The Identity and Access Management (IAM) team in the Office of
Information Technology (OIT) is seeking an IAM Microsoft Engineer
that will serve as the service operation manager for the campus
implementation of the Active Directory! The selected candidate will
have the overall responsibility for the day-to-day operation,
support, and governance of the active directory, including the
maintenance of a risk-averse security policy, and will lead the
ongoing efforts to improve the service. This position works with
the IAM Program Manager and will coordinate integrations into the
AD with various service owners across OIT and the campus. The
position will also contribute to a formal on-call rotation to
provide 24/7 availability to the service.
As the IAM Microsoft Engineer, manage the day-to-day service
operations by effectively implementing common OIT processes for
service operations including incident management, problem
management, and request fulfillment. Also implement OIT processes
for configuration management and change management. Work with OIT
process owners to ensure common OIT processes meet service needs.
- Apply logical problem solving to find creative solutions to
problems in the environment on a broad scale.
- Plan and implement Active Directory Domain level upgrades, in
collaboration with system administrators.
- Provide guidance and governance on Group Policy Objects as
requested to ensure compliance of university policies for servers
and user end-point devices.
- Troubleshoot and resolve password/identity management
- Assist in management and support of internal and external DNS
- Work with partners and other technical teams to collect
business and technical requirements and design / deliver enterprise
- Create and update technical documentation of operating
procedures as needed.
- Maintain standards for installation of infrastructure software
/ hardware installations.
- Serve as a technical expert for Tier 1/2/3 support groups.
- Oversee the architecture and design of the backup and recovery
of Active Directory.
- Own and lead discussions in business and technical information
technology solution implementations, upgrades, enhancement, and
conversions. Recommends solutions as appropriate.
- Support IT goals and objectives including measures and
- Provide problem solving leadership based on experience with
- Review domain level rights and privileges and perform changes
to the same as appropriate.
- Collaborate in assessing current and expected Windows
infrastructure needs, configuration, maintenance, optimization, and
documentation of Windows infrastructure.
- Assist with implementing solutions for hardware and software.
Implement common preventive maintenance practices for hardware and
- Ensure that system improvements and changes are implemented
correctly and completely and supervise all effects of the
- Establish/recommend policies on system use and services.
- Understanding of architecting and configuring Microsoft Windows
OS technology including AD Forests, Domains, Trusts, DNS, DHCP,
Group Policy and Organizational Units.
The University of Colorado Boulder is committed to building a
culturally diverse community of faculty, staff, and students
dedicated to contributing to an inclusive campus environment. We
are an Equal Opportunity employer, including veterans and
individuals with disabilities.
Who We Are
- OIT will be valued by campus as a strategic, inclusive and
innovative partner in advancing learning and discovery in order to
enable CU Boulder to be a premier public university.
- OIT enables campus priorities by providing high-value IT
services and solutions.
- Trust, as a foundation for how we engage with one another and
with campus partners, along with
- Avid curiosity in how to better support the campus and our
- Fostering empowerment and authentic engagement among ourselves
- Celebrating inclusivity that promotes a sense of belonging
while acknowledging that each person is unique and valued.
- OIT will advance learning and discovery by delivering
high-value reliable IT services and solutions that:
- Provide a fluid and adaptable academic and student
- Enable research competitiveness and
- Deliver core infrastructure and enterprise IT services for
- Based on our departmental goals and our commitment to diversity
and inclusive excellence, OIT particularly welcomes applications
from candidates whose knowledge, skills, and abilities, and desire
to contribute to an inclusive campus environment, will help us
achieve our vision of a diverse and inclusive community.
Based on our departmental goals and our commitment to diversity and
inclusive excellence, OIT particularly welcomes applications from
candidates whose knowledge, skills, and abilities, and desire to
contribute to an inclusive campus environment, will help us achieve
our vision of a diverse and inclusive community.
