Report this job

---

What is the problem? *

Incorrect company
Incorrect location
Job is expired
Job may be a scam
Other

Position: IAM PAM Engineer

Location: Remote

Duration: Fulltime/ Permanent

Requirement:

Role Summary: Privileged Access will support engineering efforts for initiatives in AAPs Privileged Access Program within the Identity & Access Management team. This role will operate under the guidance of an Engineering Leader and partner closely with stakeholders across technology and operations teams to implement automated solutions to log, monitor, and action activity in the purview of highly privileged access, across a variety of self-hosted and cloud environments. This role will participate in process engineering efforts in developing automation of manual tasks, as well as improvement of existing automations. This role must have strong communication and collaboration skills to work with cross-functional teams and stakeholders to ensure the delivery of quality solutions while enforcing adherence to AAPs Information Security policies and regulatory obligations.

Responsibilities:

• Experience in Design, Installation, Implementation, User Policies, Certifications, Privilege account Provisioning, creating workflows, custom connectors, policies
• Managing access to Windows, Unix/Linux, Web portals, and RDP Published applications.
• Should be capable to deploy/install/configure Thycotic/CyberArk/BeyondTrust PAM Components
• In-depth understanding to use Account, Service, and task Discovery tools
• Target system On-boarding and Application on-boarding.
• Implement Application to Application clients.
• Serve as the subject matter expert (SME) for the PAM toolset.
• Provide overall direction and oversight into the PAM functions across the organization, including Password Vaulting of elevated user and application service accounts.
• Knowledge on customization of PAM Platforms, Connectors/Plugins (with AutoIT/Shell Scripting) and good knowledge on auto-detection configuration and usage of Discovery Scanning tools.
• Understanding of relevant technologies and concepts related to DevOps by Setting up servers from scratch, Setup process as system services with Continuous Integration/ Continuous Deployment in DevOps.
• Develop best practices for detecting compliance issues and threats
• Develop and utilize deployment and process automation capabilities (scripts, applications, platforms, APIs) to ensure processes are defined, repeatable, scalable, and able to be disseminated for wider utilization
• Develop documentation that fully captures technical PAM baselines and operational capabilities
• Document architecture and processes.

Requirements:

• PAM hands-on experience. Additionally, any IAM (Identity and Access Management) experience would be preferred
• Hands-on technical experience with PAM (Privileged Access Management) suite installation, policy configuration and administration.
• Experience with PAM architecture and design along with a good understanding of business, audit, and regulatory drivers.
• Strong understanding of PAM environments along with exposure to IT infrastructure components such AD, Windows & Linux server operating systems, AS400, DBs(Database) and virtualization
• Namespace Types of authentication mechanism supported by vault (LDAP, kubernetes, Azure, AWS etc)
• Types of secrets engine (Key Vault, Public Key Infrastructure, Database, Transit, SSH, AWS, AD etc)
• Writing policies for secrets authorization
• Integration of vault with CICD(Continuous integration & continuous delivery) tools like Ansible, Jenkins, Terraform, XL Release devops tools(optional) etc. `
• Experience in deploying and/or maintaining HA (High Availability) & DR (Disaster Recovery) PAM environments.
• Hands-on experience with one or more scripting languages such as PowerShell, Bash/Shell scripting, Python and the ability to work with the product REST API, CLI(Command Line Interface) or SDK(Software Development Kit)
• Experience with advanced product capabilities like application-to-application/machine-to-machine password management, endpoint privilege management, etc.
• Experience with understanding regulatory compliance and audit requirements for clients in various industries