Identity & Access Management (IAM) Analyst

IT SCRTY ANL 3 (007338)

UCPath Position ID: MI-DPT455400-JC007338-PD172825

Position Description History/Status

For Reference ONLY - PeopleAdmin JA Number:

1143004

Approved Date:

4/29/2024 1:05:20 PM

Date Last Edited:

4/29/2024 1:05:17 PM

Last Action Effective Date:

4/29/2024

Organization Details

Business Unit (Location):

LACMP

Organization Code:

5000O

Organization:

ADMINISTRATIVE VICE CHANCELLOR         

Division Code:

5901D

Division:

ADMINISTRATION                         

Department:

455400 - IT SERVICES

Position Details

UCPath Position Number:

MI-DPT455400-JC007338-PD172825

Position Description ID

172825

UC Payroll Title:

IT SCRTY ANL 3 (007338)

Business Title:

Identity & Access Management (IAM) Analyst

Personnel Program

Professional and Support Staff (PSS)

Salary Grade:

Grade 23

Job Code FLSA:

Exempt

Union Code (Collective Bargaining Unit):

99: Non-Represented (PPSM)

Employee Relations Code:

E: All Others - Not Confidential

Employee Class (Appt Type):

2 - Staff: Career

Full-Time Equivalent (FTE)

1

SUPERVISION

UCPath Reports to Position Number:

41051981

Reports to Payroll Title:

IT SCRTY MGR 1

UCPath Department Head Position Number:

40068309

Department Head Payroll Title:

INFO SYS MGR 4

GENERAL SUPERVISION - Indicates that the incumbent develops procedures for performance of variety of duties; or performs complex duties within established policy guidelines.

POSITION SUMMARY

The Identity & Access Management (IAM) Analyst will be responsible for leading the design, implementation, and support of advanced identity and access management data, processes, and technologies. This role will work closely with various departments across the university, as well as external vendors, to ensure quality of identity data, the establishment of data standards, and the appropriate access levels are granted to users in a timely, secure, and compliant manner, focusing on automation wherever possible. In addition, the position will evaluate and test new software and upgrades. The IAM Analyst will help produce documentation, procedures, and any necessary materials to support IAM services.

The IAM Analyst will positively impact UCLA's operations and culture by protecting University stakeholder's information and data in service of the

institution's academic and research mission. This team member will advance the University's mission by delivering exceptional IAM service comprehensively and consistently across faculty, staff, students, and persons of interest. This role will execute UCLA's vision while modeling UCLA's culture and values.

The UCLA Information Security Office enables UCLA’s goals by providing leadership assuring the confidentiality, integrity, and availability of its information resources. The Information Security Office enables efficient incident response planning and notification procedures. In addition, the office aims to implement risk assessment strategies to identify vulnerabilities and threats to departmental information resources and enterprise systems. This includes executing a comprehensive UCLA IT security plan, which involves proposing, delivering, and enforcing administrative, technical, and physical security measures to tackle identified risks based on their sensitivity or criticality.

Identity and Access Management protects UCLA’s resources and supports university business through access management, including account lifecycle, authentication, access, and role-based provisioning at the enterprise level. This team implements rigorous regulation of entitlements through granular access control and the auditing of all identities managed by UCLA. 

Identity & Access Management (IAM)

1. Designs, implements, and supports the university's IAM processes and technologies, including provisioning, deprovisioning, authentication, and access control.

2. Collaborates with stakeholders to gather requirements and establish best practices for identity and access management.

3. Performs regular audits and reviews of user access levels to ensure compliance with university policies and regulatory requirements.

4. Investigates and resolves access-related issues, working with the appropriate teams to identify root causes and implement corrective actions.

5. Monitors and analyzes IAM system performance and security, recommending improvements and enhancements as necessary.

6. Assists in the development and implementation of security policies, procedures, and guidelines related to IAM.

45%

Problem Solving

1. Assists in identifying and implementing appropriate IAM safeguards, including secure user authentication and account management standards.

10%

Customer Service

1. Responds to stakeholder inquiries and concerns regarding system access, providing clear and concise information and guidance to ensure customer satisfaction.

10%

Continuous Improvement

1. Maintains up-to-date knowledge of IAM technologies, trends, and regulatory requirements, and recommends changes to the university's IAM program as needed.

10%

Project Planning & Management

1. Plans and executes testing upgrades, scan fixes, and other changes using service management software and methodologies.

10%

Communications & Training

1. Provides timely communications to stakeholders, technical staff, and management as required. Communicates and reports network security incidents and issues to university and IT leaders.

