We are actively looking for an Application IAM-PAM Security Engineer to join our Avery Dennison IT team. In this position the IAM-PAM Engineer is responsible for the security and management of privileged accounts within the organization. This role ensures that privileged access is controlled, monitored, and audited to prevent unauthorized use and potential security breaches. The ideal candidate will be responsible for the design, implementation, maintenance, and support of the CyberArk Privileged Access Management solutions, as well as provide support for Role Management for several applications, which includes PeopleSoft, Oracle EBS, Oracle Fusion, Oracle HCM and others. This role involves collaborating with cross-functional teams to ensure the security and compliance of privileged accounts and access entitlement across our enterprise infrastructure aligning with industry best practices and regulatory requirements.
Job Description - CyberArk support
Integrating various platforms with CyberArk, such as different LDAP providers, OKTA SSO, Windows Servers, UNIX Servers, Databases networking Devices and different applications. Both On-Prem or Cloud;
Interpretation and analysis of corporate security standards and baselines;
Central Policy Manager (CPM) policies management or redistribution;
Perform health check monitoring on all CyberArk severs to ensure consistent availability of system to end user;
Test and certify new product versions, bug fix and provide detailed reports;
Responsible for Privileged User account administration of various Applications, Windows and UNIX accounts using CyberArk components;
Creating and Managing Safes, Platforms and Owners;
Maintain Security tool FAQ and Support Documentation;
Knowledge on CPM and PSM connector customization
Design, deploy, and manage CyberArk solutions to secure privileged accounts and credentials.
Configure and integrate CyberArk with various systems, applications, and platforms.
Monitor, troubleshoot, and resolve issues related to CyberArk infrastructure and services.
Conduct regular assessments and audits of privileged access activities to ensure compliance with security policies and standards.
Develop and maintain documentation, including standard operating procedures and technical guides for CyberArk administration.
Provide training and support to end-users and stakeholders on CyberArk functionalities and best practices.
Job Description - Identity and Access Management - Role Management
Strong understanding of Roles, Entitlement and Access Permission.
Analyze and troubleshoot user’s roles/access entitlements to resolve excessive permission or lack thereof.
Conduct regular assessments and audits of User Access Roles/Entitlements to ensure compliance with security policies and standards
Bachelor's degree or alternate combination of education/experience that results in equivalent job knowledge is required.
6 or more years of experience in any of the following areas: Privileged Access Management, Identity and Access Management, Cyber Security, IT Systems Architecture, IT Systems Administration, Database Administration.
Strong understanding of Privileged Access Management tools (CyberArk). Should be able to work with target system users to create interfaces between CyberArk and target applications, operating systems and servers.
Strong analytical skills to troubleshoot CyberArk related issues collaborating with team members from different support areas.
Experience with Windows/ UNIX platforms in large heterogeneous environment;
Understanding typical Enterprise Change Management processes;
CyberArk Platform certification preferred
Basic understanding of high-availability (HA) and failover implementations for network infrastructure and server systems;
Strong knowledge of PSM connector customization
Extensive experience with digital password vaulting solutions;
Experience with human versus non-human (service) accounts;
Ability to document installation procedures, Standard Operating Procedures (SOP), etc;
Experience of LDAP (server and client), NIS, NIS+, PAM;.
Strong understand of OKTA SSO/SAML
Strong knowledge of relational databases and database table structures.
Ability to read/write SQL (Oracle, MS SQL Server, DB2, etc.)
Strong knowledge of Windows and UNIX systems
Detailed knowledge of application role management and user access. Requires working closely with the Account Management and application process owner and support/development teams.
Detailed knowledge of Peoplesoft, Oracle eBS and Oracle Fusion both functionally and technically.
Strong communication skills
Strong ability to create documentation and provide training as needed
Familiarity with system integration processes
Ability to multitask
Preferred Qualifications
A successful academic or work background demonstrating the ability to absorb information, apply conceptual skills in practical applications, and achieve desired results in a highly technical, operating environment.
Strong analytical and problem-solving background; good project management skills with ability to multitask and manage multiple activities in a cross-functional environment.
Must effectively deal with the rapid technological and business change while maintaining enthusiasm and displaying sound judgment and common sense.
Certifications preferred may include:
CyberArk Platform certification preferred
ISC2 Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA)
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, protected veteran status, or other protected status. EEOE/M/F/Vet/Disabled. All your information will be kept confidential according to EEO guidelines.