Logo
City and County of San Francisco

Identity Governance Engineer and Architect - Department of Technology (9976)

City and County of San Francisco, San Francisco, California, United States, 94199


IMPORTANT: Your application MUST include responses to the supplemental questionnaire found here: https://forms.gle/g3W9VVnuGow3tUDH7

Applicants must complete the supplemental questionnaire. The application will not be reviewed without a completed supplemental questionnaire.

Why Work for the Department of Technology (DT)? DT is the centralized technology services provider in the City and County of San Francisco (CCSF). We deliver technology infrastructure and services to approximately 33,000 employees! With an annual operating budget of over $140M and approximately 260 employees, DT provides a host of services that range from Public Safety radio and wiring and Network services to Enterprise Support and the Cloud.

Benefits of Working for CCSF: In addition to challenging and rewarding work, the City provides a generous suite of benefits to its employees.

Job security, pension, and robust retirement options

Competitive pay with consistent bi-yearly or yearly increases

Hybrid Work with a minimum of 20% of time spent in our office in San Francisco, California for all IT related roles

Generous paid time off, family leave, and more!

Diverse work environment in a diverse city

Union protections and representation

Career development and growth — move between departments, learn on the job, or take subsidized/reimbursed classes!

PEOPLE-CENTERED SOLUTIONS — have a powerful, meaningful effect on the community each day with people at the heart of every solution!

CLOSING THE DIGITAL DIVIDE — bring the benefits of the internet to low-income and marginalized residents!

SHINE A LIGHT ON WHAT MATTERS — join an award-winning production team at SFGovTV to help residents watch legislators or learn more about what makes this City great!

DRIVE INNOVATION — deliver new, cutting-edge technology to residents and city partners to help San Francisco serve its residents!

Reporting to the Director of IAM & Directory services, the IAM Engineer and will be responsible for the development, deployment, administration, and maintenance of Oracle Identity and Access Management (IAM) security solutions and programs. The incumbent will have rich experience in Java, J2EE, cloud services, hybrid cloud access management responsibilities, and Privileged Access Management experience along with continual monitoring of the IAM service for quality levels including performance and outage issues, coordinating with System Administrators, Database Administrators, Information Security, and system owners to architect, deploy and maintain IAM tools and solutions. The position requires a detail-oriented, self-motivated, degreed professional with experience supporting Identity Access Management Systems including Oracle Access Manager and Oracle Identity Management 11gR2/12c/Identity Cloud Services.

Position Responsibilities

The Identity & Access Management (IAM) Engineer will contribute to the overall strategy, planning, evaluation & implementation of the entire Identity/Access Management stack. The individual in this role will significantly contribute to the direction and oversight into the IAM functions across the City and County, including areas such as developing centralized provisioning IAM engine to all Citywide Enterprise Applications, workflow and review certification, Audit and Compliance, Hybrid cloud management, Privileged Access Management, Authentication & Authorization. This position will require expert knowledge in Oracle Fusion Middleware, Oracle Identity & Access Management administration, Identity cloud services, WebLogic administration, custom connector development, installation and configuration, performance tuning, backup, and recovery methods in multiple computing environments and must be well versed in J2EE, Service Oriented Architecture (SOA), Web Services, LDAP, XML, and SAML. This position also requires knowledge of Oracle databases and should be able to support other areas or functions as needed.

Job Type:

This Permanent Exempt - Full Time position is excluded by the Charter from the competitive civil service examination process and shall serve at the discretion of the appointment officer. The anticipated duration of this project position is thirty-six (36) months and will not result in an eligible list or permanent civil service hiring.

Nature of Work:

Incumbent must be willing to work a 40-hour week as determined by the department. Travel within San Francisco may be required.

The incumbent must be a resident of the State of California or be willing to relocate within 4 weeks of beginning employment with the City and County of San Francisco.

The City and County of San Francisco does not sponsor visas. If you have an F1 student visa, the City will not sponsor the “optional practical training” requirement. All applicants must be able to demonstrate that they are legally able to work in the United States without visa sponsorship by the employer.

Work Location:

Incumbent will conduct the majority of work at the Department of Technology, 1 south Van Ness in San Francisco. However, there may be situations where the incumbent will be required to work at other sites throughout the City of San Francisco as necessary.

This position does not support fully remote work. Employees may be permitted to work a hybrid schedule with supervisor approval, after which they must work at least two days in the office every two weeks.

Education:

An associate degree in computer science, computer engineering, information systems, or a closely related field from an accredited college or university OR its equivalent in terms of total course credits/units [i.e., at least sixty (60) semester or ninety (90) quarter credits/units with a minimum of twenty (20) semester or thirty (30) quarter credits/units in one of the fields above or a closely-related field].

Experience:

Five (5) years of experience in Identity and Access Management.

