Management Engineer jobs in United States, Massachusetts, Boston
Bank Of America Identity Access Management IAM Security Administration Speci... United States, Massachusetts, Boston
Share
This job is responsible for developing and supporting enterprise-wide information security policies, procedures, and standards. Key responsibilities include applying knowledge of laws, rules, regulations, and information security concepts (e.g., NIST, COBIT, ISO) to establish and maintain policies, validate alignment of processes and controls to requirements, and report on adherence to policy requirements. Job expectations include using data analytics and partnering with internal teams to verify policy compliance, identify gaps in coverage, and support remediation activities.
LOB Overview:
Global Information Security (GIS) is responsible for protecting bank information systems, confidential and proprietary data, and customer information. GIS develops the bank’s Information Security strategy and policy, manages the Information Security program, identifies, and addresses vulnerabilities and operates global security operations centers that monitor, detect, and respond to cybersecurity incidents. Within GIS, Identity and Access Management (IAM) is a security discipline that enables the right individuals to access the right resources at the right times and in the right context. IAM addresses the mission-critical need to ensure appropriate access to the resources across increasingly heterogeneous technology environments, and to meet increasingly rigorous compliance requirements.
Responsibilities:
Support the implementation and ongoing management of access provisioning solutions across enterprise platforms, ensuring alignment with security policies and regulatory requirements.
Apply working knowledge of Active Directory , Microsoft Azure, Amazon Web Services (AWS), and Mainframe , Oracle and SQL databases , file systems , and enterprise storage , with a focus on enforcing least privileged access .
Assist in maintaining access control policies , group structures , and role-based access models to support scalable and secure provisioning.
Collaborate with application owners and infrastructure teams to implement access requirements for new and existing systems.
Participate in automation initiatives to streamline provisioning and de-provisioning workflows , integrating with identity governance platforms and HR systems and IAM controls.
Conduct periodic access reviews , entitlement audits , and certification campaigns to ensure compliance and identify access anomalies.
Investigate and remediate access-related incidents, working closely with cybersecurity and risk teams to address vulnerabilities and improve controls.
Stay current with emerging IAM technologies, regulatory changes, and industry best practices to continuously enhance the access provisioning program.
Prepare metrics, reports, and recommendations to senior leadership and audit teams regarding access provisioning effectiveness and risk posture.
Required Qualifications:
3-5+ years experience in Identity and Access Management, with a focus on access provisioning across enterprise environments.
Working knowledge of Active Directory , Microsoft Azure AWS, Mainframe , Oracle Database , SQL Server , Windows and Unix file systems , and enterprise storage platforms .
Understanding of IAM governance frameworks , platforms ( e.g., SailPoint, Saviynt ) role-based access control (RBAC) , group policy management , and privileged access management (PAM) tools, CyberArk, Hashi Corp and Beyond Trust.
Experience with automated provisioning/de-provisioning workflows , including integration with HR systems to demonstrate proficiency in scripting and automation (e.g., PowerShell, Python) to support scalable access provisioning and audit processes.
Familiarity with cloud infrastructure security and access controls in hybrid environments, particularly within Microsoft Azure AWS and Oracle Cloud .
Ability to conduct access reviews , entitlement audits , and risk assessments to identify and remediate access-related vulnerabilities.
Excellent analytical, problem-solving, and communication skills, with the ability to collaborate across technical and business teams.
These jobs might be a good fit
Bank Of America Sr Network Security Engineer Cloud exp required United States, Massachusetts, Boston
Share
Job Description:
We are seeking a skilled and motivated Network Security Engineer to join our GIS Core Engineering team. The Network Security Engineer is a key individual contributor that has accountability for researching, designing, engineering, implementing, and supporting network security solutions. You will utilize in-depth technical knowledge and business requirements to help design and implement a secure solution to meet customer / client needs while protecting the Bank's assets. Develops and implements security standards, procedures, and guidelines for multiple platforms and diverse environment. Exercises judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results.
It is imperative that you have a solid knowledge of network security domains such as DDoS, Segmentation, Network Access, Web Content Inspection, Perimeter Defense, and Network monitoring. You will regularly collaborate with experts both in country and in other regions, so excellent communication skills are very important. If you are seeking a demanding role within Global Information Security (GIS) and have the required skills, this will be a great opportunity for you. Typically, applicants should have 5 to 7 years of cybersecurity or engineering experience.
