IT Security Engineer

About The Position

Requirements

• Demonstrated knowledge of application integration concepts and identity technologies.
• Experience supporting applications using SAML, OAuth, or other modern authentication systems.
• Ability to troubleshoot enterprise applications, SSO integrations, and certificate‑related issues.
• Demonstrated knowledge of applied cryptography as it relates to Transport Layer Security (TLS).
• Demonstrated ability to automate technical tasks using scripting languages such as PowerShell or Python.
• Ability to communicate complex technical concepts to both technical and nontechnical stakeholders.
• Ability to work independently and collaboratively within a central IT team.
• Strong organizational skills with the ability to manage multiple projects simultaneously.
• Foundational understanding of IT security concepts including access management, encryption, certificates, and secure application integration.
• Demonstrated ability to work in and foster an environment of respect, professionalism and civility with a population of faculty, staff, and students from all backgrounds and experiences, or a commitment to do so as a staff member at VCU.

Nice To Haves

• Graduate degree in Information Systems, Computer Science, Engineering, Business, or a related field. Or an equivalent combination of training and experience.
• Hands‑on experience with Entra ID Enterprise Applications, CAS/Shibboleth management and migrations, or other identity modernization efforts.
• Experience with TLS certificate automation, certificate management systems, or F5 LTM/GTM certificate workflows.
• Experience with automation tools, CI/CD pipelines, API integrations, or configuration-as-code approaches.
• Networking and security certifications (Network+, Security+, MCSE, GSEC, CISSP) preferred.

Responsibilities

• Support the migration of applications from legacy CAS and Shibboleth authentication platforms to Entra ID (Azure AD) Enterprise Applications using SAML.
• Assist application owners with SAML integration, metadata configuration, attribute mapping, certificate management, and cutover planning.
• Troubleshoot SSO issues across authentication stacks including SAML assertions, claims transformations, application metadata errors, and token‑related failures.
• Monitor expiration timelines for TLS/SSL certificates used across enterprise applications, F5 load balancers, and internal web services.
• Contribute to a university‑wide initiative to automate certificate issuance and renewal using tooling such as ACME clients, Enterprise Certificate Managers, F5 automation frameworks, or scripting tools.
• Work with central and unit IT teams in the design and implementation of ingress traffic decryption architecture.
• Support certificate lifecycle tasks including CSR generation, installation, trust chain validation, and deployment to application endpoints.
• Support central and distributed units in migrating their technology stack to a certificate automation platform.
• Provide operational support for centrally managed applications, identity platforms, and web services.
• Monitor application performance, availability, and security posture.
• Collaborate with server, network, security, and application teams to ensure reliable delivery of enterprise services.
• Participate in patching, provisioning, and decommissioning of application environments.
• Participate in an on‑call rotation for after‑hours enterprise application or authentication‑related issues.
• Develop and maintain scripts and tooling (e.g., PowerShell, Python, Bash) to automate repetitive processes, streamline integration workflows, and support application lifecycle management.
• Contribute to automation associated with certificate renewal, application onboarding, metadata management, and environment validation.

Benefits

• All full-time university staff are eligible for VCU’s robust benefits [https://hr.vcu.edu/benefits/] package that includes comprehensive health benefits, paid annual and holiday leave, generous tuition benefits, retirement planning and savings options, tax-deferred annuity and cash match programs, employee discounts, well-being resources, abundant opportunities for career development and advancement, and more.