Support Engineer, Trust and Identity Services

Internet2, a non-profit organization, provides high-performance networking, trust and identity infrastructures, cloud and other related services to its research and education member institutions and beyond. Internet2 represents an exceptional partnership spanning U.S. and international institutions that are leaders in the worlds of research, academia, industry and government.

InCommon, the Internet2-community developed trust federation, provides the U.S. higher education and research community with the common framework for trustworthy access to online resources. Internet2 facilitates the development of community-based common trust fabrics – SAML Federation, Certificate Services, and other services and activities – that enable participants to access protected online resources. For more information visit

The Internet2 Trust and Identity Services Support Engineer acts as part of a highly collaborative cross-functional service delivery team to securely, reliably and scalably deliver the mission-critical InCommon Trust Federation and Internet2 TIER services to customers. The InCommon Federation is a SAML-based full mesh multilateral trust federation serving the US and global research and education communities and provides core infrastructure that facilitates hundreds of millions of authentication transactions per day. The TIER program is a community-driven suite of packaged identity and access management components and practices that deliver high-quality identity services to campus and research organizations.

  • Providing level-2 (escalated) technical support for InCommon trust federation and TIER packaged services, in collaboration with a team of engineers, developers, managers and other support staff
  • Refining, organizing, maintaining and supplementing a suite of existing documentation on the InCommon trust federation, TIER, and related services
  • Working as an implementation engineer on a team of engineers and architects supporting InCommon trust federation and TIER operational services in a hybrid on-premises / infrastructure-as-a-service environment
  • Working with service management and technical leads to identify and implement a solution for ingestion and triage of customer feature requests that provides transparency for the community, management insight and alignment with the overall service development roadmap


The successful candidate will have strong experience understanding, researching and documenting solutions to moderately complex to very complex issues related to IT security and/or trust and identity services. The candidate must be capable of communicating complex solutions to customers in ways they can understand, working with them for extended periods of time to achieve solutions when needed, and always acting in a customer service-oriented manner. The position will work as part of a technical service delivery team to implement identified solutions and work with staff and customers to support those solutions. The Support Engineer will work closely with customers, management, implementation teams and other stakeholders to support and enable Internet2 Trust and Identity service offerings.

This full-time staff position may be based in any of the Internet2 offices and reports to the Director of Technology and Strategy, InCommon. Some travel is required, averaging approximately 4-8 events per year. Availability outside of normal office hours may be required for critical problem resolution issues.

Required Skills
  • Ability to serve a broad and diverse community of IT roles ranging from technical implementers to C-level executives in a customer-oriented way
  • Experience using a ticketing system for service desk support
  • Experience fielding and responding to customer and line-of-business requests in a highly diplomatic way, and escalating issues to the appropriate channels when necessary, keeping management informed of any issues which may require non-trivial effort to resolve
  • Experience with a *nix command line environment such as Linux
  • Familiarity with one or more project management approaches
  • Familiarity with DevOps concepts
  • Familiarity with Atlassian Confluence and JIRA or related applications (wiki and issue tracking, respectively) or similar tools
  • At least a bachelor's degree in an IT, management, or related field or a comparable combination of education, training and experience
  • Excellent written and verbal communication skills including handling vendor, customer, peer and leadership relationships with a high degree of diplomacy, and communicating freely and appropriately with colleagues
  • Excellent documentation skills including writing business requirements targeted at technical implementations, change plans and other staff-facing work instructions in a clear, understandable and repeatable way
  • Creation of basic reporting documents from diverse data sets using tools such as Microsoft Excel and various scripting languages
  • Understanding of IT security, identity and related topics and the ability to perform independent research to analyze, solve and document solutions to complex issues in this subject matter area

Desired Skills
  • Familiarity with hosting applications in an Infrastructure-as-a-service environment such as Amazon AWS, Google Cloud Platform or Microsoft Azure
  • Strong knowledge of SAML and multilateral SAML-based trust federations
  • Familiarity with identity management and related concepts and tools including SAML federating software and metadata, LDAP, X.509, access control for wireless networks
  • Familiarity with one or more scripting or programming languages/frameworks
  • Use of a relational database engine and data transform and load (DTL/ETL) to facilitate ingestion of and ad-hoc querying of diverse data sources for the purpose of creating reports
  • XML skills including working with XSLT, DTD, XML digital signature, etc.

Internet2 is a 501(c)(3) not-for-profit organization and equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.