase:

• CreateandmaintainsecurityrolescatalogforHylandOnBaseECM.
• AdministerandmaintainusersecurityrolesandpermissionswithintheOnBaseplatform.
• ConfigureandmanageOnBaseusergroupsprivilegesandlicensing.
• Monitor access logs and security events to detect unauthorized activity or compliance risks.
• Participateinperiodicreviewsandauditsofuseraccessandpermissions.
• SupportonboardingandoffboardingprocessesasitpertainstoOnBaseaccess.

ADDITIONALDUTIES

• Otherdutiesasassigned.

EDUCATION

BachelorsdegreeinComputerScienceInformationSecurityInformationSystemsora related field. Additional job-related experience may substitute for the required education on a year-for- year basis.

EXPERIENCE

Over5yearsofexperienceinapplicationsecurityenterpriseapplicationadministrationsystem administration database administration or information security.

REQUIREMENT

Regular andreliable attendance attheUniversityduringregular scheduleddaysandworkhours is an essential function of this position.

Work is performed under minimal supervision and performance is based on the effective operation of the administrative function. The performance evaluation is conducted through the performance evaluation system and in accordance with the University Policies & Procedures

All employees share the responsibility of maintaining information security and privacy requirements within the university by adhering to Federal and State regulations and TWU Policies & Procedures.

KNOWLEDGESKILLSANDABILITIES-Thefollowingareessential:

• StrongunderstandingofRole-basedaccesscontrol(RBAC).

• ExperiencewithOracleSaaSsecurity(SecurityConsolecustomroles).
• Experience managing application security in ERP CRM Oracle Applications Cloud Oracle Integration Cloud ATP.
• Experience administering Oracle Fusion ERP security. Hands-on expertise with the Oracle Security Console including the design implementation and governance of Job Roles DutyRolesDataRoles andAbstractRoles acrossvariousofferings (ERPHCM SCM etc.).
• Strong experience with user and role management in Oracle Cloud HCM ERP SCM and EPM.
• Strongunderstandingof Salesforce securityarchitecture andaccess models(profiles permission sets sharing rules etc.).
• Experience working with Colleague SIS or similar student information systems security mnemonics and security groups.
• ExperienceworkingwithOnBasesecuritygroupsandusersetup.
• Familiaritywithauthenticationprotocols(OAuthSAMLOpenID)SSOandMFA configurations.
• Stronganalyticalskillswiththeabilitytocollectorganizeanalyzeanddisseminate significant amounts of information with attention to detail and accuracy.
• Stronganalyticalandproblem-solvingskills.
• Excellentcommunicationandpresentationskills.
• Abilitytoworkindependentlyandaspartofateam.
• Abilitytouseapersonalcomputerandotherofficeequipmentincludingrelateduniversity software and email.

Additional/DesirableSkills&Abilities

• RelevantsecurityorERPrelatedcertifications.
• Experiencewithidentityandaccessmanagement(IAM)systems.
• (BIP) and Oracle Transactional Business Intelligence (OTBI).
• ExperienceworkingwithERPandCRMsystems.
• Experienceworkingwithinformationsystemswithinahighereducationsetting.
• KnowledgeofTexasAdministrativeCode(TAC202).
• FamiliaritywithregulatoryframeworkssuchasFERPAandHIPAA.

PHYSICALDEMANDS

The physical demands described in the Essential Duties and below are representative of those that must be met by an employee to successfully perform the essential duties of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential duties.

Theemployeemayberequiredtotravel.

WORKENVIRONMENT

Allemployeesareresponsibleformaintaininganenvironmentthatisfreefromdiscrimination