Privileged Access Management (PAM) Sr. Analyst

• 10+ years experience.

• Provide education to team members and technology partners regarding the proposed changes.

• Partner with the policy governance team for socialization and publication of proposed changes to the PAM Standard

• Take accountability for addressing PAM risks. Proactively identify risk and ways to continuously enhance and improve BAC’s PAM controls. Implement and take decisive actions in finding solutions. Drives towards intended outcomes.

• Engage senior management to provide factual, transparent, and timely reporting on existing and emerging PAM or information security risks.

• Active participation in GIS IAM/PAM forums including but not limited to Monthly IAM Stakeholder Forum and Control Owner Forum for standard and Single Process Inventory (SPI) enhancements.

• Support audit issues for closure and sustainability

• Extensive knowledge and understanding of PAM-specific laws, rules, and regulations within the financial services sector.

• Expert level knowledge of privileged access management methodologies and techniques for on-prem and Cloud implementation.

• Familiarity with security standards such as NIST, ISO/EC, FFIEC, and MITRE ATT&CK framework. Knowledge of Compliance Certifications such as SOX, SOC, SOC2.

• Understanding and interpreting BAC’s established information security Policy, Standards, Procedure and Guides, and applying this knowledge to related PAM decisions and response. Serve as the Subject Matter Experts in advising BAC business and technology counterparts on effective ways to achieve or exceed compliance with applicable Policy, Standards, Procedures and Guides

• Proficiency in implementing and governing Risk and Role based access security controls.

• Extensive experience in managing Active Directory to enforce privileged access controls.

• Ability to influence platform and application owners to build more secure processes.

• Strong understanding and risk management mindset, proactively mitigating PAM related risks.

• Expert knowledge of PAM related tools which support session proxy, vaulting, just-in-time provision, integration with service management tool would be an advantage.

• 10 years relevant hands-on experience in PAM with at least of 5 years of management experience

• Deep security knowledge which covers core technology infrastructure (network, storage, servers, databases, etc.) identity management and application security practice.

• Deep experience with Linux, Windows, Cloud scale Identity, Access Management (Single Sign-On, Multi Factor Authentication), Authorization services or design and architecture of PAM services

• Expert level knowledge of authentication platforms such as Active Directory, LDAP, Kerberos, LDAP, Radius.

• Deep knowledge on Federation platforms or protocols such as Oauth, OpenID, SAML, WS-Fed, etc.

• Hands on experience in consumption of Web Service APIs such as JSON / XML; hands on experience and proficient with AWS, Azure, GCP, and/or Cloud Technologies.

• Working level experience with IAM platforms such as Ping Identity, Active Directory OpenLDAP, OpenDJ.

Desired Qualifications:

• Possession of CISSP certification is a plus.

• Proficient in articulating facts and data-driven plans and to partner with stakeholders to implement intended solutions to drive risk reductions and adherence to PAM standards.

• Strong attention to detail and advanced analytical skills.

• Excellent communication and presentation skills.

• Excellent organizational skills and be able to effectively prioritize multiple tasks

• Hands on experience and involvement in large and complex projects

• Proficient in data management which includes strong data analytical capability with advanced understanding of the collection and management of metadata

• Efficient in motivating, engaging, and leveraging other teams and business partners to efficiently deliver business solutions. Proven track record of influencing and relationship management skills.

• Proficient in Microsoft Office suite of products with ability to quickly analyze and synthesize large volumes of data

• Pro-active and able to drive direction of work that needs to be completed, ability to work independently on initiatives with little oversight. Motivated and willing to learn.

• Confident and effective in delivering messages across a wide spectrum of individuals with varying degrees of technical and business understanding

• Deep knowledge of bank financial practices and policies and ability to adapt to fast changing environment