Altice USA
IAM & PAM Engineer
The IAM & PAM Engineer will be responsible for ensuring that Altice USA's Identity & Access Management and Privileged Access Management platform is implemented, designed, and maintained to ensure that all applications being used within the company are on-boarded for access entitlements, provisioning and de-provisioning of users. Candidate must be familiar in integrating and managing privileged accounts, ensuring security compliance, and providing technical support for CyberArk or similar related technologies. Candidate must be well versed with Identity federation principles as the person will have the responsibility to set the standard for the firm in terms of identity & access management as well as privilege access management. Candidate must also have role-based access control (RBAC) experience in relation to design, implementation, and remediation. This position requires participation in technical research and development to enable continuing innovation for Privilege Access Management and Information Risk management. CyberArk Experience Preferred. Responsibilities include: Providing information security subject matter expertise in support of projects sponsored by business units and other EIT departments. Installing and configuring CyberArk PAS solutions or related technology, including the Enterprise Password Vault (EPV), Central Policy Manager (CPM), Password Vault Web Access (PVWA), Privileged Session Manager (PSM), and Privileged Session Manager Proxy (PSMP), Endpoint Privilege Access Management (EPAM), and Third Party Privilege Access Management (VPAM). Administering and engineering CyberArk for integrating privileged accounts across on-premises and cloud environments, including Azure. Collaborating with cross-functional teams to integrate CyberArk solutions into both on-premises and cloud-based systems. Integration of automated password rotation on service accounts, and other highly privileged accounts. Conducting regular assessments and audits to ensure the security and compliance of privileged accounts and access across all environments. Assisting in the documentation of processes, procedures, and best practices for CyberArk administration and privileged access management. Staying up-to-date on the latest developments in CyberArk technologies and cybersecurity best practices through self-study and training opportunities. Ensuring that system implementations conform to established company security standards and/or industry best practices. Participating in the budget process by specifying Information Security technical, resource, and personnel requirements for capital projects. Conducting laboratory and pilot evaluations of security technologies. Providing information security consulting services to business units and other departments. Maintaining support relationships with various vendors and manufacturers. Developing and maintaining minimum security baseline configurations for various handheld, workstation, and server operating systems. Processing Service Desk tickets assigned to the Engineering team. Responsible for problem resolution. Developing documentation including operations manuals, runbooks, procedures, and problem resolutions. Qualifications include: Bachelor's degree in Information Systems, IT Security, Cybersecurity, Computer Science or equivalent experience required. Minimum 3-5 years of experience in Information Security with a focus on Identity and Access Management with Privileged Access solution components such as CyberArk - EPV, CPM, PVWA, PSM, PSMP, EPAM, and VPAM. Deep understanding of RBAC (Role Based Access Control), Single Sign On (SSO), and Privileged Account Management (PAM), Identity and Access Management (IAM). Identity Access and Governance management - Preferably skills with SailPoint, Okta, and a Privilege Access Management solution such as CyberArk. Strong Analytical background. Understanding of Active Directory domains, LDAP directories, Oracle Identity, Unix Identity. Strong understanding of cloud computing concepts including experience with Microsoft Azure, Amazon Web Services, Google Cloud Platform. Knowledge of scripting (Unix/Linux shell, Perl and Windows) or programming (Visual Basic and MS Access). Expert knowledge of Microsoft Active Directory, Azure Active Directory. Advanced level knowledge in architecture and implementation of identity and access management solutions. Extensive experience in design and troubleshooting of user provisioning and deprovisioning workflows, including automation of access and access removal to various applications and/or authorities. Demonstrated knowledge of identity, authentication, security, privacy, and compliance and how they factor into cloud and hybrid solutions. Strong working knowledge of network architecture and standards for large enterprise. Knowledge of compliance standards and practices such as PCI DSS, Sarbanes Oxley, and Department of Justice National Security Agreement. Ability to assemble project requirements and contribute to a security design implementation from inception to completion.
