EY
Cyber SDC - Privileged Access Management - Manager - Location OPEN
EY, Dallas, Texas, United States, 75215
Cyber SDC - Privileged Access Management - Manager - Location OPEN
4 days ago Be among the first 25 applicants
Location: Anywhere in Country
At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world.
In an ever‑evolving IT landscape, EY stands as a beacon of trust for clients across diverse industries seeking reliable solutions to address their intricate risks and vulnerabilities. As a vital member of our Identity and Access Management (IAM) function, you will play a central role in empowering clients to comprehend and navigate their complex Enterprise Identity environments. Your expertise will be instrumental in evaluating, enhancing, and devising innovative solutions, processes, and policies to cater to each client’s unique IAM requirements. This is an opportunity to leverage both your technical prowess and business acumen to drive our mission and make a significant impact on global cybersecurity.
The opportunity We currently offer an exciting career opportunity for a manager responsible for designing, engineering, maintaining, and troubleshooting a diverse range of privilege and secret management solutions across the IAM spectrum. Collaborating with esteemed and innovative professionals in the cybersecurity industry, you will have the opportunity to learn and apply cutting‑edge tools and techniques to address some of the most relevant and pressing security challenges in the world.
Your Key Responsibilities
Develop privilege and secret access management controls for CyberArk, BeyondTrust, HashiCorp, and Delinea solutions.
Oversee the design and implementation of the privileged access and secret management solution.
Assist with privilege and secret management requirement gathering and define the use cases at the enterprise level.
Configure and optimize discovery tools for privilege accounts, services, SSH keys, and tasks (CyberArk, HashiCorp, Delinea, BeyondTrust), including auto‑detection and auto‑onboarding.
Manage onboarding of target systems such as Windows, Linux, Unix accounts, databases (Oracle, MS SQL, Redis cache) and integration of DevOps solutions such as Ansible, Puppet, Jenkins, Kubernetes, OpenShift, GitHub, GitLab, Docker, Ansible platforms.
Knowledge of modern cloud vaults such as AWS Secrets Manager and Azure Key Vault.
Define and implement vaulting, rotation, and heartbeat policies for human and non‑human identities; enable SSH key and password rotation, check‑out/check‑in, dual control, and break‑glass.
Participate in the self‑service design and implementation of the privilege or secrets life‑cycle management using enterprise identity governance solutions (creation, management, certification, deletion).
Develop and establish governance processes for non‑human identity management.
Develop policies for endpoint management solutions including Windows workstations, MacOS, Linux and Unix servers.
Skills And Attributes For Success
Proven experience in integrating, deploying, and configuring PAM and Secret management technologies, with a strong focus on CyberArk and familiarity with other IAM solutions such as Saviynt, SailPoint, Entra.
In-depth knowledge of privilege access management frameworks and the ability to guide their integration into existing applications.
Practical expertise in developing CyberArk technology tech stack, HashiCorp Vault, BeyondTrust and Delinea.
Proficiency in implementing, managing, and maintaining enterprise‑level privilege access management and secret management tools.
Solid understanding of enterprise directory services such as Active Directory, Azure AD, LDAP, and experience implementing MFA and SSO solutions.
Strong problem‑solving and analytical skills, with the ability to translate business requirements into technical specifications and execute deliveries effectively.
A track record of delivering high‑quality client services and work products within expected timeframes.
Excellent documentation skills, including creation of procedures, process documentation, and user documentation related to IAM applications.
To qualify for the role you must have
A bachelor’s degree in a related field and approximately 8 years of related work experience; or a graduate degree and approximately 3 years of related work experience.
Experience with PAM architecture and development within CyberArk, HashiCorp, or other PAM solutions.
Well‑versed and hands‑on experience with CyberArk Conjur and HashiCorp Vault usage and functionality.
A valid driver’s license in the US and/or a valid passport are required; willingness and ability to travel.
Ideally, you’d also have
Professional certifications in Identity & Access Management, such as CISSP, CISM, or specific vendor certifications like CyberArk CDE, HashiVault Certified Implementation Engineer.
Familiarity with additional IAM technologies and tools, including SailPoint, ForgeRock, Ping Identity, RSA, etc.
Knowledge of cloud‑based IAM solutions and experience working with cloud platforms such as AWS, Azure, or Google Cloud.
Understanding of regulatory compliance frameworks and industry standards related to IAM, such as GDPR, HIPAA, NIST, ISO 27001.
Prior experience in providing PAM services to clients from various industries, demonstrating versatility and adaptability.
Strong interpersonal and communication skills, with the ability to collaborate effectively with clients and cross‑functional teams.
What We Look For We’re interested in intellectually curious people with a genuine passion for cyber security. With your broad exposure across IAM, we’ll turn to you to speak up with innovative new ideas that could make a lasting difference not only for us, but also for the industry at large. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you.
What We Offer You
We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $106,800 to $194,800. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $128,000 to $221,500. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options.
Join us in our team‑led and leader‑enabled hybrid model. Our expectation is that most people in external, client‑serving roles will work together in person 40‑60% of the time over the course of an engagement, project or year.
Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well‑being.
Seniorities and Job Details Seniority level: Mid‑Senior level
Employment type: Full‑time
Job function: Information Technology
Industries: Professional Services
Are you ready to shape your future with confidence? Apply today. EY accepts applications for this position on an ongoing basis.
For those living in California, please click here for additional information.
EY focuses on high‑ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities.
EY | Building a better working world
EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets.
Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow.
EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi‑disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.
EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law.
EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY’s Talent Shared Services Team (TSS) or email the TSS at ssc.customersupport@ey.com.
#J-18808-Ljbffr
Location: Anywhere in Country
At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world.
In an ever‑evolving IT landscape, EY stands as a beacon of trust for clients across diverse industries seeking reliable solutions to address their intricate risks and vulnerabilities. As a vital member of our Identity and Access Management (IAM) function, you will play a central role in empowering clients to comprehend and navigate their complex Enterprise Identity environments. Your expertise will be instrumental in evaluating, enhancing, and devising innovative solutions, processes, and policies to cater to each client’s unique IAM requirements. This is an opportunity to leverage both your technical prowess and business acumen to drive our mission and make a significant impact on global cybersecurity.
The opportunity We currently offer an exciting career opportunity for a manager responsible for designing, engineering, maintaining, and troubleshooting a diverse range of privilege and secret management solutions across the IAM spectrum. Collaborating with esteemed and innovative professionals in the cybersecurity industry, you will have the opportunity to learn and apply cutting‑edge tools and techniques to address some of the most relevant and pressing security challenges in the world.
Your Key Responsibilities
Develop privilege and secret access management controls for CyberArk, BeyondTrust, HashiCorp, and Delinea solutions.
Oversee the design and implementation of the privileged access and secret management solution.
Assist with privilege and secret management requirement gathering and define the use cases at the enterprise level.
Configure and optimize discovery tools for privilege accounts, services, SSH keys, and tasks (CyberArk, HashiCorp, Delinea, BeyondTrust), including auto‑detection and auto‑onboarding.
Manage onboarding of target systems such as Windows, Linux, Unix accounts, databases (Oracle, MS SQL, Redis cache) and integration of DevOps solutions such as Ansible, Puppet, Jenkins, Kubernetes, OpenShift, GitHub, GitLab, Docker, Ansible platforms.
Knowledge of modern cloud vaults such as AWS Secrets Manager and Azure Key Vault.
Define and implement vaulting, rotation, and heartbeat policies for human and non‑human identities; enable SSH key and password rotation, check‑out/check‑in, dual control, and break‑glass.
Participate in the self‑service design and implementation of the privilege or secrets life‑cycle management using enterprise identity governance solutions (creation, management, certification, deletion).
Develop and establish governance processes for non‑human identity management.
Develop policies for endpoint management solutions including Windows workstations, MacOS, Linux and Unix servers.
Skills And Attributes For Success
Proven experience in integrating, deploying, and configuring PAM and Secret management technologies, with a strong focus on CyberArk and familiarity with other IAM solutions such as Saviynt, SailPoint, Entra.
In-depth knowledge of privilege access management frameworks and the ability to guide their integration into existing applications.
Practical expertise in developing CyberArk technology tech stack, HashiCorp Vault, BeyondTrust and Delinea.
Proficiency in implementing, managing, and maintaining enterprise‑level privilege access management and secret management tools.
Solid understanding of enterprise directory services such as Active Directory, Azure AD, LDAP, and experience implementing MFA and SSO solutions.
Strong problem‑solving and analytical skills, with the ability to translate business requirements into technical specifications and execute deliveries effectively.
A track record of delivering high‑quality client services and work products within expected timeframes.
Excellent documentation skills, including creation of procedures, process documentation, and user documentation related to IAM applications.
To qualify for the role you must have
A bachelor’s degree in a related field and approximately 8 years of related work experience; or a graduate degree and approximately 3 years of related work experience.
Experience with PAM architecture and development within CyberArk, HashiCorp, or other PAM solutions.
Well‑versed and hands‑on experience with CyberArk Conjur and HashiCorp Vault usage and functionality.
A valid driver’s license in the US and/or a valid passport are required; willingness and ability to travel.
Ideally, you’d also have
Professional certifications in Identity & Access Management, such as CISSP, CISM, or specific vendor certifications like CyberArk CDE, HashiVault Certified Implementation Engineer.
Familiarity with additional IAM technologies and tools, including SailPoint, ForgeRock, Ping Identity, RSA, etc.
Knowledge of cloud‑based IAM solutions and experience working with cloud platforms such as AWS, Azure, or Google Cloud.
Understanding of regulatory compliance frameworks and industry standards related to IAM, such as GDPR, HIPAA, NIST, ISO 27001.
Prior experience in providing PAM services to clients from various industries, demonstrating versatility and adaptability.
Strong interpersonal and communication skills, with the ability to collaborate effectively with clients and cross‑functional teams.
What We Look For We’re interested in intellectually curious people with a genuine passion for cyber security. With your broad exposure across IAM, we’ll turn to you to speak up with innovative new ideas that could make a lasting difference not only for us, but also for the industry at large. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you.
What We Offer You
We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $106,800 to $194,800. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $128,000 to $221,500. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options.
Join us in our team‑led and leader‑enabled hybrid model. Our expectation is that most people in external, client‑serving roles will work together in person 40‑60% of the time over the course of an engagement, project or year.
Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well‑being.
Seniorities and Job Details Seniority level: Mid‑Senior level
Employment type: Full‑time
Job function: Information Technology
Industries: Professional Services
Are you ready to shape your future with confidence? Apply today. EY accepts applications for this position on an ongoing basis.
For those living in California, please click here for additional information.
EY focuses on high‑ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities.
EY | Building a better working world
EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets.
Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow.
EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi‑disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.
EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law.
EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY’s Talent Shared Services Team (TSS) or email the TSS at ssc.customersupport@ey.com.
#J-18808-Ljbffr