Privileged Identity & Access Management (IAM) Strategy and Governance Analyst
Company: Disability Solutions
Location: Denver
Posted on: November 2, 2024
Job Description:
Job Description:At Bank of America, we are guided by a common
purpose to help make financial lives better through the power of
every connection. Responsible Growth is how we run our company and
how we deliver for our clients, teammates, communities and
shareholders every day.One of the keys to driving Responsible
Growth is being a great place to work for our teammates around the
world. We're devoted to being a diverse and inclusive workplace for
everyone. We hire individuals with a broad range of backgrounds and
experiences and invest heavily in our teammates and their families
by offering competitive benefits to support their physical,
emotional, and financial well-being.Bank of America believes both
in the importance of working together and offering flexibility to
our employees. We use a multi-faceted approach for flexibility,
depending on the various roles in our organization.Working at Bank
of America will give you a great career with opportunities to
learn, grow and make an impact, along with the power to make a
difference. Join us!Position SummaryGlobal Information Security
(GIS) is responsible for protecting bank information systems,
confidential and proprietary data, and customer information. GIS
develops the bank's Information Security strategy and policy,
manages the Information Security program, identifies and addresses
vulnerabilities and operates a global security operations center
that monitors, detects and responds to cybersecurity incidents.
Within GIS, Identity and Access Management (IAM) is a security
discipline that enables the right individuals to access the right
resources at the right times and in the right context. IAM
addresses the mission-critical need to ensure appropriate access to
the resources across increasingly heterogeneous technology
environments, and to meet increasingly rigorous compliance
requirementsRole Description:
- This role is primarily responsible for ensuring that relevant
Privileged Access Controls are adequately enforced across platforms
and applications to comply with IAM Standard.
- Partner with PAM Governance leads to ensure that Privileged
Access Controls are appropriately measured, reported and
governed.
- Apply industry PAM best practices, templates, and documentation
while also proposing improvements based on practical
knowledge.
- Document and convey PAM related requirements to technology
partners to build/implement enhanced PAM solutions that are
efficient, effective, and modern and able to result in material
risk reduction in sustainable manner.
- Collaborate with stakeholders to develop PAM requirements that
iteratively support long term PAM modernization and transformation
(covers Process, Data and Technology aspects).
- Provide education to team members and technology partners
regarding the proposed changes to PAM controls.
- Partners with the policy governance team for socialization and
publication of proposed changes to the PAM Standard
- Takes accountability for addressing PAM risks. Proactively
identify risk and ways to continuously enhance and improve BAC's
PAM controls. Implement and take decisive actions in finding
solutions. Drives towards intended outcomes.
- Engage senior management to provide factual, transparent, and
timely reporting on existing and emerging PAM or information
security risks.
- Active participation in GIS IAM/PAM forums including but not
limited to Monthly IAM Stakeholder Forum and Control Owner Forum
for standard and Single Process Inventory (SPI) enhancements.
- Supports audit issues for closure and sustainabilityRequired
Qualifications:
- 7 years relevant hands-on experience in PAM in complex and
heterogenous technology environment.
- Deep experience with Linux, Windows, Cloud scale Identity,
Access Management (Single Sign-On, Multi Factor Authentication),
Authorization services or design and architecture of PAM
services
- Deep knowledge of bank financial practices and policies and
ability to adapt to fast changing environment
- Working level experience with IAM platforms such as Ping
Identity, Active Directory OpenLDAP, OpenDJ
- Expertise:
- Expert level knowledge of privileged access management
methodologies and techniques for on-prem and Cloud
implementation.
- Expert level knowledge of authentication platforms such as
Active Directory, LDAP, Kerberos, LDAP, Radius.
- Expert knowledge of PAM related tools which support session
proxy, vaulting, just-in-time provision, integration with service
management tool would be an advantage.
- Deep security knowledge which covers core technology
infrastructure (network, storage, servers, databases, etc.)
identity management and application security practice.
- Deep knowledge on Federation platforms or protocols such as
Oauth, OpenID, SAML, WS-Fed, etc.
- Good knowledge and understanding of PAM-specific laws, rules,
and regulations within the financial services sector.
- Proficient in Microsoft Office suite of products with ability
to quickly analyze and synthesize large volumes of data.
- Familiarity with security standards such as NIST, ISO/EC,
FFIEC.
- Serve as the Subject Matter Experts in advising BAC business
and technology counterparts on effective ways to achieve or exceed
compliance with applicable Policy, Standards, Procedures and
Guides.
- Proficient in articulating facts and data-driven plans and to
partner with stakeholders to implement intended solutions to drive
risk reductions and adherence to PAM standards.
- Strong attention to detail and advanced analytical skills.
- Excellent communication and presentation skills. Able to
effectively prioritize multiple tasks.
- Proven track record in delivering outcomes that result in
sustainable risk reductions in PAM.
- Ability to work independently on initiatives with little
oversight. Motivated and willing to learn.
- Confident and effective in delivering messages across a wide
spectrum of individuals with varying degrees of technical and
business understandingDesired Qualifications:
- Understanding and interpreting BAC's established information
security Policy, Standards, Procedure and Guides, and applying this
knowledge to related PAM decisions and response.
- Possession of CISSP certification would be an advantage.
- Knowledge of Compliance Certifications such as SOX, SOC,
SOC2.This job will be open and accepting applications for a minimum
of seven days from the date it was postedShift:1st shift (United
States of America)Hours Per Week: 40Pay Transparency detailsUS - CO
- Denver - 1144 15th St - Denver Gis (CO9926), US - DC - Washington
- 1800 K St NW - 1800 K Street NW (DC1842)Pay and benefits
informationPay range$76,500.00 - $136,400.00 annualized salary,
offers to be determined based on experience, education and skill
set.Discretionary incentive eligibleThis role is eligible to
participate in the annual discretionary plan. Employees are
eligible for an annual discretionary award based on their overall
individual performance results and behaviors, the performance and
contributions of their line of business and/or group; and the
overall success of the Company.BenefitsThis role is currently
benefits eligible. We provide industry-leading benefits, access to
paid time off, resources and support to our employees so they can
make a genuine impact and contribute to the sustainable growth of
our business and the communities we serve.
Keywords: Disability Solutions, Denver , Privileged Identity & Access Management (IAM) Strategy and Governance Analyst, Professions , Denver, Colorado
Didn't find what you're looking for? Search again!
Loading more jobs...