What Your Key Responsibilities Will Be
Integration and Consultation for OIT Projects and Campus IT
- Manage day-to-day routine tasks related to the operation of
Identity & Access Management infrastructure, applications, and
processes, including event and problem detection, incident
management, restoration of service, investigation and root cause
analysis, and remediation. Service operation may also include
request fulfillment and providing access to Identity services and
applications. Provide administration and operation of the
enterprise Active Directory Service. Provide IAM Governance and
oversight for Azure AD environment.
- Provide technical expertise and recommendations on identity and
access requirements for new projects and established processes.
Integrate applications and services with Identity & Access
Management tools and solutions and communicate best-practices for
authentication, authorization, and provisioning.
Continual Service Improvement
- Participate in the building of Identity & Access services
and processes and ensure that changes are evaluated, tested, and
carried out in accordance with established change management
practices. Support knowledge management by contributing to and
maintaining documentation and capturing details of changes and
Service Strategy & Design:
- Regularly review, benchmark, and audit services and processes
and identify specific improvements to increase quality and value.
Verify that these initiatives are carried out and are positively
impacting services and users.
What You Should Know
- Participate in strategic decisions about how best to fulfill
the Identity & Access Management needs of both users and IT
service providers. Explore and assess new technologies and
innovative approaches to solving problems. Contribute to the design
of new services and improvement to existing services.
- This position is in a hybrid work situation.
- This position will operate on a standard work week, with a
rotational 24/7 on-call.
What We Can Offer
- All University of Colorado Boulder employees are required to
comply with the
campus COVID-19 vaccine requirement .
- New employees must provide proof of vaccination or receive a
medical or religious exemption within 30 days of employment.
The salary range for this position is $95,000 - $103,000
The University of Colorado offers excellent benefits
, including medical, dental,
retirement, paid time off, tuition benefit and ECO Pass. The
University of Colorado Boulder is one of the largest employers in
Boulder County and offers an inspiring higher education
environment. Learn more about the University of Colorado Boulder
Be collaborative. Be ingenious. Be Boulder.
What We Require
What You Will Need
- Bachelor’s Degree from an accredited institution of higher
education in information technology, computer science or related
field or a combination of equivalent professional experience. (The
educational requirement may be substituted by professional
experience on a year for year basis).
- Five (5) years of relevant work experience in Active Directory
administration, information technology, and/or information
What We Would Like You To Have
- Knowledge of Active Directory services and underlying Kerberos
- Knowledge of identity and access management principles.
- Ability to translate complex concepts into simple, clear, and
concise messages that technical and non-technical audiences can
- Ability to establish, maintain and foster positive and
effective working relationships with those contacted in the course
- Ability to multitask and work well individually, as well as
cooperatively with others in support of team effort.
- Ability and interest to continually learn and grow
- Ability to create and follow work plans.
- Ability to work across departments and business units to
implement organization’s identity and access management principles
- Skill in verbal and written communication, facilitation, and
- Skill to apply identity and access management principles to
organizational requirements (relevant to confidentiality,
integrity, availability, authentication, non-repudiation).
- Experience working within information technology in the higher
- Experience with the Agile Framework, working with Agile
Delivery Teams, using Agile / Scrum / Kanban.
- Experience in the IAM domain in a cloud-based infrastructure
- Experience with Azure AD.
- Working knowledge of data security and compliance operations
and governance for highly confidential data (e.g., HIPAA, FERPA,
- Experience with Microsoft Authenticator and Modern Auth.
To apply, please submit the following materials:
- A current resume.
- A cover letter that specifically tells us how your background
and experience align with the requirements, qualifications, and
responsibilities of the position.
We may request references at a later time.
Please apply by July 12, 2022, for consideration.
Note: Application materials will not be accepted via email. For
consideration, please apply through CU Boulder Jobs
Posting Contact Information
Posting Contact Name:
Boulder Campus Human Resources
Posting Contact Email: