Security Administrator, Enterprise - IT Solutions

Title

Security Administrator, Enterprise Applications

The Security Administrator is responsible for designing, implementing, and managing comprehensive security practices and access control frameworks for enterprise applications including Oracle Applications Cloud, Oracle Integration Cloud, ERP, Student Information System (Ellucian Colleague or similar), Salesforce CRM, OnBase and other enterprise applications.

The Security Administrator role will ensure the development and enforcement of role-based access controls (RBAC), and segregation of duties (SoD) to ensure regulatory compliance and reduce security risks. The administrator will collaborate closely with functional teams to translate business requirements into secure, auditable access models while maintaining full observability of user activity and resource usage.

This position is instrumental in implementing secure identity and access management (IAM) solutions, including SSO, MFA, directory integration, and automated provisioning & de‑provisioning processes. Additionally, the role includes continuous monitoring of access patterns, detection of anomalies, and active participation in audit and compliance initiatives.

As a member of the IT Services (ITS) team, the Security Administrator is expected to uphold the division’s mission and contribute positively to a collaborative, human‑centered, innovative, accountable, transparent, and inclusive culture within ITS. Work is performed under general supervision and performance evaluation is based upon completion of assignments and results obtained. The performance evaluation is conducted through the performance evaluation system and in accordance with the University Policies & Procedures.

Reports to: Manager, Business Applications

Supervises: None

Oracle Cloud:

• Create and maintain security roles catalog for Oracle Cloud applications.
• Administer user roles and permissions within Oracle Cloud (HCM, Financials, EPM, ATP, OIC, etc.).
• Administer the Oracle Cloud Security Console to create and manage custom security roles. Design and configure security roles, duty roles, abstract roles and data access sets based on business needs and best practices.
• Ensure compliance with internal controls, audit requirements, and segregation of duties (SoD) policies.
• Collaborate with functional and technical teams to troubleshoot access issues and implement security solutions.
• Monitor and maintain user provisioning, including onboarding/offboarding processes.
• Regularly review and audit access logs and user activities for anomalies or violations.
• Develop and maintain documentation of security configurations, roles, policies, and procedures.
• Conduct regular reviews of user access rights and application roles to enforce the principle of least privilege.
• Support internal and external audits, ensuring compliance with standards such as FERPA, HIPAA, etc.
• Stay current on security trends, advancements, and technology solutions applicable to enterprise applications.

Colleague Student Information System:

• Create and maintain security roles catalog for Colleague SIS.
• Administer user accounts, roles, and permissions within the Colleague SIS environment.
• Develop and enforce security policies for role‑based access to student and administrative data.
• Manage Colleague UI security class definitions, mnemonics, and security groups.
• Collaborate with functional departments (Registrar, Financial Aid, HR, etc.) to determine and implement appropriate access levels.
• Conduct periodic security audits and reviews of user access and data permissions.
• Support onboarding and off‑boarding of employees, ensuring proper provisioning and deprovisioning of system access.

Salesforce CRM:

• Create and maintain security roles catalog for Salesforce.
• Administer and manage user profiles, permission sets, role hierarchies, and sharing rules in Salesforce.
• Implement and maintain org‑wide default settings, field‑level security, and record‑level access controls.
• Ensure compliance with internal security policies, data protection regulations, and access control best practices.
• Collaborate with Salesforce developers, admins, and business stakeholders…