The Bank Of New York Mellon Pittsburgh , PA 15201
Posted 1 week ago
Privileged Access Management, Analyst
At BNY, our culture empowers you to grow and succeed. As a leading global financial services company at the center of the world's financial system we touch nearly 20% of the world's investible assets. Every day around the globe, our 50,000+ employees bring the power of their perspective to the table to create solutions with our clients that benefit businesses, communities and people everywhere.
We continue to be a leader in the industry, awarded as a top home for innovators and for creating an inclusive workplace. Through our unique ideas and talents, together we help make money work for the world. This is what #LifeAtBNY is all about.
We're seeking a future team member in the role of Privileged Access Management, Analyst to join our Information Security Division in the IAM team. This role is in Pittsburgh, PA OR Lake Mary, FL - HYBRID. Our Information Security Division (ISD) is on constant alert using creativity and knowledge of cybersecurity, technology, and business processes to develop and deliver solutions. We collaborate and deliver services to protect the business, our clients, and technology.
Within the Information Security Division, our Identity and Access Management (IAM) service provides security solutions for identity management, web access management, stronger authentication, privileged access management, and platform security for Windows and Linux/UNIX and the Mainframe. These services ensure that the right users and machines have access to the right assets for the appropriate reason and time. IAM also protects our company from unauthorized access and fraud.
Our Information Security Division is on constant alert using their creativity and knowledge of cybersecurity, technology, and business processes to develop and deliver solutions. In this fast-paced environment, we collaborate to respond to current risks while identifying and anticipating future threats.
The Role:
As a senior associate and Privileged Access Management (PAM) Engineer, your responsibilities will include the engineering and configuration of our PAM suite of tools. You will establish and document policies, procedures, and guidelines related to the user and system access. You will be responsible for resolving technical issues in the PAM Platform through problem tracking, diagnosis and root-cause analysis, replication, troubleshooting, and resolution for moderately complex issues. The role also includes supporting the Operational team on all our PAM tooling. We are planning an uplift in our tooling to incorporate state of the art tools which will allow for just-in-time provisioning as well as implementing a tiered privilege model that ensures the least privilege principle is followed. Our PAM tools work across the following technologies: Windows, Kerberos, Mainframe security platforms (RACF, ACF2, and Top Secret), Network appliances, storage and will include most devices that support the technology environment. The role includes blending in with secrets management.
Key Responsibilities:
Analyze existing and potential new PAM tools and technologies to enhance and improve processes
Ensure that proper security settings are applied to reflect the model of least privilege
Understand all PAM functions including but not limited to user entitlement reviews, service account life cycle management, environment hygiene, vaulting, break glass, and conflicting combinations
Analyze, define, and prioritize the business and functional requirements for PAM initiatives
You will need to provide governance for the lifecycle and workflow for all enterprise Privileged accounts
Assist with providing requirements for PAM governance that enforces applicable organization security policies and standards
Identify control gaps and coordinate resolution
Identify improvement opportunities in IAM/PAM governance to increase operational effectiveness and improving the bank's risk posture
Assist in the definition of cross platform information security and/or identity management policies and procedures
Create and maintain documentation as it relates to PAM platforms, design, configuration, support, and processes
The individual must have a proven track record in delivering identity solutions that are functional, secure, scalable, and reliable
You will need to demonstrate an understanding of Least privilege and Just In Time concepts
Extensive knowledge and hands on experience of PAM systems (e.g. CyberArk)
Exercise core technical capabilities across Linux, active directory, LDAP, database (Oracle, SQL Server, and others), monitoring, service management, containerized app platforms to diagnose, troubleshoot, and provide technical operational guidance.
Understanding of Cloud platforms such as: AWS, Azure, GCP
Familiarity with identity and access management (IAM) concepts, such as identify lifecycle management, password policies, least privilege, Zero Trust, etc.
Strong understanding with privileged access management controls
Strong interpersonal and communication skills with good stakeholder engagements
Engage and partner with Operational leads with the teams to build, deploy, and maintain the PAM components across application portfolio in highly virtualized environment.
Conceptual understanding of various types of secrets and the circumstances in which they are used.
Knowledge of the capabilities of Secrets Management, including aspects such as discovery and storage.
Experience in actively participating in the build and implementation of a Secrets Management program.
Drive cross-functional engagements focused on delivering continuous improvements including product/service, performance, and operational enhancements.
Proactively identify process improvement areas and lead process improvement initiatives
Ensure PAM tools and processes adhere to IAM governance and compliance policies
To be successful in this role, we're seeking the following:
Bachelor's degree in computer science or a related discipline, or equivalent work experience required.
5+ years of experience in information security or related technology experience required
Minimum 3 years' experience as an Identity Engineer
Certifications such CISSP/CISM or equivalent are desired
As a member of a small team in a fast-paced environment, this role will require both strong intellectual agility and hands-on technical skills
Detail oriented with creative problem-solving and analytical skills
Excellent written and verbal communication skills
Ability to work in a fast-paced environment and to be an outstanding team player
Willing to do what is needed to get a job done
At BNY, our culture speaks for itself. Here's a few of our awards:
Our Benefits and Rewards:
BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay-for-performance philosophy. We provide access to flexible global resources and tools for your life's journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter.
BNY is an Equal Employment Opportunity/Affirmative Action Employer - Underrepresented racial and ethnic groups/Females/Individuals with Disabilities/Protected Veterans.
BNY Mellon is an Equal Employment Opportunity/Affirmative Action Employer. Minorities/Females/Individuals With Disabilities/Protected Veterans.
Our ambition is to build the best global team - one that is representative and inclusive of the diverse talent, clients and communities we work with and serve - and to empower our team to do their best work. We support wellbeing and a balanced life, and offer a range of family-friendly, inclusive employment policies and employee forums.
The Bank Of New York Mellon