Overview Who we are:
As a global investments company, BNY Mellon can act as a single point of contact for clients looking to create, trade, hold, manage, service, distribute or restructure investments, and safeguards nearly one-fifth of the world's financial assets. Every day, our Technology employees make this happen while also seeking out new ways to do it more efficiently and effectively.
As part of BNY Mellon's global Technology organization, you'll have the opportunity to engage with some of the best and brightest, technology, business, and financial minds to find new and better ways to exceed our clients' expectations and build the future of financial services. With more than 230 years of industry leading experience under our belts, you might even say that we are the original fintech.
At BNY Mellon, cybersecurity is a top priority for both technology and the business. The members of the Information Security Division are on constant alert, using their creativity and knowledge of cybersecurity, technology and business processes to develop and deliver creative solutions. In this fast-paced environment, staff collaborate to respond to current risks, while identifying and anticipating future threats. Our cyber capabilities encompass the full spectrum of services from Cyber Operations (SOC, Cyber Threat Intelligence, Vulnerability Management, Cyber Incident Response, Penetration Testing & Red Teaming, Cyber Analytics & Fraud, and Insider threat) to Cyber Architecture and Engineering (Network, Platform, Cloud, and Applications Security). Together with the CISO and his leadership team, staff provide a robust set of cyber services that provide full scope protection and response capabilities across the BNY Mellon enterprise. We help our businesses, the bank's executive team, and our board of directors understand cybersecurity risk and the steps that must be taken to create and maintain a secure environment that drives innovation. What you will be doing:
- Leadership of Privileged Access Management (PAM) Engineering team, including performance management, capacity planning, and developing and mentoring staff
- The Privileged Access Management (PAM) Principal Engineer will be responsible for end-to-end management for assigned projects related PAM initiatives including project planning, delivery, client interaction, troubleshooting, execution, monitoring, and controls
- The principal engineer will provide technical expertise for the PAM Engineering team, establish and document policies, procedures, and guidelines related to the user and system access
- Identify and implement changes needed in account access management processes, architecture design, and configurations necessary to achieve the technology organization goals
- Formulate and define the system's scope and objectives based on both user needs and a good understanding of the application, business, operational, and/or industry requirements
- Develop, align and maintain the vision, strategy and roadmap for privileged access management, along with industry and tech standards and best practices
- This role will be responsible for preparing for the next stage of transformation for Privileged Access Management, focusing on overall risk reduction, operational efficiency, and usability utilizing automation, data analytics and increased monitoring capabilities
- Grow and retain talent through effective leadership capabilities
- Lead and support the design and build of PAM technical capabilities
- Partner and collaborate with leadership, cross-functional teams, and stakeholders across the enterprise, displaying strong influencing skills to work with various service and product owners
- Provides Subject Matter Expert (SME) support in developing policies and standards for Privileged Access Management
- Develop and track key performance indicators (KPI) that demonstrate the current PAM platform state and any associated risk indicators
- Analyze potential PAM tools and technologies to enhance and improve the processes, procedures, and functions of the security and identity management team
- Understand all PAM functions including but not limited to user entitlement reviews, service account life cycle management, environment hygiene, and conflicting combinations
- Analyze, define, and prioritize the business and functional requirements for PAM initiatives
- Provide governance for the lifecycle and workflow for all enterprise Privileged accounts
- Assist with providing requirements for PAM governance that enforces applicable organization security policies and standards
- Identify control gaps and coordinate resolution
- Identify improvement opportunities in PAM governance to increase operational effectiveness and improving the bank's risk posture
- Assist in the definition of cross platform information security and/or identity management policies and procedures guidelines
- Create and maintain documentation as it relates to PAM platforms, design, configuration, support, and processes
- Performs other related duties and participates in special projects as assigned
- The individual must have a proven track record in delivering identity solutions that are functional, secure, scalable, and reliable
- As a member of a small team in a fast-paced environment, this role will require both strong intellectual agility and hands-on technical skills
- 15 years of experience in information security including IAM and PAM technology
- Demonstrate an understanding of Least privilege and Just In Time concepts
- Extensive knowledge and hands on experience of Hitachi ID (HiPAM) and other PAM systems
- Minimum 12 years' experience as an Identity Engineer or similar role
- Knowledge of LDAP/Active Directory, and relevant IT architecture experience
- Knowledge of relational databases (MS SQL Server, Oracle, etc.)
- Knowledge of Cloud platforms such as: AWS, Azure, GCP
- Familiarity with identity and access management (IAM) concepts, such as identify lifecycle management, password policies, least privilege, Zero Trust, etc.
- Strong understanding with privileged access management controls
- Experience with designing, implementing, and maintaining an enterprise level Identity Access
- Strong interpersonal and communication skills with good stakeholder engagement
For over 230 years, the people of BNY Mellon have been at the forefront of finance, expanding the financial markets while supporting investors throughout the investment lifecycle. BNY Mellon can act as a single point of contact for clients looking to create, trade, hold, manage, service, distribute or restructure investments and safeguards nearly one-fifth of the world's financial assets. BNY Mellon remains one of the safest, most trusted and admired companies. Every day our employees make their mark by helping clients better manage and service their financial assets around the world. Whether providing financial services for institutions, corporations or individual investors, clients count on the people of BNY Mellon across time zones and in 35 countries and more than 100 markets. It's the collective ambition, innovative thinking and exceptionally focused client service paired with a commitment to doing what is right that continues to set us apart. Make your mark: bnymellon.com/careers.
BNY Mellon is an Equal Employment Opportunity/Affirmative Action Employer. Minorities/Females/Individuals With Disabilities/Protected Veterans. Our ambition is to build the best global team - one that is representative and inclusive of the diverse talent, clients and communities we work with and serve - and to empower our team to do their best work. We support wellbeing and a balanced life, and offer a range of family-friendly, inclusive employment policies and employee forums.