Cyber SDC - Privileged Access Management - Manager - Location OPEN

Ernst & Young•Dallas, TX

3d•Remote

About The Position

In an ever-evolving IT landscape, EY stands as a beacon of trust for clients across diverse industries seeking reliable solutions to address their intricate risks and vulnerabilities. As a vital member of our Identity and Access Management (IAM) , you will play a central role in achieving this objective by empowering clients to comprehend and navigate their complex Enterprise Identity environments. Your expertise will be instrumental in evaluating, enhancing, and devising innovative solutions, processes, and policies to cater to each client's unique IAM requirements. This is an opportunity to leverage both your technical prowess and business acumen to drive our mission and make a significant impact on global cybersecurity. The opportunity We currently offer an exciting career opportunity for a manager responsible for designing, engineering, maintaining, and troubleshooting a diverse range of privilege and secret management solutions across the IAM spectrum. Collaborating with esteemed and innovative professionals in the cybersecurity industry, you will have the opportunity to learn and apply cutting-edge tools and techniques to address some of the most relevant and pressing security challenges in the world. At our core, our IAM services play a pivotal role in assisting our clients to align security management strategy with business goals. This involves managing access to resources and services, as well as enforcing business, privacy, and security policies. With the support of strategic alliances with third-party vendors, our experienced professionals offer a comprehensive suite of services, including strategy, assessment, testing, and implementation of IAM solutions.

Requirements

Proven experience in integrating, deploying, and configuring PAM and Secret management Technologies, with a strong focus on CyberArk (vault, privilege cloud, secure, infrastructure, Endpoint access management and Conjur) and familiarity with other IAM solutions like Saviynt, SailPoint, Entra
In-depth knowledge of privilege access management frameworks, and the ability to offer guidance on their integration into existing applications.
Practical expertise in developing CyberArk technology tech stack, HashiCorp vault, BeyondTrust and Delina experience.
Proficiency in implementing, managing, and maintaining enterprise-level Privilege access management and secret management tools.
Solid understanding of enterprise directory services such as Active Directory, Azure AD, and LDAP, as well as experience in implementing MFA and SSO solutions.
Strong problem-solving and analytical skills, with the ability to translate business requirements into technical specifications and execute technical deliveries effectively.
A track record of delivering high-quality client services and work products within expected timeframes.
Excellent documentation skills, including the creation of procedures, process documentation, and user documentation related to IAM applications.
A bachelor's degree in a related field and approximately 8 years of related work experience; or a graduate degree and approximately 3 years of related work experience.
Experience with PAM architecture and development within CyberArk, HashiCorp, or, other PAM Solutions.
Well-versed and hands-on experience with CyberArk Conjur and HashiCorp Vault usage and functionality.
A valid driver's license in the US and/or a valid passport are required; Willingness and ability to travel

Nice To Haves

Professional certifications in Identity & Access Management, such as CISSP, CISM, or specific vendor certifications like CyberArk CDE, Hashi Vault Certified Implementation Engineer.
Familiarity with additional IAM technologies and tools, including SailPoint, ForgeRock, Ping Identity, RSA, etc.
Knowledge of cloud-based IAM solutions and experience working with cloud platforms like AWS, Azure, or Google Cloud.
Understanding of regulatory compliance frameworks and industry standards related to IAM, such as GDPR, HIPAA, NIST, or ISO 27001.
Prior experience in providing PAM services to clients from various industries, demonstrating versatility and adaptability in addressing diverse IAM challenges.
Strong interpersonal and communication skills, with the ability to collaborate effectively with clients and cross-functional teams to present solution designs, options, and innovations.

Responsibilities

Develop privilege and secret access management controls CyberArk, BeyondTrust, Hashi and Delian solution.
Oversea the design and implementation of the privileged access and secret management solution
Assist with the privilege and secret management requirement gathering and define the use cases at the enterprise level
Configure and optimize discovery tools for privilege accounts, services, SSH keys, and tasks (CyberArk, Hashi Corp, Delinea, BeyondTrust), including auto-detection and auto-onboarding
Manage onboarding of the target systems such as Windows, Linux and Unix accounts, Databases (Oracle, MS SQL, Redish cache) and integration of the DevOps solutions such as Ansible, Puppet, Jenkins, Kubernetes. OpenShift, GitHub, Gitlab, Docker, Ansible platforms
Knowledge of the modern cloud vaults such as AWS secret manager and Azure key vault
Define and implement vaulting, rotation, and heartbeat policies for human and non-human identities; enable SSH key and password rotation, check-out/check-in, dual control, and break-glass.
Participate in the self-service design and implementation of the privilege or secrets life cycle management using enterprise identity governance solutions (creation, management, certification, deletion)
Develop and establish governance processes for non-human identity management.
Develop policies for the end point management solutions including Windows workstations, Mac OS, Linux and Unix servers