Key Responsibilities:
Serves as a subject matter expert for one or more engineering initiatives and is the point of contact for clients
Contributes to defining and ensuring security requirements are met based on BofA standards and Policies.
Incorporates basic architecture components including threat-models, diagrams, and technological requirements for in solution development.
Understands and utilizes basic network, virtualization, and datacenter technologies for deployment strategies.
Leads the delivery of the major engineering milestones and acts as the critical decision maker with regards to technical design and implementation
Documents and communicates required information for deployment, maintenance, support, and business functionality.
Adheres to team delivery/release process and cadence pertaining to solution deployment and release.
Identifies and raises risks or potential vulnerabilities at all stages of the security-engineering process
Works closely with a diverse set of stakeholders with varying priorities to debate and negotiate paths forward
Navigates and works effectively across a complex, geographically dispersed organization
Required Qualifications:
· Strong fundamental understanding of information security principles, risks, and controls and of cyber security operations functions.
· Knowledge of how Web Based internet facing applications are deployed and set up and experience architecting complex enterprise cybersecurity solutions for data in transit across web, email and b2b environments. Including technology that provides proxy control, malware inspection, SSL termination, and Data Loss Prevention (DLP).
· Understanding of how Content Delivery Networks (CDNs) work, how they are designed to provide application services, and how they are used to mitigate network security threats.
· Detailed knowledge of Network Security solutions such as DDOS mitigations techniques, WAF, etc.
· Knowledge Solid experience with designing, evaluating, and deploying network security solutions for outbound, inbound, and lateral network traffic. Experience engineering web content inspection solutions using tools such as Skyhigh Web gateway, Trellix (Fireeye), and F5 LTM/APM/SSLO.
· Experience deploying proxies in the cloud (AWS) and experience with SASE platforms
· Experience coordinating delivery of project/changes milestones, ensures projects stay on target, escalating and identifying roadblocks.
· Ability to quickly diagnose the problem areas and come up with solutions and/or workarounds
· Ability to translate business needs into requirements and experience understand analyzing the technical feasibility and design against the requirements.
Effective communication skills and must be comfortable in delivering messages across a wide spectrum of individuals having varying degrees of technical understanding.
· Ability to work independently on various initiatives with little oversight.
· Strong analytical skills/problem solving/conceptual thinking.
· Motivated and willing to learn.
Desired Qualifications
· Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience).
· Experience deploying security solutions in virtual environments such as VMWare, AWS, Azure
· Experience integrating network security solutions with IAAS, PAAS and SAAS components such as Zscaler, O365, etc.
· Experience deploying security solutions in email environments.
· Experience with Data Governance, Model Risk Management and Application Management.
· Ability to work with Technical and Non-Technical business owners.
· Experience in large enterprise environments.
· Assist with internal efficiencies projects and development.
· Familiarity with industry standard endpoint tools.
· Relevant certifications: CCNA, CCNP, CISSP, or CEH.
This job will be open and accepting applications for a minimum of seven days from the date it was posted.
These jobs might be a good fit
Bank Of America Identity Access Management IAM Process Analyst Engineer United States, Massachusetts, Boston
Share
LOB Summary:
Global Information Security (GIS) is responsible for protecting bank information systems, confidential and proprietary data, and customer information. GIS develops the bank’s Information Security strategy and policy, manages the Information Security program, identifies, and addresses vulnerabilities and operates global security operations centers that monitor, detect, and respond to cybersecurity incidents. Within GIS, Identity and Access Management (IAM) is a security discipline that enables the right individuals to access the right resources at the right times and in the right context. IAM addresses the mission-critical need to ensure appropriate access to the resources across increasingly heterogeneous technology environments, and to meet increasingly rigorous compliance requirements.
Role Description:
This role will be responsible for designing and implementing modernized processes that optimize Identity and Access Management workflows and cross-functional integration with systems that are deeply interconnected with identity management (i.e. HR, IT, Security). The ideal candidate will possess strong organizational, leadership, and communication skills, with the ability to engage senior leaders and teams across the enterprise. In this role, you will partner with stakeholders in Global Information Security (GIS) and the bank to drive end-to-end identity processes aligned with strategic organizational goals. You will ensure transparency in work activities, alignment with business and technology strategies, and establish governance structures for effective delivery oversight.
Responsibilities include leading end-to-end process reviews with the Identity and Access Management and upstream/downstream teams to identify process gaps and risks. Using data-driven analysis, you will recommend strategic improvements with measurable outcomes. You will also provide thought leadership with respect to identifying inefficiencies, document current and future state processes, and develop user guides and metrics to translate identity insights into to optimal user experience while meeting the bank’s security standards.
Designs, develops, tests, implements, and integrates Identity and Access Management (IAM) processes that support operational transformation of systems and solutions.
Define, document, and build detailed workflows, SOP’s, and documentation that enable automation and scalability.
Establish sustainable long-term plans with clear, proactive, and measurable targets.
Serve as a liaison between Identity and Access Management, Human Resources, aligned IT teams, Compliance, and Operations teams to ensure alignment
Develop processes that incorporate input from senior leadership, stakeholders, and partners to ensure alignment of priorities and actions.
Maintain and enhance strategic planning materials, including deep dives and book of work documentation.
Continuously seek innovative solutions, challenge the status quo, and drive process improvements using data analysis and process modeling techniques.
Identify process gaps and risks and collaborate with partners to develop mitigation plans.
Monitor process performance using metrics and drive continuous improvement initiatives.
Ensure compliance with internal policies and external regulations through robust process design.
Act as a subject matter expert in process engineering and identity system integration.
Champion a culture of continuous improvement by applying Lean and Six Sigma methodologies.
Communicate strategic improvement ideas and lead initiatives aligned with business priorities.
Deliver effective process standardization with a human-centered approach, enabling technology teams to implement optimized solutions.
Organize and communicate information clearly to keep cross-functional stakeholders aligned and informed.
Required Qualifications:
5+ years of experience in process analysis and engineering, business architecture, or identity/access management
Strong understanding of IAM platforms (e.g., Okta, SailPoint, Active Directory, etc.)
Experience integrating identity systems with HR platforms (e.g., Workday, SAP)
Knowledge of regulatory requirements and risk management practices
Formal training/certification in Lean, Six Sigma and/or other process quality methodologies
Experience using Visio or other Business Process Mapping Notation (BPMN) tools
Excellent analytical, communication, and cross-functional collaboration skills.
Desired Qualifications:
Passion for continuous improvement by using your experience and expertise to improve existing processes
Ability to utilize logic & reason to navigate complex problem solving
Ability to navigate complex security technology environments
Experience in financial services or highly regulated industries
Familiarity with cloud-based identity solutions and zero trust architectures
These jobs might be a good fit
Bank Of America Identity Access Management IAM Senior Consultant United States, Massachusetts, Boston
Share
Job Description:
Global Information Security (GIS) is responsible for protecting bank information systems, confidential and proprietary data, and customer information. GIS develops the bank’s Information Security strategy and policy, manages the Information Security program, identifies and addresses vulnerabilities, and operates a global security operations center that monitors, detects, and responds to cybersecurity incidents. Within GIS, Identity and Access Management (IAM) is a security discipline that enables the right individuals to access the right resources at the right times and in the right context. IAM addresses the mission-critical need to ensure appropriate access across increasingly heterogeneous technology environments and to meet increasingly rigorous compliance requirements.
What you can expect in Identity & Access Management:
In today’s highly connected world, managing and securing the identity of users is essential to the safety and success of our workforce. The Identity & Access Management (IAM) team works within Global Information Services (GIS) and in close participation with all other LOB teams as well as second and third line of defense partners. This role is highly visible and requires frequent interaction with senior management and key stakeholders.
The Senior IAM Information Security Controls Lead will analyze, strengthen, and secure the company's IAM systems and overall risk posture for end user, application and privileged access management. The individual in this role will be a leader in the IAM innovation space, working with senior leaders to implement new technologies and frameworks. This role requires collaboration with technology peers to modernize the IAM ecosystem for securing evolving technologies and identities.
The role also applies knowledge of laws, rules, regulations, and information security frameworks (e.g., NIST, COBIT, ISO) to establish and maintain policies, validate alignment of processes and controls to requirements, report on adherence to policy requirements, and maintain governance programs related to IAM Standard controls. Expectations include leveraging data analytics, governance process management, and cross-functional partnerships to verify policy compliance, identify gaps, and support remediation activities.
Responsibilities:
Define and steer IAM standards including designing enterprise appropriate adherence models, and related measures for governance, controls and effectiveness management.
Drive application/platform IAM modernization approach and program for information & data synchronization/management, moving from legacy manual to modernized identity automation solutions, such as connector frameworks.
Collaborate with partner cybersecurity, engineering, and compliance teams to develop and align controls with industry standards, to mitigate known threat vectors, adopt best practice principles and meet regulatory requirements.
Drive optimization & adoption of innovative and transformational strategies including but not limited to tooling integrations with enterprise platforms such as Active Directory, Mainframe and Public Cloud.
Drive requirements, modernization and derisk efforts for processes, controls, systems and platforms, reducing technical debt, improving identity hygiene and supporting continual risk reduction efforts.
Interacting with examiners and partners within control oversight organizations such as Audit, Compliance, Operational Risk, Regulators, and independent assessment organizations to represent IAM.
Manage, liaise with and oversee currency of documentation, governance routines, and QA processes to capture, drive and improve alignment with standards and controls.
Drive access management product and systems requirements for solutions, platforms and application-level integrations.
Influence technology decisions and vendor strategies to support IAM objectives.
Required Qualifications
10+ years of bank and finance industry hands-on experience in Identity Governance & Administration (IGA) or Identity and Access Management (IAM), managing identity lifecycle and enterprise-scale modernization initiatives.
High proficiency and working knowledge of Active Directory, Entra ID (Azure AD), and federated authentication protocols (SAML, OIDC, OAuth2).
Proven experience IAM functionality and tools for Azure, AWS, and Google Cloud and with platforms such as PingIDM, SailPoint, Saviynt, IdentityIQ (IIQ), ForgeRock, Okta, or Oracle IDCS.
Expertise in connector frameworks (e.g., OpenICF), identity workflows, role management, and policy development.
Familiarity with common Information Security and data protection frameworks and standards (i.e., CIS, NIST, MITRE, ITIL, COBIT, HIPAA, GDPR, PCI DSSS, ISO 270001)
Familiarity with Zero Trust architecture, FIDO2, and passwordless authentication concepts.
Proficiency in data analytics and reporting tools (SQL, Tableau, PowerBI) for compliance and risk metrics.
Highly organized and motivated self-starter who can deliver results with minimal direction. Ability to own and deliver on complex initiatives in a high paced, evolving environment.
Excellent problem-solving, documentation, and communication skills with the ability to work effectively across cross-functional teams.
Excellent verbal and written communication skills. Ability to communicate with business leaders, users, and tech-savvy stakeholders and influence outcomes.
These jobs might be a good fit
Red hat Senior Software Engineer United States, Massachusetts, Boston
Share
Job Summary
The Red Hat Ansible Engineering team is seeking a Senior Software Engineer to join us. In this role, you will work as part of a team focused on maintaining, developing, and improving the components of the Ansible Automation Product ecosystem. From capturing requirements, to refining those, aligning with our architects teams on implementation, to deliver on them, you will be on the critical path to delivering impactful new features to our customer base.
What you will do:
Design, implement and maintain production grade software deployed at scale
Contribute to Red Hat strategy’s implementation of mission-critical automation
Help Red Hat Automation Platform maintain its de-facto industry standard automation platform reference
Solve complex problems in the network and infrastructure space; including but not limited to authentication, authorization, performance, distributed systems
What you will bring:
Passion for automation and an excitement to automate all the things
3+ years of experience with a modern programming language, such as python or go
Experience with Containers, Kubernetes, Cloud providers, and REST APIs principles
Experience with industry-standard authentication and authorization protocols
Strong knowledge of infrastructure systems and networks; experience with distributed systems
Strong systems design , analysis and architecture skills
Proven track record of architecting complex features in a multi-component environment
Experience With The Following Is Considered a Plus
Demonstrated knowledge of Red Hat Enterprise Linux (RHEL), including administration and management
Familiarity with ansible and its ecosystem catalog
Demonstrated history of open-source projects contributions
Previous experience leading development of new product functionality from story discovery through to implementation, testing, and deployment.
