Cyber Managed Services - Identity Access Management SDC PAM -Senior

About The Position

Requirements

• Hands-on experience operating PAM solutions, with a strong preference for CyberArk (PAS, PSM, EPM), BeyondTrust, Delinea.
• Working knowledge of privileged access concepts, including vaulting, session management, credential rotation, and least privilege.
• Familiarity with operating systems and platforms commonly integrated with PAM (Windows, Unix/Linux, databases, network devices).
• Understanding of ITSM processes (Incident, Problem, Change, Request).
• Strong operational discipline with experience working in SLA-driven, managed services environments.
• Bachelor’s degree in computer science, Information Security, or a related field.
• 3–5 years of experience in cybersecurity operations, IAM, or PAM support roles.
• Hands-on operational experience with at least one PAM platform (CyberArk preferred).
• Experience supporting enterprise environments with Active Directory, Azure AD, LDAP, and service accounts.
• Willingness to work in shift-based or on-call operational models as required by SDC

Nice To Haves

• CyberArk certifications (Defender, Sentry, or PAM-related credentials) BeyondTust and Delinea.
• Exposure to cloud PAM integrations (Azure, AWS, GCP).
• Understanding of regulatory and security frameworks (ISO 27001, NIST, SOX, GDPR).
• Experience with scripting or automation (PowerShell, Python) for operational efficiency.
• Prior experience supporting global clients in a managed security services model.

Responsibilities

• Perform day-to-day administration of PAM platforms (e.g., CyberArk PAS, EPM, PSM, AAM), including user onboarding, account lifecycle management, and access provisioning/deprovisioning.
• Monitor PAM infrastructure health, vault availability, password rotation status, and privileged session availability.
• Execute routine operational tasks such as password reconciliations, account discovery validations, and platform housekeeping.
• Enforce privileged access policies, approvals, and segregation-of-duties requirements as defined by client governance models.
• Support privileged access requests, emergency access (break-glass) processes, and time-bound access workflows.
• Validate compliance of privileged accounts across Windows, Unix/Linux, databases, network devices, and cloud platforms.
• Act as L1/L2 support for PAM-related incidents, alerts, and service requests, ensuring resolution within defined SLAs.
• Perform root cause analysis for recurring PAM operational issues and support problem management activities.
• Support planned changes, patching, upgrades, and configuration updates in coordination with engineering teams.
• Review and respond to alerts, logs, and privileged session recordings as part of security monitoring and audit support.
• Generate operational and compliance reports for privileged access usage, password health, and platform KPIs.
• Support internal and external audits by providing evidence, reports, and operational documentation.
• Maintain and update SOPs, runbooks, operational procedures, and knowledge articles for PAM services.
• Identify opportunities to automate repetitive PAM operational tasks and improve service efficiency.
• Contribute to service transition activities for new PAM onboardings into SDC operations.

Benefits

• We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business.
• The base salary range for this job in all geographic locations in the US is $77,500 to $140,900.
• The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $92,900 to $160,500.
• Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography.
• In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options.
• Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances.
• You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.