Privileged Access Management Governance Analyst, Assistant Vice President

Job Title: PAM Governance Analyst, AVP

About Opportunity:

Global Cybersecurity (GCS) protects State Street and its clients from the impact of cyber-attacks against systems by understanding the risks these attacks present and mitigating them through a robust, continuously evolving, cybersecurity program and control environment.

Cyber Architecture & Engineering (Cyber A&E) is one of five functions that make up GCS. Cyber A&E designs, architects, deploys, and continually enhances security measures for the protection of State Street’s information related to its assets and customers.

This PAM Governance Analyst will sit in the PAM Governance sub-function in Cyber A&E. This role is responsible for designing and maintaining automated and manual privileged access controls for all aspects of privileged access including non-human accounts and privileged human accounts. Our work requires us to think in terms of risk and design automation and procedures that will mitigate risks and maintain compliance for all PAM standards.

• Take a lead role in designing our new Compliance Platform. Write requirements, including UI requirements, test the data and the platform for completeness and accuracy.
• Test current standards by gathering and reviewing data from various infrastructure systems including Active Directory, Windows, Unix/Linux, Oracle, Sybase, SQL Server, RACF, AWS, Azure, OCI and other Clouds. You will be learning how State Street’s IGA and Cybersecurity systems are integrated and designing controls within that context.
• Writing requirements documents and specifications for systems to enforce automated controls.
• Work closely with application and infrastructure teams to understand their operational models and provide guidance for onboarding their privileged access to CyberArk and/or Hashicorp.
• Respond to lines of defense queries about controls and privileged access management policies and procedures.
• Maintain documentation for privileged access policies and procedures.
• Attend vendor training and customer support events for CyberArk, Hashicorp and other products.
• Prepare manual compliance reports as necessary until full automation is in place.
• Propose and champion modifications to the security standards.
• Assist members of the IT community with questions about policy and standards.
• Design and implement new processes and procedures as needed to enhance security posture and controls.

• Candidates with the following knowledge areas, though not required, are preferred:
• Operating Systems: Windows, Unix, Linux
• Databases: Oracle, Sybase, SQL Server, Databricks, Postgres
• Code and Scripting Languages: SQL, PowerShell, Linux shell scripting, Python and an understanding of operating systems Windows and Linux and accounts management on these systems are preferred.
• Cybersecurity Training: Experience with or knowledge of Identity and Access Management/Privileged Access Management concepts and best practices.

• Candidates should have a BS/BA degree in a technical discipline.
• Candidates must have strong oral and written skills in English and have had exposure to technologies such as Jira, Confluence, Azure, AWS and other Clouds.
• Candidates should have strong skills with Microsoft Office tools such as Excel, MS Word and PowerPoint.
• Candidates should be self-starters, showing initiative without waiting to be asked.
• Candidates should be detail-oriented.
• Candidates should have critical thinking skills and be able to solve problems independently.
• Candidates should be able to work well within a team.

Location:

UK

State Street's Speak Up Line