EY
Cyber SDC - Privileged Access Management - Manager - Location OPEN
EY, San Antonio, Texas, United States, 78208
Cyber SDC - Privileged Access Management - Manager
Join EY for the
Cyber SDC - Privileged Access Management - Manager
role.
Location Anywhere in Country
At EY, we help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help build a better working world.
In an ever‑evolving IT landscape, EY stands as a beacon of trust for clients across diverse industries seeking reliable solutions to address their intricate risks and vulnerabilities. As a vital member of our Identity and Access Management (IAM) practice, you will play a central role in empowering clients to comprehend and navigate their complex Enterprise Identity environments. Your expertise will be instrumental in evaluating, enhancing, and devising innovative solutions, processes, and policies to cater to each client’s unique IAM requirements.
Your Key Responsibilities
Develop privilege and secret access management controls for CyberArk, BeyondTrust, Hashi, and Delinea solutions.
Oversee the design and implementation of the privileged access and secret management solution.
Assist with the privilege and secret management requirement gathering and define the use cases at the enterprise level.
Configure and optimize discovery tools for privilege accounts, services, SSH keys, and tasks (CyberArk, HashiCorp, Delinea, BeyondTrust), including auto‑detection and auto‑onboarding.
Manage onboarding of target systems such as Windows, Linux, Unix accounts, databases (Oracle, MS SQL, Redis cache) and integration of DevOps solutions such as Ansible, Puppet, Jenkins, Kubernetes (OpenShift), GitHub, GitLab, Docker, and Ansible platforms.
Apply knowledge of modern cloud vaults such as AWS Secret Manager and Azure Key Vault.
Define and implement vaulting, rotation, and heartbeat policies for human and non‑human identities; enable SSH key and password rotation, check‑out/check‑in, dual control, and break‑glass.
Participate in the self‑service design and implementation of privilege or secrets life‑cycle management using enterprise identity governance solutions (creation, management, certification, deletion).
Develop and establish governance processes for non‑human identity management.
Develop policies for endpoint management solutions including Windows workstations, macOS, Linux, and Unix servers.
Skills And Attributes For Success
Proven experience in integrating, deploying, and configuring PAM and secret management technologies, with a strong focus on CyberArk (vault, privilege cloud, secure infrastructure, endpoint access management and Conjur) and familiarity with other IAM solutions like Saviynt, SailPoint, Entra.
In‑depth knowledge of privilege access management frameworks and the ability to offer guidance on their integration into existing applications.
Practical expertise in developing CyberArk technology tech stack, HashiCorp Vault, BeyondTrust and Delinea experience.
Proficiency in implementing, managing, and maintaining enterprise‑level privilege access management and secret management tools.
Solid understanding of enterprise directory services such as Active Directory, Azure AD, and LDAP, and experience implementing MFA and SSO solutions.
Strong problem‑solving and analytical skills, with the ability to translate business requirements into technical specifications and execute technical deliveries effectively.
A track record of delivering high‑quality client services and work products within expected timeframes.
Excellent documentation skills, including the creation of procedures, process documentation, and user documentation related to IAM applications.
To qualify for the role you must have
A bachelor’s degree in a related field and approximately 8 years of related work experience; or a graduate degree and approximately 3 years of related work experience.
Experience with PAM architecture and development within CyberArk, HashiCorp, or other PAM solutions.
Well‑versed and hands‑on experience with CyberArk Conjur and HashiCorp Vault usage and functionality.
A valid driver’s license in the US and/or a valid passport are required; willingness and ability to travel.
Ideally, you’d also have
Professional certifications in Identity & Access Management, such as CISSP, CISM, or vendor certifications like CyberArk CDE, HashiCorp Vault Certified Implementation Engineer.
Familiarity with additional IAM technologies and tools, including SailPoint, ForgeRock, Ping Identity, RSA, etc.
Knowledge of cloud‑based IAM solutions and experience working with cloud platforms like AWS, Azure, or Google Cloud.
Understanding of regulatory compliance frameworks and industry standards related to IAM, such as GDPR, HIPAA, NIST, or ISO 27001.
Prior experience in providing PAM services to clients from various industries, demonstrating versatility and adaptability in addressing diverse IAM challenges.
Strong interpersonal and communication skills, with the ability to collaborate effectively with clients and cross‑functional teams to present solution designs, options, and innovations.
What We Look For We’re interested in intellectually curious people with a genuine passion for cyber security. With your broad exposure across IAM, we’ll turn to you to speak up with innovative new ideas that could make a lasting difference not only to us but to the industry at large.
What We Offer You
A comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $106,800 to $194,800. The base salary range for the New York City Metro Area, Washington State and California (excluding Sacramento) is $128,000 to $221,500. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options.
Join us in a team‑led and leader‑enabled hybrid model. Our expectation is for most people in external, client‑serving roles to work together in person 40‑60% of the time over the course of an engagement, project or year.
An adaptable vacation policy that lets you decide how much vacation time you need based on your personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence as needed.
