This role is primarily responsible for ensuring that relevant Privileged Access Controls are enforced across platforms and applications to provide optimal security.
Partner with PAM Governance leads to ensure that Privileged Access Controls are appropriately measured, reported and governed.
Appropriately assess Privileged Access risk when business and technology decisions are made, demonstrating an outstanding risk management mindset and best practices to safeguard BAC’s reputation, its clients, and assets by driving or exceeding compliance with applicable laws, rules, and regulations, adhering to BAC Policy and Standards.
Monitor industry information security and PAM trends and engages peer organizations to refine and enhance BAC’s PAM strategy.
Apply industry PAM best practices, templates, and documentation while also proposing improvements based on practical knowledge.
Provide extensive Active Directory security best practices and consultation to the cross functional teams, ensuring compliance with or exceeding IAM standards, and better protect privileged accounts against cyberattacks.
Develop new PAM requirements and cloud-based security solutions to govern cloud identities, credentials, and access.
Establish and maintain strong partnership with other Global Information Security (GIS) functions, Core Technology Infrastructure (CTI), Cyber Security Technology (CST), Third Party management, Global Compliance and Operations Risk (CGOR), internal Audit, and regulatory agencies.
Influence technology and PAM tools’ owners to build/implement enhanced PAM solutions that are efficient, highly-effective, and modern and able to result in material risk reduction in sustainable manner.
Collaborate with stakeholders to develop PAM requirements that iteratively support long term PAM modernization and transformation (covers Process, Data and Technology aspects).

Requirements

10+ years experience.
Extensive knowledge and understanding of PAM-specific laws, rules, and regulations within the financial services sector.
Expert level knowledge of privileged access management methodologies and techniques for on-prem and Cloud implementation.
Familiarity with security standards such as NIST, ISO/EC, FFIEC, and MITRE ATT&CK framework.
Knowledge of Compliance Certifications such as SOX, SOC, SOC2.
Proficiency in implementing and governing Risk and Role based access security controls.
Extensive experience in managing Active Directory to enforce privileged access controls.
Ability to influence platform and application owners to build more secure processes.
Expert knowledge of PAM related tools which support session proxy, vaulting, just-in-time provision, integration with service management tool would be an advantage.
10 years relevant hands-on experience in PAM with at least of 5 years of management experience.

Benefits

Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.
We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

Privileged Access ManagementActive DirectoryRisk ManagementCloud Security SolutionsAccess Security ControlsPAM MethodologiesSession ProxyVaultingJust-in-Time ProvisioningRole-Based Access Control

Soft Skills

InfluencingCollaborationConsultationPartnership BuildingCommunicationRisk AssessmentStrategic ThinkingProblem SolvingLeadershipStakeholder Engagement

Certifications

SOXSOCSOC2