Central Piedmont Community College
Systems Engineer - Identity & Access Management - (Information Technology)
Central Piedmont Community College, Elizabeth City, North Carolina, us, 27906
Salary:
$66,760.00 - $143,914.00 Annually Location :
Central Campus - Uptown/Elizabeth Job Type:
Full-Time Staff Job Number:
2025-00461 Unit:
IT-Technical Operations Department:
System Services Opening Date:
09/29/2025 Closing Date:
11/21/2025 11:59 PM Eastern For part-time/adjunct faculty only::
N/A (not a PT faculty role) Projected average hours of work per week::
40 (full-time) Required Cover Letter and Resume:
Resume
General Function
The Systems Engineer - IAM (Identity & Access Management) is a senior-level technical position responsible for the design, implementation, and ongoing refinement of the college's enterprise IAM infrastructure. This role leads the technical planning and deployment of secure authentication, authorization, and account lifecycle systems across on-prem and cloud environments, with an emphasis on security, interoperability, and scalability.
Serving as the primary escalation point for complex IAM issues, the Systems Engineer drives modernization efforts, evaluates emerging technologies, and develops architectural standards to support institutional security, compliance, and user experience goals. The position is a key contributor to fusion teams and collaborates closely with the Information Security Office and Enterprise Architect to ensure alignment with broader architectural and policy frameworks.
Critical areas of responsibility include identity lifecycle automation, single sign-on (SSO), multi-factor authentication (MFA), federated identity integrations, and role-based access control (RBAC). The Systems Engineer also promotes documentation and knowledge sharing and drives automation and continuous improvement practices aligned with ITIL frameworks and Zero Trust principles. Duties and Responsibilities
1. Leads the design, implementation, and lifecycle management of IAM systems, including directory services, SSO, MFA, and identity lifecycle automation.
2. Serves as the primary escalation point for complex IAM and authentication issues, performing advanced troubleshooting and collaborating across teams.
3. Develops and enforces technical standards and policies for provisioning, authentication, authorization, and identity federation across hybrid environments.
4. Builds and maintains automated workflows for onboarding, offboarding, access reviews, and role-based access control (RBAC).
5. Partners with cybersecurity and governance teams to ensure IAM systems meet security, compliance, and audit requirements.
6. Evaluates, integrates, and maintains IAM tools such as Entra ID, AD/AAD Connect, SCIM, SAML/OIDC, and PAM systems.
7. Collaborates with stakeholders and fusion teams to design scalable IAM solutions that support application integrations and cloud services.
8. Documents IAM standards, configurations, and reference architectures to promote consistency and operational continuity.
9. Identifies and implements automation and continuous improvement opportunities in IAM-related workflows and tools.
10. Participates in ITSM practices, including change management, incident response, and problem resolution related to IAM.
11. Advises on vendor platforms and contract negotiations related to IAM services.
12. Supports incident response efforts related to account compromise, access violations, or system misconfigurations.
13. Mentors junior administrators and promotes best practices in identity management, automation, and security. Minimum Requirements and Preferred Qualifications • Associate degree in Information Technology, Cybersecurity, or related field from an accredited institution, and 8 years of progressively responsible experience in IAM, system administration, or IT infrastructure roles focused on authentication and access control. • Equivalent combination of work experience and advanced professional certifications may substitute for the degree requirement. • ITIL 4 Foundations certification obtained within six months of hire. • At least one advanced professional IAM, directory services, or cloud identity certification, such as:
o Microsoft Certified: Identity and Access Administrator Associate
o Microsoft Certified: Entra ID Administrator Associate
o Or equivalent Preferred Qualifications: • Ten or more years of advanced IAM, system engineering, or cybersecurity-focused infrastructure experience, preferably in complex hybrid environments. • Advanced certifications such as:
o Microsoft Certified: Cybersecurity Architect Expert
o Certified Identity and Access Manager (CIAM)
o GIAC Certified Windows Security Administrator (GCWN)
o Or similar credentials demonstrating expert-level IAM knowledge • Proven experience designing and managing hybrid identity platforms, including Entra Connect, Conditional Access, MFA, and SSO. • Experience with SCIM provisioning, identity lifecycle automation, and enterprise RBAC implementations. • Strong background in cloud-native IAM architectures, federation, Just-in-Time (JIT) provisioning, and Zero Trust identity strategy. • Experience supporting compliance reporting, audit preparation, and IAM telemetry analysis for governance and security. • Leadership in incident response and access-related problem resolution involving authentication or privileged access systems. • Experience participating in and leading cross-functional fusion teams aligned with cybersecurity, data governance, and enterprise architecture. Additional Information
