Identity Management Developer (CEMI)

Working Title: Identity Management Developer (CEMI) Remote 2 Year Term

No Visa Sponsorship is available for this position.

This is a two (2) year term appointment which may be ended or extended based on organizational needs funding availability and performance.

About Information Technology @ Cornell

Information Technology (IT) is a strategic enabler for many functions at Cornell University with staff located across colleges administrative units and campuses throughout the institution. While comprised of many organizations IT operates as one partnering closely with faculty staff and students to support teaching research and business operations. By being embedded where the Cornell community is IT is well positioned to provide support ranging from daytoday needs to large complex initiatives that advance major academic research and operational objectives across the university. Check out this link to find out more about .

What will you do:

Reporting to the Assistant Director for Identity & Access Management the Identity Management Developer (CEMI) provides cybersecurityfocused technical leadership and engineering expertise in support of Cornell Universitys Identity & Access Management services within the university IT Security Office (ITSO). This position plays a key role in ensuring the secure reliable and effective delivery of enterprise authentication authorization and directory services that underpin the universitys academic research and administrative operations.

The Identity Management environment at Cornell consists of a diverse ecosystem of homegrown opensource and vendorprovided applications and services. The Security Engineer operates primarily in an engineeringfocused capacity contributing deep technical expertise to the design planning implementation and ongoing improvement of identity services. This role is instrumental in maintaining a strong security posture while enabling scalability resiliency and ease of use for a broad and varied campus community.

In addition to technical leadership this position serves as a key liaison between ITSO campus business units and external partners. The Security Engineer supports strong service relationships by helping stakeholders understand identity service capabilities status and access processes and by translating complex technical concepts into clear nontechnical guidance when needed. The role also contributes to the evolution of nextgeneration Identity Management solutions by collaborating with vendors peer institutions and internal partners to stay current with emerging technologies and best practices in higher education cybersecurity.

The Security Engineer is expected to work collaboratively within the Identity Management team and across ITSO to meet service levels support operational objectives and respond effectively to system outages or changes including availability outside of standard university business hours when required.

This is a two (2) year term appointment which may be ended or extended based on organizational needs funding availability and performance.

While position responsibilities vary every member of our community is expected to foster a culture of belonging and a healthy work environment by communicating across differences; being cooperative collaborative open and welcoming; showing respect compassion and empathy; engaging and supporting others regardless of background or perspective; speaking up when others are being excluded or treated inappropriately; and supporting work/life integration of oneself and others.

Required Qualifications:

• Bachelors degree with a minimum of three to five years of relevant experience or an equivalent combination of education and experience.
• Demonstrated success providing technical support and application or middleware development in a distributed teamfocused computing environment.
• Demonstrated expertise with one or more scripting or programming languages such as Java Perl Python and/or VB (.NET) ReactJS Ruby and/or PHP
• Approximately 1 year of professional experience developingReactJSapplicationsand/or Ruby on Rails.
• System administration experience with Linux required; and Windows experience preferred.
• Working to advanced knowledge of one or more identity and access management technologies including directory services virtual directories SAML2 OAuth2 LDAP and Active Directory authorization technologies.
• Proven experience writing technical design documentation conducting code reviews and working with version control systems such as Git.
• Ability to translate user and business needs into clear functional requirements and technical specifications and to promote effective and efficient information sharing.
• Demonstrated ability to communicate complex Identity Management conceptsincluding system functions capabilities and processesinto business terms that are clear accessible and meaningful to nontechnical stakeholders.
• Proven ability to work effectively in a dynamic deadlinedriven and complex environment with multiple competing priorities.
• Strong facilitation problemsolving analytical reasoning and judgment skills with the ability to evaluate options and recommend sound technical solutions.
• Experience supporting and managing missioncritical systems in a production environment including troubleshooting and incident response.
• Proven ability to identify scope and implement opportunities for automation or architectural improvements that enhance system reliability security or efficiency.
• Ability to cultivate and develop inclusive working relationships with students faculty staff and community members.

Preferred Qualifications:

• Experience working in higher education research or similarly complex enterprise environments particularly those with diverse identity populations and federated access needs.
• Familiarity with cloudbased identity platforms and services (e.g. Azure AD AWS IAM Google Identity or similar).
• Experience with identity lifecycle management provisioning/deprovisioning workflows and access governance.
• Knowledge of zero trust leastprivilege and modern identity security architectures.
• Experience integrating identity services with enterprise applications including SaaS platforms and custom applications.
• Demonstrated experience participating in crossfunctional technical initiatives including collaboration with security infrastructure and application teams.
• Experience supporting incident response audits or compliance efforts related to identity and access management.
• Familiarity with DevOps or CI/CD practices automated deployments and infrastructureascode concepts.
• Strong customerservice orientation with the ability to balance security requirements with usability and operational needs.