The salary range for this position is $116,270.00 - $191,840.00. Actual offer will be based on your qualifications.
Pay Transparency
● Comprehensive medical, dental, and vision coverage
● Flexible Spending Account - healthcare and dependent care
● Health Savings Account - high deductible medical plan
● Retirement 401(k) with employer match
● Paid time off and holidays
● Paid parental leave plans for all new parents
● Leave benefits including disability, paid family medical leave, and paid military leave
These jobs might be a good fit
Flywire Senior Full Stack Software Engineer I Payments Platform United States, Massachusetts, Boston
Share
Who we are:
Flywire is a global payments enablement and software company, founded a decade ago to solve high-stakes, high-value payments in education, using modern technology. Today, we’ve digitized payments for more than 3,000 global clients across education, healthcare, travel & B2B, covering more than 240 countries and territories and supporting over 140 currencies. And, we’re just getting started!
With over 950+ global FlyMates, representing more than 40 nationalities, and in 14 offices world-wide, we’re looking for FlyMates to join the next stage of our journey as we continue to grow.
The Opportunity:
We, at Flywire, are looking for an experienced
Senior Full Stack Software Engineer I, Payments Platform, ideally with a background in FinTech. Your primary responsibility will be to build and maintain the platform that supports the money movement of our industry leading payment engine moving hundreds of millions everyday..
You will be joining a team in charge of designing new functionalities and improving the current capabilities to improve speed, cost and scalability of our product. Thus, a commitment to collaborative problem solving, pragmatic design, building quality products and to convey the sensation that the product is the responsibility of all the team is essential. You will be responsible for ensuring high quality code in a team defined timeframe.
Write clean, high quality, testable, secure, maintainable and extendable code
Solve items such as challenging bugs and production issues within the development environment
Work on complex issues where analysis of situations or data requires an in-depth evaluation of variable factors.
Exercise judgment in selecting methods, techniques and evaluation criteria for obtaining results
Understand scalability and performance status and make improvement for scalability
Drive change and improvement in all phases of the development lifecycle
Ensure the best possible performance, quality, and responsiveness of the applications
Contribute to the product vision by collaborating with Product Managers and stakeholders and teams across engineering, product and design.
Work collaboratively with teams across the globe by understanding their needs
Help your fellow developers to continue growing their skills
Here’s What We’re Looking For:
6+ years of experience in application development.
Experience working as a Java developer is required, with Ruby experience highly valued.
Expertise in web services, REST architecture.
Experience in designing, developing and supporting scalable, performant and reliable services and distributed systems
Product oriented mindset
Prior experience with cloud technologies such as AWS, Azure etc.
Understanding of o11y principles and tools
Understanding of relational databases
Strong understanding of object-oriented fundamentals
Great understanding of the other disciplines in the cross functional team: QAs, Product and SREs
Fluent in English, as it is the company’s working language
Experience in FinTech or the payment industry will be appreciated
The ability to deliver high quality code and learn quickly
Outstanding verbal and written communication skills and the ability to collaborate with cross functional teams including product and support
Technologies We Use:
Java and Ruby
React
JavaScript, HTML5, and CSS3
System management: Linux, MySQL, MongoDB, Redis, Sidekiq, AMQP, ElasticSearch,
Cloud platform: AWS
Gitlab
Our Culture:
We are a global company. Our engineering team is distributed across 3 continents and 4 different countries so remote work is allowed!
Our engineering practice is shaped around concepts including Agile, Lean, and Extreme Programming. Each team has a high level of autonomy to organize themselves in the way they consider more appropriate to execute their mission.
We actively engage in knowledge sharing by hosting internal cross-discipline events.
We are active in contributing to open source whenever possible.