Knowledge, Skills, Abilities and Worker Characteristics: • Expert-level understanding of IAM technologies and protocols, including Active Directory, Entra ID (Azure AD), SAML, OAuth, OpenID Connect, SCIM, and RBAC. • Strong troubleshooting and incident response skills for diagnosing complex authentication and directory synchronization issues across hybrid environments. • Excellent collaboration and communication skills, with the ability to explain IAM concepts to both technical and non-technical audiences. • Demonstrated ability to research and implement emerging IAM tools and best practices, including PAM and Zero Trust strategies. • Detail-oriented and well-organized, with exceptional documentation skills to ensure accuracy in identity workflows, role definitions, and configurations. • Ability to work independently on high-priority IAM initiatives, lead integrations, and provide mentorship to other IT staff. • Proficiency in scripting and automation related to IAM, particularly using PowerShell, REST APIs, and cloud-native tools. • Deep knowledge of hybrid identity strategies, including synchronization, cloud-only identities, conditional access, and modern authentication enforcement. • Strong understanding of compliance and audit readiness, including identity-related controls for FERPA and NIST 800-53. • Ability to interpret IAM telemetry, audit logs, and entitlement data to support access governance and incident response.
Working Conditions: • This is a full-time, on-site position. • May be required to work outside of normal business hours to assist with incident response, planned maintenance, or critical service restorations Central Piedmont is happy offer a comprehensive and affordable benefits package to full-time employees including:
health care dental vision and supplemental retirement flexible spending accounts (dependent care and health) life insurance and supplemental life insurance (for employee and family) short-term and long-term disability free parking holidays (12 + 2 necessity days) (120 hours per year to start) (96 hours per year) (2 days) (4 to 8 weeks)
To learn more details, visit our to see the Summary of Benefits. 01
Do you have an Associate degree in Information Technology, Cybersecurity, or related field from an accredited institution, and 8 years of progressively responsible experience in IAM, system administration, or IT infrastructure roles focused on authentication and access control?
Yes No
Required Question
$66,760.00 - $143,914.00 Annually Location :
Central Campus - Uptown/Elizabeth Job Type:
Full-Time Staff Job Number:
2025-00461 Unit:
IT-Technical Operations Department:
System Services Opening Date:
09/29/2025 Closing Date:
11/21/2025 11:59 PM Eastern For part-time/adjunct faculty only::
N/A (not a PT faculty role) Projected average hours of work per week::
40 (full-time) Required Cover Letter and Resume:
Resume
General Function
The Systems Engineer - IAM (Identity & Access Management) is a senior-level technical position responsible for the design, implementation, and ongoing refinement of the college's enterprise IAM infrastructure. This role leads the technical planning and deployment of secure authentication, authorization, and account lifecycle systems across on-prem and cloud environments, with an emphasis on security, interoperability, and scalability.
Serving as the primary escalation point for complex IAM issues, the Systems Engineer drives modernization efforts, evaluates emerging technologies, and develops architectural standards to support institutional security, compliance, and user experience goals. The position is a key contributor to fusion teams and collaborates closely with the Information Security Office and Enterprise Architect to ensure alignment with broader architectural and policy frameworks.
Critical areas of responsibility include identity lifecycle automation, single sign-on (SSO), multi-factor authentication (MFA), federated identity integrations, and role-based access control (RBAC). The Systems Engineer also promotes documentation and knowledge sharing and drives automation and continuous improvement practices aligned with ITIL frameworks and Zero Trust principles. Duties and Responsibilities
1. Leads the design, implementation, and lifecycle management of IAM systems, including directory services, SSO, MFA, and identity lifecycle automation.
2. Serves as the primary escalation point for complex IAM and authentication issues, performing advanced troubleshooting and collaborating across teams.
3. Develops and enforces technical standards and policies for provisioning, authentication, authorization, and identity federation across hybrid environments.
4. Builds and maintains automated workflows for onboarding, offboarding, access reviews, and role-based access control (RBAC).
5. Partners with cybersecurity and governance teams to ensure IAM systems meet security, compliance, and audit requirements.