The IAM & PAM Engineer will be responsible for ensuring that Altice USA's Identity & Access Management and Privileged Access Management platform is implemented, designed, and maintained to ensure that all applications being used within the company are on-boarded for access entitlements, provisioning and de-provisioning of users. Candidate must be familiar in integrating and managing privileged accounts, ensuring security compliance, and providing technical support for CyberArk or similar related technologies. Candidate must be well versed with Identity federation principles as the person will have the responsibility to set the standard for the firm in terms of identity & access management as well as privilege access management. Candidate must also have role-based access control (RBAC) experience in relation to design, implementation, and remediation. This position requires participation in technical research and development to enable continuing innovation for Privilege Access Management and Information Risk management. CyberArk Experience Preferred. Responsibilities include: Providing information security subject matter expertise in support of projects sponsored by business units and other EIT departments. Installing and configuring CyberArk PAS solutions or related technology, including the Enterprise Password Vault (EPV), Central Policy Manager (CPM), Password Vault Web Access (PVWA), Privileged Session Manager (PSM), and Privileged Session Manager Proxy (PSMP), Endpoint Privilege Access Management (EPAM), and Third Party Privilege Access Management (VPAM). Administering and engineering CyberArk for integrating privileged accounts across on-premises and cloud environments, including Azure. Collaborating with cross-functional teams to integrate CyberArk solutions into both on-premises and cloud-based systems. Integration of automated password rotation on service accounts, and other highly privileged accounts. Conducting regular assessments and audits to ensure the security and compliance of privileged accounts and access across all environments. Assisting in the documentation of processes, procedures, and best practices for CyberArk administration and privileged access management. Staying up-to-date on the latest developments in CyberArk technologies and cybersecurity best practices through self-study and training opportunities. Ensuring that system implementations conform to established company security standards and/or industry best practices. Participating in the budget process by specifying Information Security technical, resource, and personnel requirements for capital projects. Conducting laboratory and pilot evaluations of security technologies. Providing information security consulting services to business units and other departments. Maintaining support relationships with various vendors and manufacturers. Developing and maintaining minimum security baseline configurations for various handheld, workstation, and server operating systems. Processing Service Desk tickets assigned to the Engineering team. Responsible for problem resolution. Developing documentation including operations manuals, runbooks, procedures, and problem resolutions. Qualifications include: Bachelor's degree in Information Systems, IT Security, Cybersecurity, Computer Science or equivalent experience required. Minimum 3-5 years of experience in Information Security with a focus on Identity and Access Management with Privileged Access solution components such as CyberArk - EPV, CPM, PVWA, PSM, PSMP, EPAM, and VPAM. Deep understanding of RBAC (Role Based Access Control), Single Sign On (SSO), and Privileged Account Management (PAM), Identity and Access Management (IAM). Identity Access and Governance management - Preferably skills with SailPoint, Okta, and a Privilege Access Management solution such as CyberArk. Strong Analytical background. Understanding of Active Directory domains, LDAP directories, Oracle Identity, Unix Identity. Strong understanding of cloud computing concepts including experience with Microsoft Azure, Amazon Web Services, Google Cloud Platform. Knowledge of scripting (Unix/Linux shell, Perl and Windows) or programming (Visual Basic and MS Access). Expert knowledge of Microsoft Active Directory, Azure Active Directory. Advanced level knowledge in architecture and implementation of identity and access management solutions. Extensive experience in design and troubleshooting of user provisioning and deprovisioning workflows, including automation of access and access removal to various applications and/or authorities. Demonstrated knowledge of identity, authentication, security, privacy, and compliance and how they factor into cloud and hybrid solutions. Strong working knowledge of network architecture and standards for large enterprise. Knowledge of compliance standards and practices such as PCI DSS, Sarbanes Oxley, and Department of Justice National Security Agreement. Ability to assemble project requirements and contribute to a security design implementation from inception to completion.