Advertising Summary: Virginia Commonwealth University (VCU) Technology Services is a central IT organization supporting the academic, research, and administrative missions of the university. Technology Services provides scalable, secure, and innovative technology solutions to all VCU units. We are seeking an IT Security Engineer to join our team. This position is part of the Technology Services Information Security team, providing technical and administrative expertise in the support, integration, and modernization of VCU’s enterprise architecture. The role focuses on identity modernization, SSO integration, certificate lifecycle automation, and overall application administration across university systems and units. Unit: Technology Services MBU Department: Information Security Department Summary: Virginia Commonwealth University (VCU) Technology Services is a central IT organization supporting the academic, research, and administrative missions of the university. Technology Services provides scalable, secure, and innovative technology solutions to all VCU units. We value people and empower one another through collaboration and trusted partnerships, and unequaled innovation to provide a secure, accessible, reliable, adaptable, and modern IT environment that enables the success of VCU as a leading public research institution. The Office of the CIO supports the development and promotion of campus-wide IT initiatives, strategies, and projects established by the Chief Information Officer. We work with University and VCU Health System stakeholders to promote consistency of best practices, shared processes, and collaboration. To view more of our work and initiatives, visit our site: https://cio.ts.vcu.edu This position is part of the Technology Services Information Security team, providing technical and administrative expertise in the support, integration, and modernization of VCU’s enterprise architecture. The role focuses on identity modernization, SSO integration, certificate lifecycle automation, and overall application administration across university systems and units. Duties & Responsibilities This position is part of the Technology Services Information Security team, providing technical and administrative expertise in the support, integration, and modernization of VCU’s enterprise architecture. The role focuses on identity modernization, SSO integration, certificate lifecycle automation, and overall application administration across university systems and units. Identity & Authentication Modernization - Support the migration of applications from legacy CAS and Shibboleth authentication platforms to Entra ID (Azure AD) Enterprise Applications using SAML. - Assist application owners with SAML integration, metadata configuration, attribute mapping, certificate management, and cutover planning. - Troubleshoot SSO issues across authentication stacks including SAML assertions, claims transformations, application metadata errors, and token‑related failures. TLS Certificate & Web Security Infrastructure - Monitor expiration timelines for TLS/SSL certificates used across enterprise applications, F5 load balancers, and internal web services. - Contribute to a university‑wide initiative to automate certificate issuance and renewal using tooling such as ACME clients, Enterprise Certificate Managers, F5 automation frameworks, or scripting tools. - Work with central and unit IT teams in the design and implementation of ingress traffic decryption architecture. - Support certificate lifecycle tasks including CSR generation, installation, trust chain validation, and deployment to application endpoints. - Support central and distributed units in migrating their technology stack to a certificate automation platform. Application Administration & Support - Provide operational support for centrally managed applications, identity platforms, and web services. - Monitor application performance, availability, and security posture. - Collaborate with server, network, security, and application teams to ensure reliable delivery of enterprise services. - Participate in patching, provisioning, and decommissioning of application environments. - Participate in an on‑call rotation for after‑hours enterprise application or authentication‑related issues. Automation & Scripting - Develop and maintain scripts and tooling (e.g., PowerShell, Python, Bash) to automate repetitive processes, streamline integration workflows, and support application lifecycle management. - Contribute to automation associated with certificate renewal, application onboarding, metadata management, and environment validation. The summary outlines the primary duties of this role. However, other duties may be assigned as needed. Minimum Qualifications - Demonstrated knowledge of application integration concepts and identity technologies. - Experience supporting applications using SAML, OAuth, or other modern authentication systems. - Ability to troubleshoot enterprise applications, SSO integrations, and certificate‑related issues. - Demonstrated knowledge of applied cryptography as it relates to Transport Layer Security (TLS). - Demonstrated ability to automate technical tasks using scripting languages such as PowerShell or Python. - Ability to communicate complex technical concepts to both technical and nontechnical stakeholders. - Ability to work independently and collaboratively within a central IT team. - Strong organizational skills with the ability to manage multiple projects simultaneously. - Foundational understanding of IT security concepts including access management, encryption, certificates, and secure application integration. - Demonstrated ability to work in and foster an environment of respect, professionalism and civility with a population of faculty, staff, and students from all backgrounds and experiences, or a commitment to do so as a staff member at VCU. Preferred Qualifications - Graduate degree in Information Systems, Computer Science, Engineering, Business, or a related field. Or an equivalent combination of training and experience. - Hands‑on experience with Entra ID Enterprise Applications, CAS/Shibboleth management and migrations, or other identity modernization efforts. - Experience with TLS certificate automation, certificate management systems, or F5 LTM/GTM certificate workflows. - Experience with automation tools, CI/CD pipelines, API integrations, or configuration-as-code approaches. - Networking and security certifications (Network+, Security+, MCSE, GSEC, CISSP) preferred. Salary Range: $80,000 - $92,000 Benefits: All full-time university staff are eligible for VCU’s robust benefits package that includes comprehensive health benefits, paid annual and holiday leave, generous tuition benefits, retirement planning and savings options, tax-deferred annuity and cash match programs, employee discounts, well-being resources, abundant opportunities for career development and advancement, and more. FLSA Exemption Status: Exempt Hours per Week: 40 Restricted Position: No ORP Eligible: Yes Flexible Work Arrangement: Fully Remote University Job Title: 24822Y - IT Security Engineer 2