Kavaliro
3 days ago Be among the first 25 applicants
The Identity Management (IdM) Engineer architects, implements, and manages the district’s comprehensive Identity and Access Management (IAM) solutions. This critical role ensures that over 40,000 students, teachers, and staff members have secure, seamless, and appropriate access to the digital tools and learning resources they need.
Base Pay $65.00/hr - $70.00/hr
Summary The IdM Engineer is responsible for the entire identity lifecycle; from automated account creation based on enrollment and start dates, to role changes, to timely account deprovisioning upon graduation or withdrawal and district departure. This position is central to our district goals of enhancing digital security, ensuring educational continuity, and maintaining a fluid and easily accessible digital environment for all staff and students.
Responsibilities Identity Lifecycle Management Design, automate, and manage the end-to-end identity lifecycle (provisioning, role changes, deprovisioning) for all user types, including students, teachers, administrators, substitute staff, and parents/guardians.
System Integration & Automation Serve as the primary technical owner for integrating the Student Information System (SIS) and the HR/Finance system with downstream applications.
Directory Services Management Administer and maintain core identity directories: Microsoft Active Directory, Azure AD (Entra ID), and Google Workspace for Education.
End User Support
Investigate incidents and recommend corrective actions.
Train users on policies and procedures.
Stay up to date on evolving threats, technologies, and solutions.
Collaborate with other departments to ensure secure access to systems and data.
Single Sign-On (SSO) Implement and maintain SSO solutions (using SAML, OIDC, and SCIM) to provide a seamless and secure login experience for all district-approved applications (e.g., LMS, testing platforms, library systems).
Security & Access Control
Develop and enforce Role-Based Access Control (RBAC) policies to ensure users only have access to data and systems appropriate for their role (least privilege principle).
Manage Multi-Factor Authentication (MFA) and Conditional Access policies to protect district assets and sensitive student data.
Compliance & Auditing Ensure all IdM processes and systems are compliant with K-12 specific regulations, including FERPA, CIPA, and COPPA. Support internal and external audits by providing access logs and reports.
Documentation Create and maintain comprehensive documentation of IdM architecture, workflows, policies, and procedures.
Attendance & Availability Required to have prompt, regular attendance in-person and be available to work on-site during business hours and as needed.
Experience 3+ years of hands-on experience in an IT role with at least 2 years focused specifically on Identity and Access Management.
Skills & Knowledge
Strong, demonstrable experience with PowerShell scripting for automation, data manipulation, and system integration.
Expert-level knowledge of Active Directory and Azure AD (Entra ID), including hybrid identity management.
Hands‑on experience managing Google Workspace for Education user accounts, groups, and OUs.
Deep understanding of identity protocols (SAML, OIDC, OAuth 2.0) and provisioning standards (SCIM).
Proven ability to troubleshoot complex technical issues across multiple, interconnected systems.
Excellent communication skills with the ability to explain complex concepts to non-technical stakeholders.
Certifications
Microsoft Certified: Identity and Access Administrator Associate
CompTIA Security+
#J-18808-Ljbffr
The Identity Management (IdM) Engineer architects, implements, and manages the district’s comprehensive Identity and Access Management (IAM) solutions. This critical role ensures that over 40,000 students, teachers, and staff members have secure, seamless, and appropriate access to the digital tools and learning resources they need.
Base Pay $65.00/hr - $70.00/hr
Summary The IdM Engineer is responsible for the entire identity lifecycle; from automated account creation based on enrollment and start dates, to role changes, to timely account deprovisioning upon graduation or withdrawal and district departure. This position is central to our district goals of enhancing digital security, ensuring educational continuity, and maintaining a fluid and easily accessible digital environment for all staff and students.
Responsibilities Identity Lifecycle Management Design, automate, and manage the end-to-end identity lifecycle (provisioning, role changes, deprovisioning) for all user types, including students, teachers, administrators, substitute staff, and parents/guardians.
System Integration & Automation Serve as the primary technical owner for integrating the Student Information System (SIS) and the HR/Finance system with downstream applications.
Directory Services Management Administer and maintain core identity directories: Microsoft Active Directory, Azure AD (Entra ID), and Google Workspace for Education.
End User Support
Investigate incidents and recommend corrective actions.
Train users on policies and procedures.
Stay up to date on evolving threats, technologies, and solutions.
Collaborate with other departments to ensure secure access to systems and data.
Single Sign-On (SSO) Implement and maintain SSO solutions (using SAML, OIDC, and SCIM) to provide a seamless and secure login experience for all district-approved applications (e.g., LMS, testing platforms, library systems).
Security & Access Control
Develop and enforce Role-Based Access Control (RBAC) policies to ensure users only have access to data and systems appropriate for their role (least privilege principle).
Manage Multi-Factor Authentication (MFA) and Conditional Access policies to protect district assets and sensitive student data.
Compliance & Auditing Ensure all IdM processes and systems are compliant with K-12 specific regulations, including FERPA, CIPA, and COPPA. Support internal and external audits by providing access logs and reports.
Documentation Create and maintain comprehensive documentation of IdM architecture, workflows, policies, and procedures.
Attendance & Availability Required to have prompt, regular attendance in-person and be available to work on-site during business hours and as needed.
Experience 3+ years of hands-on experience in an IT role with at least 2 years focused specifically on Identity and Access Management.
Skills & Knowledge
Strong, demonstrable experience with PowerShell scripting for automation, data manipulation, and system integration.
Expert-level knowledge of Active Directory and Azure AD (Entra ID), including hybrid identity management.
Hands‑on experience managing Google Workspace for Education user accounts, groups, and OUs.
Deep understanding of identity protocols (SAML, OIDC, OAuth 2.0) and provisioning standards (SCIM).
Proven ability to troubleshoot complex technical issues across multiple, interconnected systems.
Excellent communication skills with the ability to explain complex concepts to non-technical stakeholders.
Certifications
Microsoft Certified: Identity and Access Administrator Associate
CompTIA Security+
#J-18808-Ljbffr