Privileged Access Management (PAM) Lead Engineer
As the Privileged Access Management (PAM) Lead Engineer, you will be responsible for the overall strategy, planning, development & support of TransUnion’s PAM solution and its associated processes. You will provide overall implementation and direction into the IAM and Privileged Access Management (PAM) functions across the organization, including federation, privileged access management, authentication & authorization, security and provisioning identity data. The Lead PAM Engineer will work closely with Cyber Security, service desk, systems engineering, network security, audit, application developers and other administrators in creating functional, scalable and secure PAM operations as well as the design and development of new business applications. They will also be responsible for identifying, evaluating and participating in decision making around new and emerging IAM/PAM technologies and will support other areas of Information Security as needed.
Lead IAM engineering strategy and execution, set the direction for engineering efforts, drive technology selection (Including bus vs build decision) and act as the functional technical leader during implementation.
.Work with PAM technical team to implement and automate processes.
Provide guidance on Privileged Access Management.
Establish PAM Security Strategy including provisioning, password management and access policies, SSH key management, API key management and reporting.
Design, configure, and maintain PAM solutions for Linux and Windows tools.
Integrate PAM solution with various technologies.
Provide security consultation on internal projects focusing on business needs, security’s role in change management, and how data is transmitted internally and externally.
Evaluate and monitor project efforts, timelines, and task management.
Lead the engineering team, establish a strong engineering culture, and mentor and coach junior engineers.
7+ years' Information Security experience with at least 3 of those years focused on Privileged Access Management.
Strong understanding on Identity and privileged constructs within Cloud environments
An understanding and demonstrated use of DevOps tools (Bit bucket, Jenkins,Jules, Automated deployment tools) with CICD capabilities.
Automation experience with Ansible play books and programming languages like Java, Perl, Python or Powershell scripting.
Experience in designing and implementing PAM solutions such as (BeyondTrust, CyberArk, Lieberman, CA/Xceedium) for enterprise organizations.
Experience with password safe tools such as BeyondTrust Password safe and Powerbroker for both Windows and Linux environments.
Experience with databases, LDAP and directory services, application servers, operating systems and network infrastructure.
Hands-on Java, Pearl, C# programming experience.
Strong communication skills.
Strong understanding of Identity Lifecycle in regard to privileged accounts and how people use accounts.
Demonstrate an advanced understanding of troubleshooting and configuring Privileged applications, Privileged ID Management, and API integrations.
Additional Requirements:
Degree in Computer Science or another related field
Experience architecting IAM/PAM solutions within Microsoft Azure, Amazon Web Services (AWS) and, preferably, other cloud providers.
Experience with administration or implementation in AWS public cloud and on-prem private cloud technologies.
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, veteran status, marital status, citizenship status, sexual orientation, gender identity or any other characteristic protected by law.