Network Security Architect/Analyst (Privileged Access Management (PAM)

Network Security Architect/Analyst (Privileged Access Management (PAM), 10+ years

Hybrid (3 days onsite)

Work Location: 2 Broadway - MTA Headquarters

Desired Start Date: 4/15/2024

Duration: 9 months

Work hours: 40.00

Job Description

Job Description:

This role is specifically tailored for a Privileged Access Management (PAM) Specialist with deep expertise in BeyondTrust solutions, including BeyondTrust Endpoint Privilege Management (BT EPM), as well as a strong foundation in account security and red teaming tactics. The primary responsibility of this position is to lead and support the development, implementation, and management of PAM strategies and frameworks across the enterprise, ensuring the secure operation of BeyondTrust platforms and the safeguarding of privileged accounts. The candidate must demonstrate:

• Profound knowledge and hands-on experience with BeyondTrust's PAM solutions, especially BeyondTrust Endpoint Privilege Management (BT EPM).
• Expertise in designing and implementing PAM policies, procedures, and standards to protect privileged accounts and reduce the attack surface.
• Experience in conducting vulnerability analyses and security assessments, particularly related to privileged account usage, to identify and mitigate potential risks.
• Familiarity with the principles of red teaming, including the ability to simulate advanced persistent threats (APTs) and insider threats to test the resilience of PAM controls and processes.
• Strong technical background in network and system security technologies, with the ability to design, implement, and manage security solutions that integrate seamlessly with BeyondTrust platforms.
• Excellent analytical skills for evaluating security requirements and translating them into effective security controls and measures.
  
  

Responsibilities Include

• Leading the PAM program, focusing on the secure management of privileged access through BeyondTrust solutions.
• Assessing security requirements by analyzing business strategies and requirements; researching information security standards; performing system security and vulnerability analyses specific to privileged access; identifying integration issues; and preparing cost estimates.
• Planning and implementing PAM solutions by developing requirements for privileged access security; designing and deploying BeyondTrust EPM configurations; ensuring compliance with industry standards.
• Executing security system enhancements by monitoring the PAM environment; evaluating and implementing upgrades and improvements to BeyondTrust solutions.
• Preparing system security reports by collecting, analyzing, and summarizing data and trends related to privileged access management.
• Staying informed of emerging PAM practices, technologies, and standards through continuous education, reading professional publications, and participating in professional organizations.
• Conduct account cleanup by methodically reviewing access tickets and assessing associated risks to ensure robust security postures; leverage expertise in BeyondTrust Privilege Management and red teaming tactics to identify and mitigate vulnerabilities, streamlining account security protocols.
• Must possess extensive experience with Active Directory and Azure Identity services, demonstrating a strong understanding of directory services, identity management solutions, and cloud-based identity integration to maintain secure and efficient user access and authentication processes.
  
  

The ideal candidate should have previous experience in a lead or managerial role, with a proven track record of effectively securing privileged access in complex environments.

Skills And Information

VMWare Security

Infrastructure Security

Active Directory Hardening and Architecture Security

BeyondTrust PAM / EPM

Infrastructure Platforms (PC, Client/Server. Mainframe) 4 - 6 Years

VMware 4 - 6 Years

IT Security Administration 4 - 6 Years

Microsoft Active Directory 4 - 6 Years

Team Lead 4 - 6 Years