We contribute to our local communities by hosting different events, Meetups, etc
What We Offer:
Competitive compensation, including Restricted Stock Units
Employee Stock Purchase Plan (ESPP)
Flying Start - Our immersive Global Induction Program (Meet our Execs & Global Teams)
Work with brilliant people that will keep you on your toes, learn more about their journeys by checking out #InsideFlywire on social media
Dynamic & Global Team (we have been collaborating virtually for years!)
Wellbeing Programs (Mental Health, Wellness, Yoga/Pilates/HIIT Classes) with Global FlyMates
Be a meaningful part in our success - every FlyMate makes an impact
Competitive time off including FlyBetter Days to volunteer in a cause you believe in and Digital Disconnect Days!
Great Talent & Development Programs (Managers Taking Flight – for new or aspiring managers!)
Submit today and get started!
We are excited to get to know you! Throughout our process you can expect to meet with different FlyMates including the Hiring Manager, Peers on the team, the VP of the department, and a skills assessment. Your Talent Acquisition Partner will walk you through the steps and be your “go-to” person for any questions.
Flywire is an equal opportunity employer. With over 40 nationalities across 12 different offices, and diversity and inclusion at the core of our people agenda, we believe our FlyMates are our greatest asset, and we’re excited to watch our unique culture evolve with each new hire.
These jobs might be a good fit
Bank Of America Identity Access management IAM Mainframe Security United States, Massachusetts, Boston
Share
LOB Overview:
Global Information Security (GIS) is responsible for protecting bank information systems, confidential and proprietary data, and customer information. GIS develops the bank’s Information Security strategy and policy, manages the Information Security program, identifies, and addresses vulnerabilities and operates global security operations centers that monitor, detect, and respond to cybersecurity incidents. Within GIS, Identity and Access Management (IAM) is a security discipline that enables the right individuals to access the right resources at the right times and in the right context. IAM addresses the mission-critical need to ensure appropriate access to the resources across increasingly heterogeneous technology environments, and to meet increasingly rigorous compliance requirements.
Role Description:
The Mainframe Security Administration Manager leads a team of analysts responsible for managing secure access to mainframe systems. This role requires a blend of technical acumen in mainframe security mechanisms (RACF, ACF2, Top Secret), strong governance expertise including knowledge of industry standards, and leadership of team members as a key stakeholder within Information Security and the broader IT organization.
Access Control Management
Implement and maintain security administration and access policies using RACF, ACF2, or Top Secret.
Enforce least privilege and role-based access control (RBAC).
Ensure multi-factor authentication for privileged users.
Ensure that privileged access and encryption policies are enforced.
Compliance & Auditing
Align security administration and access controls with regulatory frameworks (SOX, UCAL and PWC applications).
Maintain detailed logs and audit trails for all access request and administrators provisioning activities.
Utilize tools such as Vanguard Resource Administrator (VRA) for forensic analysis and Report Analyzer for reporting.
Security Governance
Monitor for unauthorized access and potential data leakage.
Conduct regular access reviews and security assessments.
Integrate with Identity and Access Management (IAM) systems for centralized governance.
Team Management
Lead and mentor a team of mainframe security analysts.
Ensure team proficiency in RACF, Top Secret, and z/OS environments, including by participating in learning opportunities and communicating with vendors
Promote automation of repetitive provisioning tasks to enhance efficiency.
Oversee ticketing systems integrated with IAM workflows for request tracking, Quality Assurance validation for efficiency and remediation.
Training & Development
Provide ongoing training on evolving security threats and compliance requirements, process changes.
Set Global Information Security goals and encourage professional certifications (e.g., CISSP, Certified RACF and Vanguard Specialist).
Operational Best Practices
Ensure 24/7 monitoring of access provisioning activities.
Establish and maintain incident response protocols for access-related events.
Design scalable provisioning processes to support organizational growth.
Required Qualifications:
10+ years of progressive experience in Identity and Access Management, with a strong focus on access provisioning across enterprise environments.
10+ Years of experience in RACF, ACF2 and zOS systems
Drives Mainframe Modernization and work in close partnership with the CTO Mainframe team to provide SME security leadership.
Deep technical expertise in Mainframe RACF, Vanguard and Microsoft Azure AWS, Databases DB2 and VMSecure and enterprise storage platforms.
