Overview
Privileged Access Management, Analyst
At BNY, our culture empowers you to grow and succeed. As a leading global financial services company at the center of the world’s financial system we touch nearly 20% of the world’s investible assets. Every day around the globe, our 50,000+ employees bring the power of their perspective to the table to create solutions with our clients that benefit businesses, communities and people everywhere.
We continue to be a leader in the industry, awarded as a top home for innovators and for creating an inclusive workplace. Through our unique ideas and talents, together we help make money work for the world. This is what #LifeAtBNY is all about.
We’re seeking a future team member in the role of Privileged Access Management, Analyst to join our Information Security Division in the IAM team . This role is in Pittsburgh, PA OR Lake Mary, FL - HYBRID. Our Information Security Division (ISD) i s on constant alert using creativity and knowledge of cybersecurity, technology, and business processes to develop and deliver solutions. We collaborate and deliver services to protect the business, our clients, and technology.
Within the Information Security Division, our Identity and Access Management (IAM) service provides security solutions for identity management, web access management, stronger authentication, privileged access management, and platform security for Windows and Linux/UNIX and the Mainframe. These services ensure that the right users and machines have access to the right assets for the appropriate reason and time. IAM also protects our company from unauthorized access and fraud.
Our Information Security Division is on constant alert using their creativity and knowledge of cybersecurity, technology, and business processes to develop and deliver solutions. In this fast-paced environment, we collaborate to respond to current risks while identifying and anticipating future threats.
The Role:
As a senior associate and Privileged Access Management (PAM) Engineer, your responsibilities will include the engineering and configuration of our PAM suite of tools. You will establish and document policies, procedures, and guidelines related to the user and system access. You will be responsible for resolving technical issues in the PAM Platform through problem tracking, diagnosis and root-cause analysis, replication, troubleshooting, and resolution for moderately complex issues. The role also includes supporting the Operational team on all our PAM tooling. We are planning an uplift in our tooling to incorporate state of the art tools which will allow for just-in-time provisioning as well as implementing a tiered privilege model that ensures the least privilege principle is followed. Our PAM tools work across the following technologies: Windows, Kerberos, Mainframe security platforms (RACF, ACF2, and Top Secret), Network appliances, storage and will include most devices that support the technology environment. The role includes blending in with secrets management.
Key Responsibilities:
Analyze existing and potential new PAM tools and technologies to enhance and improve processes
Ensure that proper security settings are applied to reflect the model of least privilege
Understand all PAM functions including but not limited to user entitlement reviews, service account life cycle management, environment hygiene, vaulting, break glass, and conflicting combinations
Analyze, define, and prioritize the business and functional requirements for PAM initiatives
You will need to provide governance for the lifecycle and workflow for all enterprise Privileged accounts
Assist with providing requirements for PAM governance that enforces applicable organization security policies and standards
Identify control gaps and coordinate resolution
Identify improvement opportunities in IAM/PAM governance to increase operational effectiveness and improving the bank’s risk posture
Assist in the definition of cross platform information security and/or identity management policies and procedures
Create and maintain documentation as it relates to PAM platforms, design, configuration, support, and processes
The individual must have a proven track record in delivering identity solutions that are functional, secure, scalable, and reliable
You will need to demonstrate an understanding of Least privilege and Just In Time concepts
Extensive knowledge and hands on experience of PAM systems (e.g. CyberArk)
Exercise core technical capabilities across Linux, active directory, LDAP, database (Oracle, SQL Server, and others), monitoring, service management, containerized app platforms to diagnose, troubleshoot, and provide technical operational guidance.
Understanding of Cloud platforms such as: AWS, Azure, GCP
Familiarity with identity and access management (IAM) concepts, such as identify lifecycle management, password policies, least privilege, Zero Trust, etc.
Strong understanding with privileged access management controls
Strong interpersonal and communication skills with good stakeholder engagements
Engage and partner with Operational leads with the teams to build, deploy, and maintain the PAM components across application portfolio in highly virtualized environment.
Conceptual understanding of various types of secrets and the circumstances in which they are used.
Knowledge of the capabilities of Secrets Management, including aspects such as discovery and storage.
Experience in actively participating in the build and implementation of a Secrets Management program.
Drive cross-functional engagements focused on delivering continuous improvements including product/service, performance, and operational enhancements.
Proactively identify process improvement areas and lead process improvement initiatives
Ensure PAM tools and processes adhere to IAM governance and compliance policies
To be successful in this role, we’re seeking the following:
Bachelor's degree in computer science or a related discipline, or equivalent work experience required.
5+ years of experience in information security or related technology experience required
Minimum 3 years' experience as an Identity Engineer
Certifications such CISSP/CISM or equivalent are desired
As a member of a small team in a fast-paced environment, this role will require both strong intellectual agility and hands-on technical skills
Detail oriented with creative problem-solving and analytical skills
Excellent written and verbal communication skills
Ability to work in a fast-paced environment and to be an outstanding team player
Willing to do what is needed to get a job done
At BNY, our culture speaks for itself. Here’s a few of our awards:
America’s Most Innovative Companies, Fortune, 2024
World’s Most Admired Companies, Fortune 2024
Human Rights Campaign Foundation, Corporate Equality Index, 100% score, 2023-2024 · Best Places to Work for Disability Inclusion, Disability: IN – 100% score, 2023-2024
“Most Just Companies”, Just Capital and CNBC, 2024
Dow Jones Sustainability Indices, Top performing company for Sustainability, 2024
Bloomberg’s Gender Equality Index (GEI), 2023
Our Benefits and Rewards:
BNY offers highly competitive compensation, benefits, and wellbeing programs rooted in a strong culture of excellence and our pay-for-performance philosophy. We provide access to flexible global resources and tools for your life’s journey. Focus on your health, foster your personal resilience, and reach your financial goals as a valued member of our team, along with generous paid leaves, including paid volunteer time, that can support you and your family through moments that matter.
BNY is an Equal Employment Opportunity/Affirmative Action Employer - Underrepresented racial and ethnic groups/Females/Individuals with Disabilities/Protected Veterans.
Employer Description:
For over 230 years, the people of BNY Mellon have been at the forefront of finance, expanding the financial markets while supporting investors throughout the investment lifecycle. BNY Mellon can act as a single point of contact for clients looking to create, trade, hold, manage, service, distribute or restructure investments and safeguards nearly one-fifth of the world's financial assets. BNY Mellon remains one of the safest, most trusted and admired companies. Every day our employees make their mark by helping clients better manage and service their financial assets around the world. Whether providing financial services for institutions, corporations or individual investors, clients count on the people of BNY Mellon across time zones and in 35 countries and more than 100 markets. It's the collective ambition, innovative thinking and exceptionally focused client service paired with a commitment to doing what is right that continues to set us apart. Make your mark: bnymellon.com/careers.
EEO Statement:
BNY Mellon is an Equal Employment Opportunity/Affirmative Action Employer. Minorities/Females/Individuals With Disabilities/Protected Veterans. Our ambition is to build the best global team – one that is representative and inclusive of the diverse talent, clients and communities we work with and serve – and to empower our team to do their best work. We support wellbeing and a balanced life, and offer a range of family-friendly, inclusive employment policies and employee forums.