Cyber SDC Privileged Access Management Manager Location OPEN

In an ever-evolving IT landscape EY stands as a beacon of trust for clients across diverse industries seeking reliable solutions to address their intricate risks and vulnerabilities. As a vital member of our Identity and Access Management (IAM) you will play a central role in achieving this objective by empowering clients to comprehend and navigate their complex Enterprise Identity environments. Your expertise will be instrumental in evaluating enhancing and devising innovative solutions processes and policies to cater to each clients unique IAM requirements. This is an opportunity to leverage both your technical prowess and business acumen to drive our mission and make a significant impact on global cybersecurity.

The opportunity

We currently offer an exciting career opportunity for a manager responsible for designing engineering maintaining and troubleshooting a diverse range of privilege and secret management solutions across the IAM spectrum. Collaborating with esteemed and innovative professionals in the cybersecurity industry you will have the opportunity to learn and apply cutting-edge tools and techniques to address some of the most relevant and pressing security challenges in the world.

At our core our IAM services play a pivotal role in assisting our clients to align security management strategy with business goals. This involves managing access to resources and services as well as enforcing business privacy and security policies. With the support of strategic alliances with third-party vendors our experienced professionals offer a comprehensive suite of services including strategy assessment testing and implementation of IAM solutions.

Your Key Responsibilities

• Develop privilege and secret access management controls CyberArk BeyondTrust Hashi and Delian solution.
• Oversea the design and implementation of the privileged access and secret management solution
• Assist with the privilege and secret management requirement gathering and define the use cases at the enterprise level
• Configure and optimize discovery tools for privilege accounts services SSH keys and tasks (CyberArk Hashi Corp Delinea BeyondTrust) including auto-detection and auto-onboarding
• Manage onboarding of the target systems such as Windows Linux and Unix accounts Databases (Oracle MS SQL Redish cache) and integration of the DevOps solutions such as Ansible Puppet Jenkins Kubernetes. OpenShift GitHub Gitlab Docker Ansible platforms
• Knowledge of the modern cloud vaults such as AWS secret manager and Azure key vault
• Define and implement vaulting rotation and heartbeat policies for human and non-human identities; enable SSH key and password rotation check-out/check-in dual control and break-glass.
• Participate in the self-service design and implementation of the privilege or secrets life cycle management using enterprise identity governance solutions (creation management certification deletion)
• Develop and establish governance processes for non-human identity management.
• Develop policies for the end point management solutions including Windows workstations Mac OS Linux and Unix servers

Skills and Attributes for Success

• Proven experience in integrating deploying and configuring PAM and Secret management Technologies with a strong focus on CyberArk (vault privilege cloud secure infrastructure Endpoint access management and Conjur) and familiarity with other IAM solutions like Saviynt SailPoint Entra
• In-depth knowledge of privilege access management frameworks and the ability to offer guidance on their integration into existing applications.
• Practical expertise in developing CyberArk technology tech stack HashiCorp vault BeyondTrust and Delina experience.
• Proficiency in implementing managing and maintaining enterprise-level Privilege access management and secret management tools.
• Solid understanding of enterprise directory services such as Active Directory Azure AD and LDAP as well as experience in implementing MFA and SSO solutions.
• Strong problem-solving and analytical skills with the ability to translate business requirements into technical specifications and execute technical deliveries effectively.
• A track record of delivering high-quality client services and work products within expected timeframes.
• Excellent documentation skills including the creation of procedures process documentation and user documentation related to IAM applications.

To qualify for the role you must have

• A bachelors degree in a related field and approximately 8years of related work experience; or a graduate degree and approximately 3years of related work experience.

• Experience with PAM architecture and development within CyberArk HashiCorp or other PAM Solutions.
• Well-versed and hands-on experience with CyberArk Conjur and HashiCorp Vault usage and functionality.

• A valid drivers license in the US and/or a valid passport are required; Willingness and ability to travel

Ideally youd also have

• Professional certifications in Identity & Access Management such as CISSP CISM or specific vendor certifications like CyberArk CDE Hashi Vault Certified Implementation Engineer.
• Familiarity with additional IAM technologies and tools including SailPoint ForgeRock Ping Identity RSA etc.
• Knowledge of cloud-based IAM solutions and experience working with cloud platforms like AWS Azure or Google Cloud.
• Understanding of regulatory compliance frameworks and industry standards related to IAM such as GDPR HIPAA NIST or ISO 27001.
• Prior experience in providing PAM services to clients from various industries demonstrating versatility and adaptability in addressing diverse IAM challenges.
• Strong interpersonal and communication skills with the ability to collaborate effectively with clients and cross-functional teams to present solution designs options and innovations.

What we look for

Were interested in intellectually curious people with a genuine passion for cyber security. With your broad exposure across IAM well turn to you to speak up with innovative new ideas that could make a lasting difference not only to us but also to the industry at large. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here this is the role for you.