Renata
Back to jobs
C

Identity Management Developer (CEMI)

Cornell University
Ithaca (Main Campus)Posted Today
Full-timeonsite
Apply NowAsk Renata

Job Description

   

Working Title: Identity Management Developer (CEMI) [Remote] [2 Year Term]

No Visa Sponsorship is available for this position.

This is a two (2) year term appointment which may be ended or extended based on organizational needs, funding availability, and performance.

About Information Technology @ Cornell

Information Technology (IT) is a strategic enabler for many functions at Cornell University, with staff located across colleges, administrative units, and campuses throughout the institution. While comprised of many organizations, IT operates as one partnering closely with faculty, staff, and students to support teaching, research, and business operations. By being embedded where the Cornell community is, IT is well positioned to provide support ranging from day‑to‑day needs to large, complex initiatives that advance major academic, research, and operational objectives across the university. Check out this link to find out more about IT@Cornell

What will you do:

Reporting to the Assistant Director for Identity & Access Management, the Identity Management Developer (CEMI) provides cybersecurity‑focused technical leadership and engineering expertise in support of Cornell University’s Identity & Access Management services within the university IT Security Office (ITSO). This position plays a key role in ensuring the secure, reliable, and effective delivery of enterprise authentication, authorization, and directory services that underpin the university’s academic, research, and administrative operations.

The Identity Management environment at Cornell consists of a diverse ecosystem of homegrown, open‑source, and vendor‑provided applications and services. The Security Engineer operates primarily in an engineering‑focused capacity, contributing deep technical expertise to the design, planning, implementation, and ongoing improvement of identity services. This role is instrumental in maintaining a strong security posture while enabling scalability, resiliency, and ease of use for a broad and varied campus community.

In addition to technical leadership, this position serves as a key liaison between ITSO, campus business units, and external partners. The Security Engineer supports strong service relationships by helping stakeholders understand identity service capabilities, status, and access processes, and by translating complex technical concepts into clear, non‑technical guidance when needed. The role also contributes to the evolution of next‑generation Identity Management solutions by collaborating with vendors, peer institutions, and internal partners to stay current with emerging technologies and best practices in higher education cybersecurity.

The Security Engineer is expected to work collaboratively within the Identity Management team and across ITSO to meet service levels, support operational objectives, and respond effectively to system outages or changes, including availability outside of standard university business hours when required.

This is a two (2) year term appointment which may be ended or extended based on organizational needs, funding availability, and performance.

While position responsibilities vary, every member of our community is expected to foster a culture of belonging and a healthy work environment by communicating across differences; being cooperative, collaborative, open, and welcoming; showing respect, compassion, and empathy; engaging and supporting others regardless of background or perspective; speaking up when others are being excluded or treated inappropriately; and supporting work/life integration of oneself and others.

Required Qualifications:

  • Bachelor’s degree with a minimum of three to five years of relevant experience, or an equivalent combination of education and experience.
  • Demonstrated success providing technical support and application or middleware development in a distributed, team‑focused computing environment.
  • Demonstrated expertise with one or more scripting or programming languages, such as Java, Perl, Python, and/or VB (.NET), ReactJS, Ruby, and/or PHP
  • Approximately 1 year+ of professional experience developing ReactJS applications and/or Ruby on Rails.
  • System administration experience with Linux required; and Windows experience preferred.
  • Working to advanced knowledge of one or more identity and access management technologies, including directory services, virtual directories, SAML2, OAuth2, LDAP, and Active Directory authorization technologies.
  • Proven experience writing technical design documentation, conducting code reviews, and working with version control systems such as Git.
  • Ability to translate user and business needs into clear functional requirements and technical specifications, and to promote effective and efficient information sharing.
  • Demonstrated ability to communicate complex Identity Management concepts—including system functions, capabilities, and processes—into business terms that are clear, accessible, and meaningful to non‑technical stakeholders.
  • Proven ability to work effectively in a dynamic, deadline‑driven, and complex environment with multiple competing priorities.
  • Strong facilitation, problem‑solving, analytical, reasoning, and judgment skills, with the ability to evaluate options and recommend sound technical solutions.
  • Experience supporting and managing mission‑critical systems in a production environment, including troubleshooting and incident response.
  • Proven ability to identify, scope, and implement opportunities for automation or architectural improvements that enhance system reliability, security, or efficiency.
  • Ability to cultivate and develop inclusive working relationships with students, faculty, staff, and community members. 

Preferred Qualifications:

  • Experience working in higher education, research, or similarly complex enterprise environments, particularly those with diverse identity populations and federated access needs.
  • Familiarity with cloud‑based identity platforms and services (e.g., Azure AD, AWS IAM, Google Identity, or similar).
  • Experience with identity lifecycle management, provisioning/de‑provisioning workflows, and access governance.
  • Knowledge of zero trust, least‑privilege, and modern identity security architectures.
  • Experience integrating identity services with enterprise applications, including SaaS platforms and custom applications.
  • Demonstrated experience participating in cross‑functional technical initiatives, including collaboration with security, infrastructure, and application teams.
  • Experience supporting incident response, audits, or compliance efforts related to identity and access management.
  • Familiarity with DevOps or CI/CD practices, automated deployments, and infrastructure‑as‑code concepts.
  • Strong customer‑service orientation with the ability to balance security requirements with usability and operational needs.

