Classification: Contract-to-hire
Contract length: 12-months
Position Summary
The PAM Security Engineer is primarily responsible for advanced operational support of large, complex and distributed Identity Access Management (IAM) systems with specific focus on Privileged Access Management (PAM). This person will play as a key stakeholder in design, implementation, and maintenance of our privileged access management system. As a Senior PAM Security Engineer, you will be responsible for configuring and managing PAM solutions, ensuring the secure and controlled access to privileged accounts and systems. You will collaborate with cross-functional teams, including IT administrators, security analysts, and application owners, to implement and enforce PAM policies and procedures. Additionally, you will provide technical support and troubleshooting assistance to ensure the smooth operation of PAM systems.
The technology focus for this role will be on the implementation and support of HCA’s privileged access management infrastructure as well as related tools and technologies with minimal assistance.
This individual will work independently and collaboratively to build and maintain privileged access management solutions that meet organizational needs. They will show high self-motivation and excellent communication, documentation and relationship building skills.
The PAM Security Engineer will work closely with the Information Protection & Security department to implement and maintain HCA’s cybersecurity goals.
Responsibilities
- Configure and administer privileged access management solutions, including password vaults, session recording, multi-factor authentication, and least privilege technologies.
- Collaborate with stakeholders to gather requirements and translate them into technical specifications for PAM implementations.
- Develop and maintain PAM policies, procedures, and documentation for user onboarding, access provisioning, and access recertification.
- Manage changes according to change management policies and processes for supported systems.
- Conduct regular access reviews and audits to ensure compliance with internal policies, industry regulations, and security best practices.
- Investigate and resolve PAM-related incidents, such as password policy violations, access control issues, and system vulnerabilities.
- Assist with the integration of PAM solutions into existing systems and applications, ensuring seamless operation and minimal disruption.
- Develop and generate reports and metrics including alerting and monitoring key performance indicators (KPIs).
- Documents technical requirements by working with business users.
- Monitor and analyze PAM system logs and reports, proactively identifying and addressing any security risks or unusual activities.
- Provide technical expertise and support to IT teams and end-users, troubleshooting and resolving PAM-related issues.
- Collaborate with vendors and external partners to evaluate and implement new PAM technologies and enhancements.
- Stay up to date with emerging PAM trends, tools, and technologies, making recommendations for process improvements and system optimizations.
- Performs other duties as assigned
- Practices and adheres to the “Code of Conduct” philosophy and “Mission and Value Statement.”?
Requirements
- Bachelor's degree Information Systems
- 3+ years of experience in analyst role
- 5+ years of experience in Identity & Access Management and/or Information Technology
- Certifications
- CISSP
- Microsoft Certified: Security, Compliance, and Identity Fundamental
- CISM
- Strong knowledge and understanding of privileged access management principles and practices.
- Experience in configuring and managing PAM solutions, such as password vaults, session recording, and access control systems.
- Familiarity with authentication methods, including multi-factor authentication and single sign-on.
- Advanced Identity & Access Management concepts
- User lifecycle management
- Dependence of major integrated systems
- Fully recognize the business or regulatory drivers behind IAM Role based access controls
- Methods of systems integration – Federation, LDAP, IWA
- Access control standards and best practices
- Understanding of major PAM tools and the services
- Unique identification
- Provisioning / De-provisioning
- Password management
- OAUTH, OPENID Connect, SAML
- Access Management
- Strong authentication
- Multi Factor Authentication
- Strong knowledge of advanced information security concepts
- Data protection
- Cryptography services
- Risk management
- Incident response
- Web application security
- Network security
- Policy and standards
- Data classifications
- Directory services
- Vendor support engagement
- Desktop and productivity tools (Excel)
- Strong communication and collaboration skills, with the ability to work effectively in cross-functional teams and communicate technical concepts to non-technical stakeholders.
- Software development lifecycle and technologies
- Database technologies (SQL Queries)
- Scripting Concepts (Python and PowerShell)
- Network communications
- Route and Switch
- Load Balancing Configuration Concepts
- Detail-oriented and proactive, with a focus on ensuring the security and integrity of privileged accounts and systems.
- Experience with Azure or Google cloud native architectures and Platform Services.
- Soft Skills
- Effectively coordinate activities across groups
- Strong written and verbal communication skills
- Execute limited internal projects and initiatives with little to no oversight
- Support projects and initiatives that span organizational boundaries
- Implement or improve processes affecting multiple groups and/or organizations
- Coordinate activities within group
- Self-Motivated
- Independent worker
- Customer focus – takes ownership of issues and seeing issues through to resolution
- Effective communications
- Critical thinking and problem-solving skills
- Ability to adapt and embrace new ideas, technology and organizational changes.
Job # 1570