Privileged Access Management (PAM) Sr. Specialist

Job Description: At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities, and shareholders every day. Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us! Responsibilities This role reports directly to the Technology Executive for Authentication, Privilege Access Management Service, and Cloud IAM. It is primarily responsible for ensuring relevant Privileged Access Controls are enforced across platforms and applications to comply with IAM standards. Partner with PAM Governance leads to ensure Privileged Access Controls are measured, reported, and governed appropriately. Assess Privileged Access risk when business and technology decisions are made, demonstrating risk management practices to safeguard BAC's reputation, clients, and assets, while driving compliance with laws, rules, and regulations, and adhering to BAC policies and standards. Monitor industry information security and PAM trends, engaging peer organizations to refine BAC's PAM strategy. Apply industry PAM best practices, templates, and documentation, proposing improvements based on practical knowledge. Provide Active Directory security best practices and consultation to cross-functional teams, ensuring compliance with IAM standards and better protection of privileged accounts against cyberattacks. Develop new PAM requirements and cloud-based security solutions, governing cloud identities. Establish and maintain strong partnerships with other Global Information Security functions, Infrastructure, Cyber Security, Third Party Management, Compliance, Internal Audit, and regulators. Influence technology and PAM tool owners to build and implement efficient, effective, and modern PAM solutions that reduce risks sustainably. Collaborate with stakeholders to develop PAM requirements supporting long-term modernization and transformation, covering process, data, and technology aspects. Engage with Product Managers and Senior Architects to understand the PAM technology roadmap, emphasizing modern security principles. Consult with the business to identify gaps and governance issues, leveraging domain expertise to find effective solutions. Communicate proposed changes clearly through educational materials for others' understanding. Provide education to team members and partners on proposed changes. Partner with policy governance teams for socialization and publication of PAM standard changes. Take accountability for addressing PAM risks, proactively identifying risks and ways to improve controls, and driving towards desired outcomes. Engage senior management with factual, transparent, and timely reports on PAM and information security risks. Participate actively in GIS IAM/PAM forums, including Monthly IAM Stakeholder and Control Owner Forums, for standard and SPI enhancements. Support audit issue resolution and sustainability. Required Qualifications: Extensive knowledge of PAM-specific laws, rules, and regulations in financial services. Understanding BAC's security policies, standards, procedures, and guides, applying this knowledge to PAM decisions and responses. Serve as Subject Matter Expert to advise on compliance. Proficient in risk and role-based access security controls implementation and governance. Extensive experience managing Active Directory for privileged access controls. Ability to influence cloud technology owners to develop more secure processes. Strong risk management mindset, proactively mitigating PAM-related risks. Familiarity with security standards such as NIST, ISO/EC, FFIEC. CISSP certification is an advantage. Expertise in PAM methodologies and techniques for on-prem and cloud environments. Knowledge of PAM tools supporting session proxy, vaulting, just-in-time provisioning, and integrations. 10+ years of relevant PAM experience, including 5+ years in management. Deep security knowledge across core infrastructure, identity management, and application security. Experience with Linux, Windows, cloud identity services, and PAM service design and architecture. Expertise in authentication platforms like Active Directory, LDAP, Kerberos, Radius. Knowledge of federation protocols such as OAuth, OpenID, SAML, WS-Fed. Desired Qualifications Experience with IAM platforms like Ping Identity, OpenLDAP, OpenDJ. Experience with Web Service APIs (JSON/XML). Proficiency with AWS, Azure, GCP, or other cloud technologies. Ability to articulate data-driven plans and partner with stakeholders on risk reduction solutions. Strong attention to detail and analytical skills. Excellent communication and presentation skills. Effective organizational and multitasking skills. Experience managing large, complex projects. Proficiency in data management and metadata analysis. Ability to motivate and engage teams and partners to deliver solutions. Proficiency in Microsoft Office and data analysis tools. Proactive, independent work ethic with a willingness to learn. Effective communicator across technical and business audiences. Knowledge of banking policies and adaptable to fast-changing environments. Understanding of compliance certifications like SOX, SOC, SOC2. This job will be open and accepting applications for a minimum of seven days from the date it was posted. Shift: 1st shift (United States of America) Hours Per Week: 40 Pay Transparency details US - CO - Denver - 1144 15th St - Denver Gis (CO9926), US - DC - Washington - 1800 K St NW - 1800 K Street NW (DC1842), US - IL - Chicago - 540 W Madison St - Bank Of America Plaza (IL4540), US - NJ - Jersey City - 101 Hudson St - 101 Hudson (NJ2101) Pay range $137,300.00 - $190,100.00 annualized salary, offers to be determined based on experience, education, and skill set. Discretionary incentive eligible. This role is eligible for an annual discretionary award based on individual performance, group/line of business performance, and overall company success. Benefits: This role is benefits eligible, providing industry-leading benefits, paid time off, resources, and support for employees to contribute to sustainable growth and community impact. #J-18808-Ljbffr