Equal Employment Opportunity Statement EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities, including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please contact EY Talent Support.
#J-18808-Ljbffr
Cyber SDC - Privileged Access Management - Manager
role.
Location Anywhere in Country
At EY, we help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help build a better working world.
In an ever‑evolving IT landscape, EY stands as a beacon of trust for clients across diverse industries seeking reliable solutions to address their intricate risks and vulnerabilities. As a vital member of our Identity and Access Management (IAM) practice, you will play a central role in empowering clients to comprehend and navigate their complex Enterprise Identity environments. Your expertise will be instrumental in evaluating, enhancing, and devising innovative solutions, processes, and policies to cater to each client’s unique IAM requirements.
Your Key Responsibilities
Develop privilege and secret access management controls for CyberArk, BeyondTrust, Hashi, and Delinea solutions.
Oversee the design and implementation of the privileged access and secret management solution.
Assist with the privilege and secret management requirement gathering and define the use cases at the enterprise level.
Configure and optimize discovery tools for privilege accounts, services, SSH keys, and tasks (CyberArk, HashiCorp, Delinea, BeyondTrust), including auto‑detection and auto‑onboarding.
Manage onboarding of target systems such as Windows, Linux, Unix accounts, databases (Oracle, MS SQL, Redis cache) and integration of DevOps solutions such as Ansible, Puppet, Jenkins, Kubernetes (OpenShift), GitHub, GitLab, Docker, and Ansible platforms.
Apply knowledge of modern cloud vaults such as AWS Secret Manager and Azure Key Vault.
Define and implement vaulting, rotation, and heartbeat policies for human and non‑human identities; enable SSH key and password rotation, check‑out/check‑in, dual control, and break‑glass.
Participate in the self‑service design and implementation of privilege or secrets life‑cycle management using enterprise identity governance solutions (creation, management, certification, deletion).
Develop and establish governance processes for non‑human identity management.
Develop policies for endpoint management solutions including Windows workstations, macOS, Linux, and Unix servers.
Skills And Attributes For Success
Proven experience in integrating, deploying, and configuring PAM and secret management technologies, with a strong focus on CyberArk (vault, privilege cloud, secure infrastructure, endpoint access management and Conjur) and familiarity with other IAM solutions like Saviynt, SailPoint, Entra.
In‑depth knowledge of privilege access management frameworks and the ability to offer guidance on their integration into existing applications.
Practical expertise in developing CyberArk technology tech stack, HashiCorp Vault, BeyondTrust and Delinea experience.
Proficiency in implementing, managing, and maintaining enterprise‑level privilege access management and secret management tools.
Solid understanding of enterprise directory services such as Active Directory, Azure AD, and LDAP, and experience implementing MFA and SSO solutions.
Strong problem‑solving and analytical skills, with the ability to translate business requirements into technical specifications and execute technical deliveries effectively.
A track record of delivering high‑quality client services and work products within expected timeframes.
Excellent documentation skills, including the creation of procedures, process documentation, and user documentation related to IAM applications.
To qualify for the role you must have
A bachelor’s degree in a related field and approximately 8 years of related work experience; or a graduate degree and approximately 3 years of related work experience.
Experience with PAM architecture and development within CyberArk, HashiCorp, or other PAM solutions.
Well‑versed and hands‑on experience with CyberArk Conjur and HashiCorp Vault usage and functionality.
A valid driver’s license in the US and/or a valid passport are required; willingness and ability to travel.
Ideally, you’d also have
Professional certifications in Identity & Access Management, such as CISSP, CISM, or vendor certifications like CyberArk CDE, HashiCorp Vault Certified Implementation Engineer.
Familiarity with additional IAM technologies and tools, including SailPoint, ForgeRock, Ping Identity, RSA, etc.
Knowledge of cloud‑based IAM solutions and experience working with cloud platforms like AWS, Azure, or Google Cloud.
Understanding of regulatory compliance frameworks and industry standards related to IAM, such as GDPR, HIPAA, NIST, or ISO 27001.
Prior experience in providing PAM services to clients from various industries, demonstrating versatility and adaptability in addressing diverse IAM challenges.
Strong interpersonal and communication skills, with the ability to collaborate effectively with clients and cross‑functional teams to present solution designs, options, and innovations.
What We Look For We’re interested in intellectually curious people with a genuine passion for cyber security. With your broad exposure across IAM, we’ll turn to you to speak up with innovative new ideas that could make a lasting difference not only to us but to the industry at large.
What We Offer You
A comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $106,800 to $194,800. The base salary range for the New York City Metro Area, Washington State and California (excluding Sacramento) is $128,000 to $221,500. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options.
Join us in a team‑led and leader‑enabled hybrid model. Our expectation is for most people in external, client‑serving roles to work together in person 40‑60% of the time over the course of an engagement, project or year.
An adaptable vacation policy that lets you decide how much vacation time you need based on your personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence as needed.
Equal Employment Opportunity Statement EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities, including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please contact EY Talent Support.
#J-18808-Ljbffr