Application Information:

  • A resume is required for further consideration for this position. A cover letter expressing alignment with Cornell’s mission and this role is strongly encouraged. When applying through our system, please remember to attach your application materials (Cover Letter and Resume) in PDF format.  
  • No Visa Sponsorship of any kind is available for this position. 
  • No Relocation assistance will be provided for this position. 

Rewards and Benefits

  • This position is based in Ithaca, New York, however, the successful applicant may perform this role remotely anywhere within the United States. Employees who work remotely may receive multiple W-2 Forms depending on their work location. The New York Convenience of employer guidelines require New York State individual tax reporting and withholding for this position. Additional individual state income tax filings may also be required if working temporarily outside of New York State. The university reserves the right to modify, suspend, or terminate the remote or hybrid work arrangement at any time.
  • Cornell receives national recognition as an award-winning workplace for our health, wellbeing, and sustainability. Our benefits programs include comprehensive health care options, generous retirement contributions, access to wellness programs, and employee discounts with local and national retail brands. We invite you to follow this link to get more information about our benefits: Understand Your Benefits | Working at Cornell.
  • Our leave provisions include health and personal leave, three weeks of vacation and 13 holidays: Martin Luther King, Jr. Day, Memorial Day, Juneteenth, Independence Day, Labor Day, Thanksgiving and the day after, and an end of the year winter break from December 25-January 1. To offer greater flexibility for observing faiths and traditions we also offer two additional floating holidays. Learn more about our generous leave provisions: Holiday and Accrued Time Off | Working at Cornell
  • Cornell's impressive educational benefits include tuition-free Extramural Study and Employee Degree Program, tuition aid for external education, and Cornell Children's Tuition Assistance Program. Learn more about our extensive educational benefits: Education Benefits | Working at Cornell
  • Follow this link to learn more about the Total Rewards of Working at Cornell: Total Rewards | Working at Cornell.

   

University Job Title:

IT Support Engineer III

   

Job Family:

Information Technology

   

Level:

F

   

Pay Rate Type:

Salary

   

Pay Range:

$72,209.00 - $83,896.00

   

Remote Option Availability:

Remote

   

Company:

   

Contact Name:

Maria Avila

   

Contact Email:

[email protected]

   

Job Titles and Pay Ranges:

Non-Union Positions

Noted pay ranges reflect the potential pay opportunity for each job profile. The hiring rate of pay for the successful candidate will be determined considering the following criteria:

  • Prior relevant work or industry experience

  • Education level to the extent education is relevant to the position

  • Unique applicable skills

  • Academic Discipline

To learn more about Cornell’s non-union staff job titles and pay ranges, see Career Navigator.

Union Positions

The hiring rate of pay for the successful candidate will be determined in accordance with the rates in the respective collective bargaining agreement. To learn more about Cornell’s union wages, see Union Pay Rates.

Current Employees:

If you currently work at Cornell University, please exit this website and log in to Workday using your Net ID and password. Select the Career icon on your Home dashboard to view jobs at Cornell.

Online Submission Guidelines:

Most positions at Cornell will require you to apply online and submit both a resume/CV and cover letter.  You can upload documents either by “dragging and dropping” them into the dropbox or by using the “upload” icon on the application page. For more detailed instructions on how to apply to a job at Cornell, visit How We Hire on the HR website.

Employment Assistance:

For general questions about the position or the application process, please contact the Recruiter listed in the job posting or email [email protected].

If you require an accommodation for a disability in order to complete an employment application or to participate in the recruiting process, you are encouraged to contact Cornell Office of Civil Rights at voice (607) 255-2242, or email at [email protected].

Applicants that do not have internet access are encouraged to visit your local library, or local Department of Labor. You may also request an appointment to use a dedicated workstation in the Office of Talent Attraction and Recruitment, at the Ithaca campus, by emailing [email protected].

Notice to Applicants:

Please read the required Notice to Applicants statement by clicking here. This notice contains important information about applying for a position at Cornell as well as some of your rights and responsibilities as an applicant.

EEO Statement:

Cornell welcomes students, faculty, and staff with diverse backgrounds from across the globe to pursue world-class education and career opportunities, to further the founding principle of “... any person ... any study.” No person shall be denied employment on the basis of any legally protected status or subjected to prohibited discrimination involving, but not limited to, such factors as race, ethnic or national origin, citizenship and immigration status, color, sex, pregnancy or pregnancy-related conditions, age, creed, religion, actual or perceived disability (including persons associated with such a person), arrest and/or conviction record, military or veteran status, sexual orientation, gender expression and/or identity, an individual’s genetic information, domestic violence victim status, familial status, marital status, or any other characteristic protected by applicable federal, state, or local law.

Cornell University embraces diversity in its workforce and seeks job candidates who will contribute to a climate that supports students, faculty, and staff of all identities and backgrounds. We hire based on merit, and encourage people from historically underrepresented and/or marginalized identities to apply. Consistent with federal law, Cornell engages in affirmative action in employment for qualified protected veterans as defined in the Vietnam Era Veterans’ Readjustment Assistance Act (VEVRAA) and qualified individuals with disabilities under Section 503 of the Rehabilitation Act. We also recognize a lawful preference in employment practices for Native Americans living on or near Indian reservations in accordance with applicable law.

2026-06-10

See Your Match Score

Sign up and Renata will show you how this job matches your skills and experience.

Get Started Free
About Cornell University
Identity Management Developer (CEMI) at Cornell University | Renata