2. Provides guidance and training to university staff on IAM processes and best practices.

10%

Other

Actively contributes to promoting equity, diversity, and inclusion across the organization and UCLA’s campus. Actively promotes the organization’s core values and consistently integrates innovation, employee fulfillment, teamwork, respect, excellence, integrity, service, and accountability into each aspect of their work. Maintains current knowledge of University policy and procedure; effectively, consistently and fairly applies University policy and/or campus/division procedures for assigned area and team members supervised; complies with University, Campus and division policies and procedures regarding privacy of information, authorized use of University resources and the security of University systems and data. Performs other related responsibilities as requested and when necessary.

5%

•

Performs other duties as assigned.

•

Complies with all policies and standards.

•

Complies with the University of California, Los Angeles (UCLA) Principles of Community.

•

This position description is not intended to be a complete list of all responsibilities, duties or skills required for the job and is subject to review and change at any time, with or without notice, in accordance with the needs of the organization.

QUALIFICATIONS

Bachelor's Degree

information technology, cybersecurity, computer science, engineering, public administration, business administration, communications, or related field, or equivalent combination of experience/training

Required

Bachelor's Degree

information technology, cybersecurity, computer science, engineering, public administration, business administration, communications.

Preferred

Three years

Experience working in one or more of the following fields: computer science, cybersecurity, computer information systems, or related field.

Required

Experience using identity and access tools and systems in a distributed IT environment.

Required

Experience with IAM monitoring tools. Experience analyzing logs for anomalous user behavior.

Required

Experience participating in activities to advance an inclusive environment that values equity, diversity, inclusion and belonging.

Required

Five or more years

Experience working in one or more of the following fields: computer science, cybersecurity, computer information systems, etc.

Preferred

Experience in complex higher education environments, serving academic and administrative functions of a large public university.

Preferred

Demonstrated skills applying secure user authentication and account management standards to computer software and hardware.

Required

Strong knowledge of IAM principles, technologies, and best practices, including experience with role-based access control (RBAC) and access governance (IGA), and privileged access management (PAM).

Required

Familiarity with directory services (e.g., Active Directory, LDAP), authentication (e.g., Single Sign-On (SSO)) technologies, and multi-factor authentication (MFA) solutions.

Required

Strong written and verbal communication skills and is able to communicate technical information and ideas to a diverse community of colleagues and stakeholders.

Required

Able to establish and advance positive working relationships and a strong rapport with team members, stakeholders, and customers.

Required

Strong organizational skills and is able to balance competing priorities and support concurrent projects. Experience working in a project-based environment using leading project management practices including schedule management, status reporting, and communication of project risks and issues.

Required

Strong demonstrated problem-solving skills; scopes solutions based on knowledge of available resources and timelines. Able to ask questions, gather information, evaluate options, and make decisions with integrity.

Required

Thinks creatively and proposes innovative ideas, including the incorporation of new technologies or processes. Is able to work with agility in a fast-paced environment.

Required

SPECIAL REQUIREMENTS AND/OR CONDITIONS OF EMPLOYMENT

Background Check: Continued employment is contingent upon the completion of a satisfactory background investigation.

Live Scan Background Check: A Live Scan background check must be completed prior to the start of employment.

LOCATION AND PHYSICAL, ENVIRONMENTAL, MENTAL (PEM) REQUIREMENTS

Environment and Work Location Information

Environment Type:

Non-Clinical Setting

Location Setting:

Campus

Location:

Standing/Walking

X

Sitting

X

Bending/Stooping

X

Squatting/Kneeling

X

Climbing

X

Lifting/Carrying/Push/Pull 0-25 lbs

X

Lifting/Carrying/Push/Pull 26-50 lbs

X

Lifting/Carrying/Push/Pull over 50 lbs

X

Physical requirements other

X

Chemicals, dust, gases, or fumes

X

Loud noise levels

X

Marked changes in humidity or temperature

X

Microwave/Radiation

X

Operating motor vehicles and/or equipment

X

Exposures other

X

Sustained attention and concentration

X

X

Complex problem solving/reasoning

X

X

Ability to organize & prioritize

X

X

Communication skills

X

X

Numerical skills

X

X

Mental demands other

X

X

Classification 3:  Position in which exposure to blood, body fluids or tissues is not part of the position description. The normal routine task involves no exposure to blood, body fluids or tissues and the employee can decline to perform tasks which involve a perceived risk without retribution.