License and Certification:

Substitution:

Additional experience as described above may be substituted for the required degree on a year-for-year basis (up to a maximum of two (2) years). One (1) year is equivalent to thirty (30) semester units/ forty-five (45) quarter units with a minimum of 10 semester / 15 quarter units in one of the fields above or a closely related field.

Completion of the 1010 Information Systems Trainee Program may be substituted for the required degree.

Desired Qualifications:

5 years of progressive hands-on experience in design, architecture and administration of Identity and Access Management solutions using Oracle Identity and Access Management suite

5 years of experience in configuring automated user provisioning and access management

5 years of experience in SOA, BPEL workflow configuration and management

5 years of experience in Spring, Struts, App servers, jQuery, Hibernate

5 years of experience in SOAP and RESTful framework

5 years of experience in Federation, SAML, OpenID, OAuth, and other industry-standard authentication/authorization solutions

5 years of Java, J2EE, JavaScript, HTML

5 years' experience in Oracle Database and Linux operating systems

5 plus years' experience in using Eclipse, JDeveloper, Maven

Experience in troubleshooting issues and quickly resolve them in an efficient manner that minimizes downtime

Experience with Windows, Linux, and Unix Operating Systems

Ability to perform job functions with considerable independence and judgment

Well organized with excellent written and verbal communications skills

Hands on experience in Identity cloud services and OCI

Hands on experience in Jenkins, GitHub, Service Now

Knowledge of vulnerability assessments and penetration tests

Knowledge of industry-standard frameworks – NIST, ISO, HIPAA, PCI

Applicants must meet the minimum qualification requirement by the final filing date unless otherwise noted.

Note:

1) Security Clearances & Background Investigations: Criminal Justice Information Services (CJIS) Security Clearance may be required. Positions in this classification may require that successful candidates who become eligible for appointment may be required to go through a background investigation to determine the candidate's suitability for employment in this classification. Factors considered in the investigation may include employment history, use of illegal/controlled substances. Reasons for rejection based on this investigation may include, but not limited to applicable convictions, repeated or serious violations of the law, inability to accept supervision, inability to follow rules and regulations, falsification of application materials and/or other relevant factors. Failure to obtain and maintain security clearance may be basis for termination.

Verification: Applicants may be required to submit verification of qualifying education and experience at any point in the application and/or departmental selection process. Written verification (proof) of qualifying experience must verify that the applicant meets the minimum qualifications stated on the announcement. Written verification must be submitted on employer’s official letterhead, specifying name of employee, dates of employment, types of employment (part-time/full-time), job title(s), description of duties performed, and the verification must be signed by the employer. City employees will receive credit for the duties of the class to which they are appointed. Credit for experience obtained outside of the employee’s class will be allowed only if recorded in accordance with the provisions of the Civil Service Commission Rules. Experience claimed in self-employment must be supported by documents verifying income, earnings, business license and experience comparable to the minimum qualifications of the position. Copies of income tax papers or other documents listing occupations and total earnings must be submitted. If education verification is required, information on how to verify education requirements, including verifying foreign education credits or degree equivalency, can be found at http://sfdhr.org/index.aspx?page=456.

Note: Falsifying one’s education, training, or work experience or attempted deception on the application may result in disqualification for this and future job opportunities with the City and County of San Francisco.

Compensation:

$76.7750 - $96.5625 hourly / $159,692 - $200,850 annually

How to Apply:

Applicants are encouraged to apply immediately as this recruitment may close at any time, but not before September 27, 2024 at 11:59 PM.

Your application MUST include a resume. To upload, please attach using the "additional attachments" function.

In additional to submitting your application, you MUST submit this supplemental questionnaire: https://forms.gle/g3W9VVnuGow3tUDH7

You may contact Carol Wong via email at carol.x.wong@sfgov.org with questions regarding this opportunity.

Late or incomplete submissions will not be considered. Mailed, hand delivered or faxed documents/applications will not be accepted.

Helpful Information

Information About The Hiring Process (https://sfdhr.org/information-about-hiring-process)

Conviction History

Employee Benefits Overview (https://sfdhr.org/benefits-overview)

Equal Employment Opportunity (https://sfdhr.org/equal-employment-opportunity)

Disaster Service Worker (https://sfdhr.org/disaster-service-workers)

ADA Accommodation

Veterans Preference (http://sfdhr.org/information-about-hiring-process#veteranspreference)

Right to Work

Copies of Application Documents (https://sfdhr.org/information-about-hiring-process#copies)

Diversity Statement

Right to Work:

All persons entering the City and County of San Francisco workforce are required to provide verification of authorization to work in the United States.

The City and County of San Francisco encourages women, minorities and persons with disabilities to apply. Applicants will be considered regardless of their sex, race, age, religion, color, national origin, ancestry, physical disability, mental disability, medical condition (associated with cancer, a history of cancer, or genetic characteristics), HIV/AIDS status, genetic information, marital status, sexual orientation, gender, gender identity, gender expression, military and veteran status, or other protected category under the law.