Reasonable Accommodations for Applicants with Disabilities

CU Boulder is committed to making information and resources that are available via the web accessible for all users. The CU Boulder careers site used to apply for staff positions is currently not fully accessible for individuals who are using screen readers and other assistive technologies, however, we are working with the supplier to make this accessible to all. If you use assistive technology and need to access the CU Boulder staff careers site please contact the ADA coordinator by email at or call 303-492-9725 for assistance.

Skip to content

Senior Identity & Access Application Administrator

Requisition Number:



Boulder, Colorado

Employment Type:

University Staff



Posting Close Date:


Job Summary

The Senior Identity & Access Management Application Administrator is part of a self-organizing, cross-functional team responsible for the design, implementation, and operation of enterprise systems and services that provide the foundation for authentication and access to online resources at CU Boulder. The team supports user provisioning, directory services, person data management, access control, federation and single-sign-on, and the integration of these services with other IT service providers and applications across campus. In this role, you will have the opportunity to participate in building and improving Identity & Access Management services and share in the group's planning, direction, and strategy.

Who We Are

The Office of Information Technology (OIT) is a dynamic organization, filled with energetic staff and students who aim to serve the campus and contribute to student success while supporting the University’s academic, research and service missions. We’re located in the heart of the beautiful CU Boulder campus. See what OIT is all about by watching our This is OIT video.

What Your Key Responsibilities Will Be

Service Transition
  • Work as a team to design, build, deploy, and continually improve IAM services and processes and ensure that work is carried out in a coordinated manner. This includes analysis, development, change management, testing and validation, communication with stakeholders, release and deployment processes, configuration management, and knowledge sharing.

Service Operation
  • Ensure that Identity & Access services, processes, and infrastructure operate effectively and efficiently. This includes fulfilling user requests, resolving failures and incidents, managing problems, and handling other routine, day-to-day operational tasks.

Service Strategy & Design
  • Participate with the team to determine strategy and direction to serve users of Identity & Access Management services and fulfill customer and organizational needs. The team will have the opportunity to work together to innovate and solve problems, design new services, and make improvements to existing ones.

What You Should Know

  • This is a two-year appointment. While it may easily be the case that this role will be extended to an ongoing appointment, for the present we have only identified funding streams for the first 2 years. 
  • In this role you'll participate in a formal on-call rotation with definitive response times; the likelihood of the on-call employee having to come on-site to respond/manage an issue/incident is low. When not on call, you'll be expected to respond in a reasonable (though not definitive) amount of time when called outside working hours regarding issues and incidents that arise.

What We Can Offer

  • Compensation for this position is market-driven and highly competitive, and will also be based on relevant background and experience.


The University of Colorado offers excellent benefits, including medical, dental, retirement, paid time off, tuition benefit and ECO Pass. The University of Colorado Boulder is one of the largest employers in Boulder County and offers an inspiring higher education environment. Learn more about the University of Colorado Boulder.

Be Statements

Be Professional. Be Resourceful. Be Boulder.

What We Require

  • Bachelor's Degree from an accredited institution with emphasis in computer science, information systems, or another related information technology. A combination of relevant education and experience as detailed in the "Key Responsibilities" section and below may be substituted for a degree on a year-for-year basis.
  • 3 years technical experience working in Identity & Access Management.

What You Will Need

  • Advanced understanding of Identity & Access Management and its role in supporting IT services.
  • Database inquiry experience and an understanding of relational database principles.
  • Strong interpersonal and written communication skills and the ability to communicate effectively with peers, stakeholders, and users.
  • Ability to document work or code and share/transfer knowledge.
  • Comfort with asking questions, trying new things, and offering candid feedback.
  • Ability to collaborate and work comfortably within a team.
  • Strong problem-solving, troubleshooting, and analytical skills.

What We Would Like You To Have

  • Technical experience operating, configuring, and managing the following IT services:
    • LDAP and Active Directory.
    • An enterprise Identity Manager solution (Oracle Identity Manager, for example).
    • An enterprise authentication or single-sign-on service (preferably Shibboleth or another SAML2-based solution).
    • Other identity, trust, access, or authorization middleware (Grouper, for example)
  • Experience working on an Agile team and participating in backlog grooming, sprint planning, and daily stand-ups.
  • Experience with Oracle SQL development, queries, views, etc.
  • Understanding of message/event based architecture and concepts.
  • Experience with web application hosting and Java application containers, including Apache HTTPD, Tomcat, Jetty, etc.
  • Java and Javascript development experience.
  • Experience using distributed version control systems (Git, for example) and work tracking systems (JIRA, for example).
  • Shell-scripting and automation experience.
  • Linux/Unix and Windows proficiency.
  • Experience with other various tools and technologies (DUO Two-Factor Authentication, ServiceNow, Confluence, OAuth, OIDC).

Special Instructions

University Staff: 
To apply, please submit the following materials: 
  1. A current resume. 
  2. A cover letter that specifically addresses how your background and experience align with the requirements, qualifications and responsibilities of the position. 

You will not be asked to upload references at this time. 

Please apply by September 22, 2019 for consideration. 

Note: Application materials will not be accepted via email. For consideration, applications must be submitted through CU Boulder Jobs. 

Posting Contact Name: Boulder Campus Human Resources

Posting Contact Email:

The University of Colorado Boulder is committed to building a culturally diverse community of faculty, staff, and students dedicated to contributing to an inclusive campus environment. We are an Equal Opportunity employer, including veterans and individuals with disabilities.