Developer (Identity and Access Management) contributes to Lehigh’s success by building, supporting and maintaining the technical infrastructure related to digital identities. Under the direction of management, the goal will be to enable Lehigh University initiatives, improve the user experience and improve security and compliance. The Lehigh community takes seriously our commitment to antiracism and The Principles of our Equitable Community.
Position Number: S97980
This position is a Grade: 10-40 with an approximate salary range of $64,330-$78,260 and is subject to change based on experience, skills and qualifications
Lehigh University offers a comprehensive and family friendly benefits package which includes but is not limited to Health Care, Retirement and Educational benefits. Information can be found on our website at https://hr.lehigh.edu/benefits
1. Designs, develops, maintains and supports Lehigh’s Identity and Access Management infrastructure (40%)
*Researches and develops new features, configurations and integrations with Lehigh’s midPoint-based Identity Governance Administration system using programming languages such as Groovy and Java
*Educates and enables University stakeholders to deliver efficient access to applications and services
*Supports campus IAM infrastructure by troubleshooting, debugging and correcting identity and service-related issues
*Develops and maintains campus SimpleSAMLphp-based SAML2 and CAS single sign-on infrastructure
*Works with Lehigh’s Technology Infrastructure Operations team to ensure the availability and integrity of IAM infrastructure
2. Designs, develops, supports and maintains Identity Management and Information Security applications in languages such as Python using frameworks such as Flask (40%)
*Designs and develops desktop and web applications
*Debugs, troubleshoots and supports existing applications
*Maintains and enhances applications with upgrades and new features
3. Produces and updates documentation to record Lehigh’s IAM environment, applications, processes and procedures (10%)
4. Provides supplemental support for front-line IAM services (10%)
*Audits, monitors and maintains identity and access controls for account access to Lehigh network services
*Responds to the campus community regarding identity and account-related questions, issues and problems
*Performs the addition, deletion and maintenance of authorized users to enterprise information systems
*Creates and maintains access controls to enterprise information infrastructure as specified by Lehigh’s data stewards and data managers
Special Considerations
Persons with disabilities who anticipate needing an accommodation for any part of the interview or hiring process may contact Lehigh's Accommodations Specialist at inada@lehigh.edu
The duties of this position may allow the employee to work partially remote as deemed appropriate by their supervisor
Qualifications
High school diploma or equivalent combination of education and experience; Bachelor's Degree in Computer Science or Related Field preferred
One to three years of related work experience
Hands-on technical experience performing systems integration or software engineering of a centralized IAM solution
Hands-on technical experience administering a single sign-on system
Experience developing applications against PostgreSQL database
Experience performing Linux/UNIX system administration
Hands-on technical experience configuring and administering Evolveum midPoint
Hands-on technical experience managing a SAML2 Identity Provider, SimpleSAMLphp will be a plus
Experience developing Flask-based web applications in Python
Experience developing applications against Oracle Database
Successful completion of standard background checks including but not limited to: social security verification, education verification, national criminal background checks, motor vehicle checks, PATCH, FBI fingerprinting, Child Abuse Clearance and credit history based upon the requirements of the position
Only complete applications will be considered therefore please complete the application in its entirety. Once the posting is removed from the website applications may no longer be allowed to be completed.