Privileged Access Management Administrator

**Purpose of Job**

***

This role manages the privileged access to our physical and virtual systems (servers, storage systems, cloud computing - core focus and including the operating system) and works with external service providers to install and maintain the company’s technologies. In addition to the core functions, the incumbent will also address technology software asks as these relate to infrastructure and hardware (eg core banking software, Data/Business Intelligence, SharePoint, Office 365, middleware, etc.). This will require off-hours support and participation in rotational on-call support including weekends. As a PAM Administrator, you will be a key consulting resource to other areas of Technology, and a sought-after expert partner. You will be innovative with Digital Identity Solutions using products such as Hashicorp Vault, Boundary, Microsoft Azure Identity suite and others.

**Main Activities**:

- Day to day administration, monitoring and support of PAM environments as well as after hours on call support (rotational) to deal with issues as they arise
- Review PAM logs and verify access are valid.
- Provide technical and governance oversight on the Identity Management projects. Serve as a Subject Matter Expert in the analysis, design, implementation, and support of all Identity Management projects, estimate timelines, and be responsible for their successful delivery while meeting the overall security and integrity of the solution.
- Collaborate with the CISO, cybersecurity team, portfolio managers, other architects, and I&T leadership to understand the business direction and consequent impact on the security posture
- Define the proper course of action and investment strategy by building business cases and security roadmaps
- Engage the IAM vendor ecosystem to understand capabilities and limitations to drive improvements in the security posture and capabilities of current products, and assist in the selection of the right partners that integrate with the overall architecture and manage risk appropriately
- Continuously monitor and evaluate the environment through self-assessments and independent security reviews. Enable management to identify deficiencies and inefficiencies and to initiate improvement actions though security roadmap and strategies
- Communicate and foster collaboration by regularly providing updates to teams about ongoing initiatives and encouraging teams to work together to accomplish common goals and learning

**Knowledge/Skill Requirements**:

- Computer science undergrad degree
- Minimum of 5+ years experience in IAM Engineering and Managing Information Security Analysts
- Experience in scripting to automate system administration tasks
- Understanding of IT security best practices, Triple A’s
- Experience in provisioning and managing user access in Active Directory (AD) and Azure Active Directory (AAD)
- Strong understand of Microsoft Azure and its Security Technologies such as JIT, JEA, Azure Identity Governance.
- Strong understanding of Microsoft Azure Active Directory, and Windows server/workstation OS
- Strong understanding of Identity and Access Management principles, concepts, and goals
- Proven Experience with Microsoft Azure and Office 365
- Functional understanding of following protocols: TCP, UDP, DNS, NetBIOS, HTTP, HTTPS, SMTP, SNMP, SSH, TLS, MAPI, IPSec
- Excellent knowledge on IdP, Modern Authentication (and working with ADAL), PKI infrastructure, Bastion host
- Excellent organizational skills and the ability to manage multiple intake channels efficiently
- Excellent verbal and written communication skills
- Technical designation required for this role (CompTIA Security+ or SSCP or ISC2 Associates, AZ-500 MS Azure Security or SC-200 MS SecOps Analyst)
- Higher certifications is considered an asset (CISSP)

**#LI-Hybrid