Application Information:

• A resume is required for further consideration for this position. A cover letter expressing alignment with Cornells mission and this role is strongly encouraged. When applying through our system please remember to attach your application materials (Cover Letter and Resume) in PDF format.
• No Visa Sponsorship of any kind is available for this position.
• No Relocation assistance will be provided for this position.

Rewards and Benefits

• This position is based in Ithaca New York however the successful applicant may perform this role remotely anywhere within the United States. Employees who work remotely may receive multiple W-2 Forms depending on their work location. The New York Convenience of employer guidelines require New York State individual tax reporting and withholding for this position. Additional individual state income tax filings may also be required if working temporarily outside of New York State. The university reserves the right to modify suspend or terminate the remote or hybrid work arrangement at any time.
• Cornell receives national recognition as an award-winning workplace for our health wellbeing and sustainability. Our benefits programs include comprehensive health care options generous retirement contributions access to wellness programs and employee discounts with local and national retail brands. We invite you to follow this link to get more information about our benefits: Understand Your Benefits Working at Cornell.
• Our leave provisions include health and personal leave three weeks of vacation and 13 holidays: Martin Luther King Jr. Day Memorial Day Juneteenth Independence Day Labor Day Thanksgiving and the day after and an end of the year winter break from December 25-January 1. To offer greater flexibility for observing faiths and traditions we also offer two additional floating holidays. Learn more about our generous leave provisions: Holiday and Accrued Time Off Working at Cornell
• Cornells impressive educational benefits include tuition-free Extramural Study and Employee Degree Program tuition aid for external education and Cornell Childrens Tuition Assistance Program. Learn more about our extensive educational benefits: Education Benefits Working at Cornell
• Follow this link to learn more about the Total Rewards of Working at Cornell: Total Rewards Working at Cornell.

University Job Title:

Job Family:

Level:

Pay Rate Type:

Pay Range:

Remote Option Availability:

Company:

Contact Name:

Contact Email:

Job Titles and Pay Ranges:

Non-Union Positions

Noted pay ranges reflect the potential pay opportunity for each job profile. The hiring rate of pay for the successful candidate will be determined considering the following criteria:

• Prior relevant work or industry experience

• Education level to the extent education is relevant to the position

• Unique applicable skills

• Academic Discipline

To learn more about Cornells non-union staff job titles and pay ranges see Career Navigator.

Union Positions

The hiring rate of pay for the successful candidate will be determined in accordance with the rates in the respective collective bargaining agreement. To learn more about Cornells union wages see Union Pay Rates.

Current Employees:

If you currently work at Cornell University please exit this website and log in to Workday using your Net ID and password. Select the Career icon on your Home dashboard to view jobs at Cornell.

Online Submission Guidelines:

Most positions at Cornell will require you to apply online and submit both a resume/CV and cover letter. You can upload documents either by dragging and dropping them into the dropbox or by using the upload icon on the application page. For more detailed instructions on how to apply to a job at Cornell visit How We Hire on the HR website.

Employment Assistance:

For general questions about the position or the application process please contact the Recruiter listed in the job posting or email .

If you require an accommodation for a disability in order to complete an employment application or to participate in the recruiting process you are encouraged to contact Cornell Office of Civil Rights at voice or email at .

Applicants that do not have internet access are encouraged to visit your local library or local Department of Labor. You may also request an appointment to use a dedicated workstation in the Office of Talent Attraction and Recruitment at the Ithaca campus by emailing .

Notice to Applicants:

Please read the required Notice to Applicants statement by clicking here. This notice contains important information about applying for a position at Cornell as well as some of your rights and responsibilities as an applicant.

EEO Statement:

Cornellwelcomes students faculty and staff with diverse backgrounds from across the globe to pursue world-class education and career opportunities to further the founding principle of ... any person ... any study. No person shall be denied employment on the basis of any legally protected status or subjected to prohibited discrimination involving but not limited to such factors as race ethnic or national origin citizenship and immigration status color sex pregnancy or pregnancy-related conditions age creed religion actual or perceived disability (including persons associated with such a person) arrest and/or conviction record military or veteran status sexual orientation gender expression and/or identity an individuals genetic information domestic violence victim status familial status marital status or any other characteristic protected by applicable federal state or local law.

Cornell University embraces diversity in its workforce and seeksjob candidates who will contribute to a climate that supports students faculty and staff of all identities and backgrounds. Wehire based on merit andencourage people from historically underrepresented and/or marginalized identities to with federal law Cornell engages in affirmative action in employment for qualified protected veterans as defined in the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA) and qualified individuals with disabilities under Section 503 of the Rehabilitation Act. We also recognize a lawful preference in employment practices for Native Americans living on or near Indian reservations in accordance with applicable law.