6. Evaluates, integrates, and maintains IAM tools such as Entra ID, AD/AAD Connect, SCIM, SAML/OIDC, and PAM systems.
7. Collaborates with stakeholders and fusion teams to design scalable IAM solutions that support application integrations and cloud services.
8. Documents IAM standards, configurations, and reference architectures to promote consistency and operational continuity.
9. Identifies and implements automation and continuous improvement opportunities in IAM-related workflows and tools.
10. Participates in ITSM practices, including change management, incident response, and problem resolution related to IAM.
11. Advises on vendor platforms and contract negotiations related to IAM services.
12. Supports incident response efforts related to account compromise, access violations, or system misconfigurations.
13. Mentors junior administrators and promotes best practices in identity management, automation, and security. Minimum Requirements and Preferred Qualifications • Associate degree in Information Technology, Cybersecurity, or related field from an accredited institution, and 8 years of progressively responsible experience in IAM, system administration, or IT infrastructure roles focused on authentication and access control. • Equivalent combination of work experience and advanced professional certifications may substitute for the degree requirement. • ITIL 4 Foundations certification obtained within six months of hire. • At least one advanced professional IAM, directory services, or cloud identity certification, such as:
o Microsoft Certified: Identity and Access Administrator Associate
o Microsoft Certified: Entra ID Administrator Associate
o Or equivalent Preferred Qualifications: • Ten or more years of advanced IAM, system engineering, or cybersecurity-focused infrastructure experience, preferably in complex hybrid environments. • Advanced certifications such as:
o Microsoft Certified: Cybersecurity Architect Expert
o Certified Identity and Access Manager (CIAM)
o GIAC Certified Windows Security Administrator (GCWN)
o Or similar credentials demonstrating expert-level IAM knowledge • Proven experience designing and managing hybrid identity platforms, including Entra Connect, Conditional Access, MFA, and SSO. • Experience with SCIM provisioning, identity lifecycle automation, and enterprise RBAC implementations. • Strong background in cloud-native IAM architectures, federation, Just-in-Time (JIT) provisioning, and Zero Trust identity strategy. • Experience supporting compliance reporting, audit preparation, and IAM telemetry analysis for governance and security. • Leadership in incident response and access-related problem resolution involving authentication or privileged access systems. • Experience participating in and leading cross-functional fusion teams aligned with cybersecurity, data governance, and enterprise architecture. Additional Information
Knowledge, Skills, Abilities and Worker Characteristics: • Expert-level understanding of IAM technologies and protocols, including Active Directory, Entra ID (Azure AD), SAML, OAuth, OpenID Connect, SCIM, and RBAC. • Strong troubleshooting and incident response skills for diagnosing complex authentication and directory synchronization issues across hybrid environments. • Excellent collaboration and communication skills, with the ability to explain IAM concepts to both technical and non-technical audiences. • Demonstrated ability to research and implement emerging IAM tools and best practices, including PAM and Zero Trust strategies. • Detail-oriented and well-organized, with exceptional documentation skills to ensure accuracy in identity workflows, role definitions, and configurations. • Ability to work independently on high-priority IAM initiatives, lead integrations, and provide mentorship to other IT staff. • Proficiency in scripting and automation related to IAM, particularly using PowerShell, REST APIs, and cloud-native tools. • Deep knowledge of hybrid identity strategies, including synchronization, cloud-only identities, conditional access, and modern authentication enforcement. • Strong understanding of compliance and audit readiness, including identity-related controls for FERPA and NIST 800-53. • Ability to interpret IAM telemetry, audit logs, and entitlement data to support access governance and incident response.
Working Conditions: • This is a full-time, on-site position. • May be required to work outside of normal business hours to assist with incident response, planned maintenance, or critical service restorations Central Piedmont is happy offer a comprehensive and affordable benefits package to full-time employees including:
health care dental vision and supplemental retirement flexible spending accounts (dependent care and health) life insurance and supplemental life insurance (for employee and family) short-term and long-term disability free parking holidays (12 + 2 necessity days) (120 hours per year to start) (96 hours per year) (2 days) (4 to 8 weeks)
To learn more details, visit our to see the Summary of Benefits. 01
Do you have an Associate degree in Information Technology, Cybersecurity, or related field from an accredited institution, and 8 years of progressively responsible experience in IAM, system administration, or IT infrastructure roles focused on authentication and access control?
Yes No
Required Question