Find your next cybersecurity opportunity


Identity & Access Management Analyst (Hybrid/Remote)

University of Massachusetts Amherst

University of Massachusetts Amherst

Amherst, MA, USA
Posted on Tuesday, November 22, 2022


Identity and Access Management Analyst


About UMass Amherst

UMass Amherst, the Commonwealth's flagship campus, is a nationally ranked public research university offering a full range of undergraduate, graduate and professional degrees. The University sits on nearly 1,450-acres in the scenic Pioneer Valley of Western Massachusetts, and offers a rich cultural environment in a bucolic setting close to major urban centers. In addition, the University is part of the Five Colleges (including Amherst College, Hampshire College, Mount Holyoke College, and Smith College), which adds to the intellectual energy of the region.


Job Summary

The Identity Access Management Analyst is a technical staff member of the Information Security organization supporting mission-critical IT applications, business processes, and infrastructure services provided by the Information Technology department.  This entry level position will collaborate with university business stakeholders to administer Identity and Access Management (IAM) capabilities that enable the full life cycle of UMass Amherst account identities, credentials, and entitlements according to security, privacy, and compliance requirements.  This position requires basic knowledge in Governance, Risk, and Compliance (GRC), a good understanding of data security, academic business operations and compliance-related laws, regulations, and audits.


Essential Functions

Identity Access Management and Administration

  • Executes day-to-day Identity and Access Management (IAM) control activities which may include, but not limited to, access provisioning/de-provisioning, entitlement review & access recertification, role-based authorization, segregation of duties, and computer account management.
  • Works with Human Resources for all new user and user transfer/termination events with respect to access and authorization controls.
  • Identifies and resolves gaps in the business processes which may include security/authorization set-up, user documentation, data interface design, data migration and reconciliation.
  • Interacts with end users, managers, and data custodians to ensure compliance with access controls and audit procedures.
  • Provides operational support for authentication/authorization services such as Multi-Factor Authorization (MFA), Active Directory, and Identity Management (IdM).
  • Cross-trains information security staff members to function in a backup capacity.

Security Office Functions

  • Administers, contributes to, or coordinates security awareness, education, and outreach, which focus on protecting the confidentiality, integrity, and availability of university information.  Ensures the members of the university community are aware of applicable security laws and regulations and of their impact upon information uses at the university.  Prepares and delivers training material independently or via third party training partners.
  • Interfaces with, and responds to, internal and state auditor’s requests as needed
  • Assists with security risk assessments/audits in accordance with established security policies and procedures
  • Ensures compliance with all federal, state, and local legislation relative to university information security
  • Participates in information security strategic and tactical planning, disaster recovery, and business continuity planning

Promote the University’s commitment to customer service by:

  • Building effective partnerships with co-workers throughout the University by freely sharing appropriate information and providing assistance when needed.
  • Ensuring optimum service to all internal and external partners in response to requests for service and information.
  • Maintaining an environment that is welcoming to persons of all backgrounds, nationalities, and roles.


Other Functions

Performs other related duties as assigned to accomplish the academic, administrative, and research goals of the University.


Minimum Qualifications

  • High School diploma with 4 years of IT experience; an associate's degree may be substituted for 2 years of required experience; a bachelor's degree may be substituted for 4 years of required experience.
  • Familiarity with security, privacy, audit and compliance requirements applicable to IAM in higher education (GDPR, HIPAA, PCI DSS, etc.).
  • Knowledge of IAM principles and policy, such as segregation of duties analysis, access reviews, provisioning/de-provisioning, authorization and authentication protocols, and access governance.
  • Demonstrated oral and written communication skills to collaborate effectively.
  • Ability to work in a team environment, take direction and guidance, prioritize, and meet deadlines for wide-ranging technical projects.
  • Ability to use a combination of independent research, experience, testing, and escalation to efficiently balance the most appropriate and cost-effective solution.
  • Ability to establish and maintain effective working relationships in a positive, services-oriented manner.
  • Given the nature and responsibilities of the position, only U.S. persons (any individual who is a citizen of the United States, a permanent resident alien of the United States, or a protected individual as defined by 8 U.S.C.1324b(a)(3)) will be considered for this position.


Preferred Qualifications

  • Hands-on experience with Identity Management Software (Grouper, coManage, MidPoint).
  • Knowledge Critical Security Controls.
  • Knowledge of authentication protocols such as Active Directory, LDAP, Kerberos, SAML desired; knowledge of asset management products.
  • Prior IT operations experience in higher education environment.


Physical Demands/Working Conditions

  • Typical Office Activities.


Additional Details

  • Exercises discretion and independent judgment. As a member of the Information Security team, decisions may affect the integrity of campus information assets.
  • This position administers access to university data and assets.  Errors, oversight, and mistakes may have a significant impact to the University.
  • May encounter sensitive issues related to the cybersecurity posture of the university. This involves restricted and confidential data (personally identifiable data) and IT security-related matters, which require extreme confidentiality.
  • Requires demonstrated excellence taking ownership of problems and transferring knowledge.  Ever changing laws and policies must be monitored to ensure business practices and procedures are updated to maintain compliance.
  • Extensive communication with internal audiences including faculty, staff, students, and campus technicians; External audiences including UMass System Information Technology support resources (Application Specialists, Technical Support; Security).


Work Schedule

Monday-Friday 9am to 5pm

This position has the opportunity for a hybrid work schedule, which is defined by the University as an arrangement where an employee’s work is regularly performed at a location other than the campus workspace for a portion of the week. As this position falls within the Professional Staff Union, it is subject to the terms and conditions of the Professional Staff Union collective bargaining agreement.


Salary Information

Level 27

PSU Hiring Ranges


Special Instructions to Applicants

Submit a resume, cover letter and contact information for three (3) professional references in order to ensure consideration; applications will be accepted until the position has been filled.


UMass Amherst is committed to a policy of equal opportunity without regard to race, color, religion, gender, gender identity or expression, age, sexual orientation, national origin, ancestry, disability, military status, or genetic information in employment, admission to and participation in academic programs, activities, and services, and the selection of vendors who provide services or products to the University.  To fulfill that policy, UMass Amherst is further committed to a program of affirmative action to eliminate or mitigate artificial barriers and to increase opportunities for the recruitment and advancement of qualified minorities, women, persons with disabilities, and covered veterans.  It is the policy of the UMass Amherst to comply with the applicable federal and state statutes, rules, and regulations concerning equal opportunity and affirmative action.