IAM Privileged Access Management (PAM) Analyst

Global Information Security (GIS) is responsible for protecting bank information systems, confidential and proprietary data, and customer information. GIS develops the bank’s Information Security strategy and policy, manages the Information Security program, identifies, and addresses vulnerabilities and operates global security operations centers that monitor, detect, and respond to cybersecurity incidents. Within GIS, Identity and Access Management (IAM) is a security discipline that enables the right individuals to access the right resources at the right times and in the right context. IAM addresses the mission-critical need to ensure appropriate access to the resources across increasingly heterogeneous technology environments, and to meet increasingly rigorous compliance requirements.

We are seeking a highly motivated and detail-oriented analyst to join our Privileged Access Management (PAM) governance and operations team. This role is responsible for managing the end-to-end lifecycle of privileged access for both human and non-human identities across enterprise platforms, including Windows, Unix/Linux, and database environments. The ideal candidate will bring deep expertise in privileged access controls—including privilege elevation, credential vaulting, and session management—and demonstrate a strong understanding of security best practices. Success in this role requires the ability to collaborate effectively with technologists and stakeholders across the Bank, operate within a fast-paced and highly regulated environment, and adapt to our ever-changing technology landscape and cybersecurity threats.

Your contributions will include provisioning and managing privileged accounts and groups within Active Directory, onboarding accounts into the CyberArk vaulting solution, and supporting technical teams in troubleshooting vaulting-related issues across UNIX, Windows, and network infrastructure. You will also be responsible for generating reports and data extracts from PAM tools to support internal customers and partners.

Strong collaboration skills, adaptability, and a commitment to continuous improvement of PAM processes and controls are essential for success in this role.

Key Responsibilities

• Provision and de-provision privileged access for infrastructure support teams across local and LDAP-authenticated systems.
• Manage credential lifecycles, vaulting, and privilege elevation controls and configurations using common enterprise PAM tools (e.g., CyberArk, BeyondTrust, Delinea, Ping Identity, and other vendor products).
• Ensure compliance with internal policies and external regulatory requirements through timely access reviews and audits.
• Collaborate with global teams, senior leadership, and business stakeholders to support secure access enablement.
• Monitor and analyze privileged access activity to detect anomalies and potential threats.
• Participate in the development and enhancement of PAM policies, standards, and procedures.
• Stay current with emerging threats, technologies, and industry trends to continuously improve access controls and risk posture.

Required Qualifications

• 3+ years of experience in Identity & Access Management, with a focus on Privileged Access Management.
• Hands-on experience with PAM tools such as CyberArk, BeyondTrust Power Broker, Hashi Secret Vault or similar.
• Strong knowledge of Active Directory, LDAP, and UNIX/Linux authentication mechanisms.
• Strong knowledge of AWS, Azure and GCP.
• Familiarity with ITIL processes and security frameworks (e.g., NIST, ISO 27001).
• Proven ability to work collaboratively across technical and business teams.
• Excellent analytical, problem-solving, and communication skills.