Senior Identity Management Analyst

FLSA Status

Exempt

Immediately

Salary commensurate with experience

40.00 Standard from 8:00 AM to 5:00 PM

Office of Information Security

A resume and letter of interest is required to apply. Candidates under final consideration will also be required to submit professional references, college degree information, and employment history to an online third‑party vendor.

For more than 140 years, The University of Texas System has improved the lives of Texans - and people all over the world - through education, health care, and research. The System consists of nine academic institutions, four health institutions, and The University of Texas System Administration. The institutions of the UT System employ more than 160,000 faculty, health care professionals, researchers, support staff, and student workers.

The UT System Administration is primarily based in Austin, Texas. It supports the missions of the System's thirteen institutions by providing financial, legal, planning, purchasing, government relations, communications, development, and other central services. Serving a growing state, the UT System Administration strives to provide a welcoming, supportive work environment that embraces different perspectives - not only because it enables the organization to be stronger, creative, and thoughtful, but because it is the right thing to do.

To that end, UT System Administration embraces state laws on military and former foster children employment preferences.

We are seeking a highly skilled and experienced Identity Management Analyst to join our team. The ideal candidate will be responsible for overseeing the entire identity lifecycle strategy at an enterprise level, ensuring compliance with internal policies and external regulations, and driving the adoption of next‑generation IAM approaches. This role requires a deep understanding of IAM architecture, authentication protocols, and identity analytics.

• User / Application Access Provisioning & Deprovisioning:
  Oversee the entire identity lifecycle strategy, design and optimize provisioning/deprovisioning processes, and set standards for account creation, modification, and removal for both regular and privileged users.
• Identity Governance & Compliance:
  Define IAM governance frameworks, lead compliance efforts, develop and update IAM policies, and coordinate identity governance processes.
• Privileged Access Management:
  Architect and govern the PAM program, select and review the enterprise PAM solution, and establish advanced controls such as just‑in‑time access for administrators.
• Security Automation & Scripting:
  Champion automation and integration efforts, design and roll out enterprise‑wide IAM automation, and integrate IAM systems with other IT and security tools.
• SSO & MFA Management:
  Direct the architecture and expansion of Single Sign‑On and Multi‑Factor Authentication solutions, manage federation trust relationships, and ensure robust authentication mechanisms enterprise‑wide.
• IAM System Integrations & API Management:
  Lead complex IAM integrations, oversee the integration of IAM solutions with cloud services, third‑party applications, and internal systems.
• Incident Response & IAM Security Monitoring:
  Take ownership of identity‑related security incidents, develop and refine incident response plans, actively monitor IAM systems, and respond to security incidents related to identity and access.
• Emerging IAM Trends:
  Drive the adoption of next‑generation IAM approaches, champion zero‑trust security models, and leverage identity analytics and intelligence to analyze user behavior and access patterns.

• Deep knowledge of authentication protocols and solutions (SAML, Shibboleth, Microsoft Entra
  
  ID/MIM, DUO, OAuth2/OpenID Connect, Kerberos), Privileged Access Management (PAM), and identity analytics.
• Familiarity with federated identity systems used for inter‑university collaboration and research (such as InCommon federation or Eduroam for campus logins).
• Capable of evaluating new IAM technologies (e.g., passwordless…