Who we are looking for
The Senior Privileged Access Management (PAM) Engineer will work in the corporate information security organization.They will analyze, develop, and build processes and technology, to ensure timely delivery of PAM services. The Senior PAM engineer will be expected to lead in overall design and long term strategy of the Privileged Access and Identity Management program.
What you will be responsible for
As Senior PAM Security Engineer you will
• Deliver the Privileged Access Management (PAM) technologies, including accounts management, secrets management, and software and systems patching.
• Lead projects to develop and deliver new security features and expand coverage to new use cases and achieve cost efficiencies through reduced product sprawl.
• Lead and conduct proof of concepts that validate the quality, efficiency and performance of PAM solutions.
• Contribute to PAM Security Strategy, including provisioning, password management and access policies, SSH key management, API key management, and reporting.
• Design, configure, and maintain PAM solutions for Linux, Unix, Windows, RDBMS, Network, Cloud and other IT systems.
• Integrate the PAM solution with various technologies such as Service Now, VMWare, SailPoint or other top IDM solutions
• Provide security consultation on internal projects focusing on business needs and how data is transmitted internally and externally.
• Authoring and maintaining documentation procedures, inventories, and diagrams for PAM systems and processes.
• Monitors and responds to capacity and performance needs of the PAM infrastructure.
• Provides regular reports to leadership regarding security, capacity, usage, and licensing
• Provide leadership in reducing privileged access and accelerating least privileged access
What we value
These skills will help you succeed in this role
Bachelor's Degree in Information Technology, Computer Science or other related fields. Master's degree preferred
• Industry certifications in cyber or identity security attesting to broad knowledge of security best practices and design.
• 5-8+ years administering and maintaining Privileged Access Management (PAM) solutions, such as CyberArk, BeyondTrust, or Thycotic
• Experience working with SIEM integration (Splunk) and UBA/Threat Analytics.
• Background working in a large IT organization with responsibility for supporting the technology and processes in the Privileged Access Management domain and controls program, preferably in a financial services organization
• Experience with server hardening and advanced designing secure platforms.
• Significant experience administering tier zero identity infrastructure that provides AAA services such as Active Directory, Azure Active Directory, and RSA.
• Experience with Service Life Cycle or Agile Frameworks
• Good verbal and written communication skills
• Advanced research, analytical, and problem-solving skills
• Effective in leading resources to deliver large goals and objectives
• Practical skills presenting findings, conclusions, alternatives, and information clearly and concisely
• Experience in developing automated solutions and processes using PowerShell for Windows and BASH for UNIX/Linux.
• Strong knowledge of how PAM integrates with common resources such as Windows, Linux/UNIX, VMWare, Azure, SQL/Oracle/DB2 database systems, Network appliances, and Mainframe.
Additional requirements
Why this role is important to us
Our technology function, Global Technology Services (GTS), is vital to State Street and is the key enabler for our business to deliver data and insights to our clients. We're driving the company's digital transformation and expanding business capabilities using industry best practices and advanced technologies such as cloud, artificial intelligence and robotics process automation.
We offer a collaborative environment where technology skills and innovation are valued in a global organization. We're looking for top technical talent to join our team and deliver creative technology solutions that help us become an end-to-end, next-generation financial services company.
Join us if you want to grow your technical skills, solve real problems and make your mark on our industry.
About State Street
What we do. State Street is one of the largest custodian banks, asset managers and asset intelligence companies in the world. From technology to product innovation we're making our mark on the financial services industry. For more than two centuries, we've been helping our clients safeguard and steward the investments of millions of people. We provide investment servicing, data & analytics, investment research & trading and investment management to institutional clients.
Work, Live and Grow. We make all efforts to create a great work environment. Our benefits packages are competitive and comprehensive. Details vary in locations, but you may expect generous medical care, insurance and savings plans among other perks. You'll have access to flexible Work Program to help you match your needs. And our wealth of development programs and educational support will help you reach your full potential.
Inclusion, Diversity and Social Responsibility. We truly believe our employees' diverse backgrounds, experiences and perspective are a powerful contributor to creating an inclusive environment where everyone can thrive and reach their maximum potential while adding value to both our organization and our clients. We warmly welcome the candidates of diverse origin, background, ability, age, sexual orientation, gender identity and personality. Another fundamental value at State Street is active engagement with our communities around the world, both as a partner and a leader. You will have tools to help balance your professional and personal life, paid volunteer days, matching gift program and access to employee networks that help you stay connected to what matters to you.
State Street is an equal opportunity and affirmative action employer.
Discover more at StateStreet.com/careers
Salary Range:
$110,000 - $185,000 Annual
The range quoted above applies to the role in the primary location specified. If the candidate would ultimately work outside of the primary location above, the applicable range could differ.