Identity & Access Management Analyst

Oxfordshire - UK

Monthly Salary: Not Disclosed

Posted on: 6 hours ago

Vacancies: 1 Vacancy

Job Summary

Description:

INTERNAL JOB TITLE: PAM SPECIALIST
UKAEAs mission is to lead the delivery of sustainable fusion energy and maximise scientific and economic impact. The Computing Division underpins this mission by delivering secure scalable and innovative digital solutions.
The PAM Specialist will be responsible for the hands-on implementation configuration and ongoing management of UKAEAs BeyondTrust Privileged Access Management platform. Working within the cyber security team you will deploy and configure Password Safe Privileged Remote Access and related BeyondTrust components to secure privileged access across the enterprise.
This is a technically focused implementation role requiring deep expertise in BeyondTrust products and privileged access management. You will work closely with infrastructure teams application owners and security operations to ensure privileged accounts are properly vaulted sessions are monitored and access follows least privilege principles.

Key Accountabilities
Implement and configure BeyondTrust Password Safe for credential vaulting and management
Deploy and manage BeyondTrust Privileged Remote Access for secure vendor and admin access
Configure automated password rotation policies for privileged and service accounts
Implement privileged session recording monitoring and keystroke logging
Configure Just-in-Time (JIT) access workflows and approval processes
Onboard Windows Linux/Unix servers network devices and applications to the PAM platform
Discover and vault service accounts application accounts and shared credentials
Configure Smart Rules for automated account discovery and management
Implement session proxy configurations for RDP SSH and application access
Develop break-glass procedures and emergency access workflows
Integrate BeyondTrust with SIEM for security monitoring and alerting
Configure BeyondTrust connectors for Active Directory Entra ID and target systems
Manage platform upgrades patching and health monitoring
Troubleshoot connector issues session failures and platform errors
Maintain documentation of PAM configurations policies and operational runbooks
Support audit and compliance activities with reporting and evidence gathering

Additional Details

Senior Interim Hire : No
Region : South West
Requisition Type : 1. New Requirement
Name of Nominated Worker : (No Value)
Please provide any additional information specific to this role : (No Value)
If any professional qualifications are required for the role please list certificates here: : Essential Requirements Hands-on experience implementing and managing PAM toolkits Experience with Privileged Remote Access configuration and management Strong understanding of credential vaulting password rotation and check-in/check-out workflows Experience configuring privileged session recording and monitoring Knowledge of service account discovery and lifecycle management Experience onboarding Windows Server Linux/Unix and network devices to PAM platforms Understanding of Active Directory privileged account management Experience with SIEM integration for PAM event logging and alerting Working knowledge of security frameworks: ISO 27001 NIST CSF Strong troubleshooting skills for connector and session issues Good documentation skills for technical configurations and runbooks Ability to obtain SC-level national security clearanceDesirable Requirements Degree in Information Security Computer Science or related STEM field BeyondTrust certifications (Password Safe Administrator Privileged Remote Access) Experience with BeyondTrust Endpoint Privilege Management Experience with other PAM platforms (CyberArk Delinea) Scripting skills (PowerShell Python) for automation Experience with database privileged access (SQL Server Oracle) Familiarity with ITSM workflows and change control procedures Experience in public sector or critical national infrastructure environments Knowledge of OT/ICS environments and industrial systems access requirements
Desired Skill 1 : TECH & DIGITALCyber / Information Security
Desired Skill 2 : TECH & DIGITALInfrastructure
Desired Skill 3 : TECH & DIGITALIT Operations
Desired Skill 4 : TECH & DIGITALNetworking
Desired Skill 5 : TECH & DIGITALService Management
Are there any Health and Safety requirements or hazards associated to this role : No
If yes please specify the Health and Safety Considerations : (No Value)
Is the role in or out of scope of IR35 : In Scope
Level of screening : BPSS (Basic Disclosure)
Internal Job Title : PAM Specialist
Grade : (No Value)
AMS Job Category : TechnologyIT Risk/Security Analyst
Equivalent Permanent Grade : United Kingdom Atomic Energy Authority (UKAEA)Grade G
Armed Forces Covenant Signatory : Unknown
Disability Confident Level : Unknown
Business Unit Name Hierarchy : United Kingdom Atomic Energy Authority Group Engineering Computing and STEP Partner Computing Division
Business Unit Code Hierarchy : UKAEA UKAEA ECASP UKAEA ECASP CD

Description: INTERNAL JOB TITLE: PAM SPECIALIST UKAEAs mission is to lead the delivery of sustainable fusion energy and maximise scientific and economic impact. The Computing Division underpins this mission by delivering secure scalable and innovative digital solutions. The PAM Specialist will be...

Description:

Additional Details

Senior Interim Hire : No
Region : South West
Requisition Type : 1. New Requirement
Name of Nominated Worker : (No Value)
Please provide any additional information specific to this role : (No Value)
If any professional qualifications are required for the role please list certificates here: : Essential Requirements Hands-on experience implementing and managing PAM toolkits Experience with Privileged Remote Access configuration and management Strong understanding of credential vaulting password rotation and check-in/check-out workflows Experience configuring privileged session recording and monitoring Knowledge of service account discovery and lifecycle management Experience onboarding Windows Server Linux/Unix and network devices to PAM platforms Understanding of Active Directory privileged account management Experience with SIEM integration for PAM event logging and alerting Working knowledge of security frameworks: ISO 27001 NIST CSF Strong troubleshooting skills for connector and session issues Good documentation skills for technical configurations and runbooks Ability to obtain SC-level national security clearanceDesirable Requirements Degree in Information Security Computer Science or related STEM field BeyondTrust certifications (Password Safe Administrator Privileged Remote Access) Experience with BeyondTrust Endpoint Privilege Management Experience with other PAM platforms (CyberArk Delinea) Scripting skills (PowerShell Python) for automation Experience with database privileged access (SQL Server Oracle) Familiarity with ITSM workflows and change control procedures Experience in public sector or critical national infrastructure environments Knowledge of OT/ICS environments and industrial systems access requirements
Desired Skill 1 : TECH & DIGITALCyber / Information Security
Desired Skill 2 : TECH & DIGITALInfrastructure
Desired Skill 3 : TECH & DIGITALIT Operations
Desired Skill 4 : TECH & DIGITALNetworking
Desired Skill 5 : TECH & DIGITALService Management
Are there any Health and Safety requirements or hazards associated to this role : No
If yes please specify the Health and Safety Considerations : (No Value)
Is the role in or out of scope of IR35 : In Scope
Level of screening : BPSS (Basic Disclosure)
Internal Job Title : PAM Specialist
Grade : (No Value)
AMS Job Category : TechnologyIT Risk/Security Analyst
Equivalent Permanent Grade : United Kingdom Atomic Energy Authority (UKAEA)Grade G
Armed Forces Covenant Signatory : Unknown
Disability Confident Level : Unknown
Business Unit Name Hierarchy : United Kingdom Atomic Energy Authority Group Engineering Computing and STEP Partner Computing Division
Business Unit Code Hierarchy : UKAEA UKAEA ECASP UKAEA ECASP CD