IAM Privileged Access Mgmt. Engineer (Active Directory / CLOUD)
Bank of America
IAM Privileged Access Mgmt. Engineer (Active Directory / CLOUD)
Denver, Colorado;Washington, District of Columbia; Chicago, Illinois
**Job Description:**
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.
One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.
Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.
Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!
**Position Summary**
Global Information Security (GIS) is responsible for protecting bank information systems, confidential and proprietary data, and customer information. GIS develops the bank’s Information Security strategy and policy, manages the Information Security program, identifies and addresses vulnerabilities and operates a global security operations center that monitors, detects and responds to cybersecurity incidents. Within GIS, Identity and Access Management (IAM) is a security discipline that enables the right individuals to access the right resources at the right times and in the right context. IAM addresses the mission-critical need to ensure appropriate access to the resources across increasingly heterogeneous technology environments, and to meet increasingly rigorous compliance requirements.
**Role Description:**
+ This role is primarily responsible for ensuring that relevant Privileged Access Management and Active Directory Security Controls are adequately enforced across platforms and assets to comply with IAM Standards.
+ The key focus is on identifying and addressing security gaps, improving governance, and mitigating risk related to privileged accounts within Active Directory environments.
+ Partner with PAM Governance leads to ensure that Privileged Access Management and Active Directory Security Controls are appropriately measured, reported, and governed.
+ Collaborate closely with Active Directory and other cross-functional teams to enforce security best practices, addressing vulnerabilities, misconfigurations, and ensuring privileged assets are protected.
+ Identify proactively Active Directory weaknesses with risk measures and take preventative actions.
+ Report on both existing and emerging risks related to Active Directory and Privileged Access Management and provide transparent and data-driven insights.
+ Support the resolution of assessment issues related to Active Directory and Privileged Access Assets security, ensuring controls are sustainable and compliant with regulatory requirements.
+ Apply industry best practices in Active Directory and PAM security and propose improvements based on analysis and observed gaps.
**Required Qualifications:**
+ 7 years relevant hands-on experience Active Directory and Privileged Access Management security.
+ Expert level knowledge with managing privileged access in large and complex hybrid environments.
+ In Depth knowledge of authentication services, LDAP, Kerberos, OAuth, SAML.
+ Expert level knowledge of authentication platforms and hands on experience with Active Directory Assets, Functions, ACL, DACL, SACL and ACEs.
+ **Deep knowledge and understanding of Cloud security best practices, securing cloud environments like AWS, Microsoft Entra ID, managing IAM policies and ensuring compliance with cloud security frameworks and standards.**
+ Experience in cybersecurity attack techniques and vectors, such as privilege escalation, pass-the-ticket/hash attacks, lateral movement techniques within Active Directory environments.
+ In Depth knowledge of preventative and detective controls, tools, and strategies to safeguard privileged accounts.
+ Deep security knowledge which covers core technology infrastructure (network, storage, servers, databases, etc.) identity management and application security practice.
+ Good knowledge and understanding of PAM-specific laws, rules, and regulations within the financial services sector.
+ Proficient in Microsoft Office suite of products with ability to quickly analyze and synthesize large volumes of data.
+ Familiarity with security standards such as NIST, ISO/EC, FFIEC.
+ Working level experience with bank financial practices and policies and ability to adapt to fast changing environment.
**Desired Qualifications:**
+ Serve as the Subject Matter Experts in advising BAC business and technology counterparts on effective ways to achieve or exceed compliance with applicable Policy, Standards, Procedures and Guides.
+ Proficient in articulating facts and data-driven plans and to partner with stakeholders to implement intended solutions to drive risk reductions and adherence to PAM standards.
+ Strong attention to detail and advanced analytical skills.
+ Excellent communication and presentation skills. Able to effectively prioritize multiple tasks.
+ Proven track record in delivering outcomes that result in sustainable risk reductions in PAM.
+ Ability to work independently on initiatives with little oversight. Motivated and willing to learn.
+ Confident and effective in delivering messages across a wide spectrum of individuals with varying degrees of technical and business understanding.
This job will be open and accepting applications for a minimum of seven days from the date it was posted
**Shift:**
1st shift (United States of America)
**Hours Per Week:**
40
Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity and affirmative action, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.
To view the "EEO is the Law" poster, CLICK HERE (https://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf) .
To view the "EEO is the Law" Supplement, CLICK HERE (https://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP\_EEO\_Supplement\_Final\_JRF\_QA\_508c.pdf) .
View the LA County Fair Chance Ordinance (https://dcba.lacounty.gov/wp-content/uploads/2024/08/FCOE-Official-Notice-Eng-Final-8.30.2024.pdf) .
Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy (“Policy”) establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment.
To view Bank of America’s Drug-free Workplace and Alcohol Policy, CLICK HERE .
This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.
Confirm your E-mail: Send Email
All Jobs from Bank of America