Security Administrator, Enterprise Applications - IT Solutions

TITLE

Security Administrator, Enterprise Applications

The Security Administrator is responsible for designing, implementing, and managing comprehensive security practices and access control frameworks for enterprise applications including Oracle Applications Cloud, Oracle Integration Cloud, ERP, Student Information System (Ellucian Colleague or similar), Salesforce CRM, OnBase and other enterprise applications.

The Security Administrator role will ensure the development and enforcement of role-based access controls (RBAC), and segregation of duties (SoD) to ensure regulatory compliance and reduce security risks. The administrator will collaborate closely with functional teams to translate business requirements into secure, auditable access models while maintaining full observability of user activity and resource usage.

This position is instrumental in implementing secure identity and access management (IAM) solutions, including SSO, MFA, directory integration, and automated provisioning & de- provisioning processes. Additionally, the role includes continuous monitoring of access patterns, detection of anomalies, and active participation in audit and compliance initiatives

As a member of the IT Services (ITS) team, the Security Administrator is expected to uphold the division's mission and contribute positively to a collaborative, human-centered, innovative, accountable, transparent, and inclusive culture within ITS. Work is performed under general supervision and performance evaluation is based upon completion of assignments and results obtained. The performance evaluation is conducted through the performance evaluation system and in accordance with the University Policies & Procedures.

ORGANIZATIONAL RELATIONSHIPS

Reports to: Manager, Business Applications

Supervises: None

ESSENTIALDUTIES-May include, but not limited to the following:

Oracle Cloud:

• Create and maintain security roles catalog for Oracle cloud applications.
• Administer user roles and permissions within Oracle cloud (HCM, Financials, EPM, ATP, OIC, etc.).
• Administer the Oracle Cloud Security Console to create and manage custom security roles. Design and configure security roles, duty roles, abstract roles and data access sets based on business needs and best practices.
• Ensure compliance with internal controls, audit requirements, and segregation of duties (SoD) policies.
• Collaborate with functional and technical teams to troubleshoot access issues and implement security solutions.
• Monitor and maintain user provisioning, including onboarding/offboarding processes.
• Regularly review and audit access logs and user activities for anomalies or violations.
• Develop and maintain documentation of security configurations, roles, policies, and procedures.
• Conduct regular reviews of user access rights and application roles to enforce the principle of least privilege.
• Support internal and external audits, ensuring compliance with standards such as FERPA, HIPAA, etc.
• Stay current on security trends, advancements, and technology solutions applicable to enterprise applications.

Colleague Student Information System:

• Create and maintain security roles catalog for Colleague SIS.
• Administer user accounts, roles, and permissions within the Colleague SIS environment.
• Develop and enforce security policies for role-based access to student and administrative data.
• Manage Colleague UI security class definitions, mnemonics, and security groups.
• Collaborate with functional departments (Registrar, Financial Aid, HR, etc.) to determine and implement appropriate access levels.
• Conduct periodic security audits and reviews of user access and data permissions.
• Support onboarding and offboarding of employees, ensuring proper provisioning and deprovisioning of system access.

Salesforce CRM:

• Create and maintain security roles catalog for Salesforce.
• Administer and manage user profiles, permission sets, role hierarchies, and sharing rules in Salesforce.
• Implement and maintain org-wide default settings, field-level security, and record-level access controls.
• Ensure compliance with internal security policies, data protection regulations, and access control best practices.
• Collaborate with Salesforce developers, admins, and business stakeholders to support secure solution design and deployment.
• Audit and report on user access, role assignments, and permission usage on a

regular basis.

• Support the user provisioning/de-provisioning process integrated with identity management systems.

OnBase:

• Create and maintain security roles catalog for Hyland OnBase ECM.
• Administer and maintain user security roles and permissions within the OnBase platform.
• Configure and manage OnBase user groups, privileges, and licensing.
• Monitor access logs and security events to detect unauthorized activity or compliance risks.
• Participate in periodic reviews and audits of user access and permissions.
• Support onboarding and offboarding processes as it pertains to OnBase access.

ADDITIONAL DUTIES

• Other duties as assigned.

EDUCATION

Bachelor's degree in Computer Science, Information Security, Information Systems, or a related field. Additional job-related experience may substitute for the required education on a year-for- year basis.

EXPERIENCE

Over 5 years of experience in application security, enterprise application administration, system administration, database administration or information security.

REQUIREMENT

Regular and reliable attendance at the University during regular scheduled days and work hours is an essential function of this position.

Work is performed under minimal supervision and performance is based on the effective operation of the administrative function. The performance evaluation is conducted through the performance evaluation system and in accordance with the University Policies & Procedures

All employees share the responsibility of maintaining information security and privacy requirements within the university by adhering to Federal and State regulations, and TWU Policies & Procedures.

KNOWLEDGE,SKILLS,ANDABILITIES- The following are essential:

• Strong understanding of Role-based access control (RBAC).

• Experience with Oracle SaaS security (Security Console, custom roles).
• Experience managing application security in ERP, CRM, Oracle Applications Cloud, Oracle Integration Cloud, ATP.
• Experience administering Oracle Fusion ERP security. Hands-on expertise with the Oracle Security Console, including the design, implementation, and governance of Job Roles, Duty Roles, Data Roles, and Abstract Roles across various offerings (ERP, HCM, SCM, etc.).
• Strong experience with user and role management in Oracle Cloud HCM, ERP, SCM, and EPM.
• Strong understanding of Salesforce security architecture and access models (profiles, permission sets, sharing rules, etc.).
• Experience working with Colleague SIS or similar student information system's security, mnemonics, and security groups.
• Experience working with OnBase security groups and user setup.
• Familiarity with authentication protocols (OAuth, SAML, OpenID), SSO, and MFA configurations.
• Strong analytical skills with the ability to collect, organize, analyze, and disseminate significant amounts of information with attention to detail and accuracy.
• Strong analytical and problem-solving skills.
• Excellent communication and presentation skills.
• Ability to work independently and as part of a team.
• Ability to use a personal computer and other office equipment, including related university software and email.

Additional/Desirable Skills & Abilities

• Relevant security or ERP related certifications.
• Experience with identity and access management (IAM) systems.
• Experience with Oracle Reporting Tools e.g. Oracle Business Intelligence Publisher (BIP) and Oracle Transactional Business Intelligence (OTBI).
• Experience working with ERP and CRM systems.
• Experience working with information systems within a higher education setting.
• Knowledge of Texas Administrative Code (TAC 202).
• Familiarity with regulatory frameworks such as FERPA and HIPAA.

PHYSICAL DEMANDS

The physical demands described in the Essential Duties and below are representative of those that must be met by an employee to successfully perform the essential duties of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential duties.

The employee may be required to travel.

WORK ENVIRONMENT

All employees are responsible for maintaining an environment that is free from discrimination,