Proven ability to design, implement, and manage access provisioning solutions that enforce least privileged access and align with regulatory and internal compliance requirements.
Strong understanding of IAM governance frameworks, platforms (e.g., ForgeRock Single Sign- On SSO, Adaptive Authentication) role-based access control (RBAC), group policy management, and privileged access management (PAM) tools, CyberArk, Hashi Corp and Beyond Trust.
Experience with automated provisioning/de-provisioning workflows, including integration with HR systems to demonstrated proficiency in scripting and automation (e.g., PowerShell, Python) to support scalable access provisioning and audit processes.
Familiarity with cloud infrastructure security and access controls in hybrid environments, particularly within Microsoft Azure AWS and Oracle Cloud.
Ability to conduct access reviews, entitlement audits, and risk assessments to identify and remediate access-related vulnerabilities.
Excellent analytical, problem-solving, and communication skills, with the ability to collaborate across technical and business teams.
Bachelor’s degree in computer science, Information Security, or a related field; advanced degree or certifications (e.g., CISSP, CISM, Microsoft Certified: Identity and Access Administrator Associate) preferred.
BS/BA Engineering degree or equivalent experience
Desired Skills:
Understanding or have experience with agile and lean philosophies.
Strong critical thinking and problem-solving skills with clear communication
Ability to collaborate with different roles to achieve common goals.
Ability to think critically and question the status quo.
Understand how to identify software security vulnerabilities and recognize and communicate their associated impact to the business.
Demonstrate awareness of secure software design principles such as least privilege, defense in depth, or designing secure user interfaces
These jobs might be a good fit
Share
This job is responsible for developing and supporting enterprise-wide information security policies, procedures, and standards. Key responsibilities include applying knowledge of laws, rules, regulations, and information security concepts (e.g., NIST, COBIT, ISO) to establish and maintain policies, validate alignment of processes and controls to requirements, and report on adherence to policy requirements. Job expectations include using data analytics and partnering with internal teams to verify policy compliance, identify gaps in coverage, and support remediation activities.
LOB Overview:
Global Information Security (GIS) is responsible for protecting bank information systems, confidential and proprietary data, and customer information. GIS develops the bank’s Information Security strategy and policy, manages the Information Security program, identifies, and addresses vulnerabilities and operates global security operations centers that monitor, detect, and respond to cybersecurity incidents. Within GIS, Identity and Access Management (IAM) is a security discipline that enables the right individuals to access the right resources at the right times and in the right context. IAM addresses the mission-critical need to ensure appropriate access to the resources across increasingly heterogeneous technology environments, and to meet increasingly rigorous compliance requirements.
Responsibilities:
Support the implementation and ongoing management of access provisioning solutions across enterprise platforms, ensuring alignment with security policies and regulatory requirements.
Apply working knowledge of Active Directory , Microsoft Azure, Amazon Web Services (AWS), and Mainframe , Oracle and SQL databases , file systems , and enterprise storage , with a focus on enforcing least privileged access .
Assist in maintaining access control policies , group structures , and role-based access models to support scalable and secure provisioning.
Collaborate with application owners and infrastructure teams to implement access requirements for new and existing systems.
Participate in automation initiatives to streamline provisioning and de-provisioning workflows , integrating with identity governance platforms and HR systems and IAM controls.
Conduct periodic access reviews , entitlement audits , and certification campaigns to ensure compliance and identify access anomalies.
Investigate and remediate access-related incidents, working closely with cybersecurity and risk teams to address vulnerabilities and improve controls.
Stay current with emerging IAM technologies, regulatory changes, and industry best practices to continuously enhance the access provisioning program.
Prepare metrics, reports, and recommendations to senior leadership and audit teams regarding access provisioning effectiveness and risk posture.
Required Qualifications:
3-5+ years experience in Identity and Access Management, with a focus on access provisioning across enterprise environments.
Working knowledge of Active Directory , Microsoft Azure AWS, Mainframe , Oracle Database , SQL Server , Windows and Unix file systems , and enterprise storage platforms .
Understanding of IAM governance frameworks , platforms ( e.g., SailPoint, Saviynt ) role-based access control (RBAC) , group policy management , and privileged access management (PAM) tools, CyberArk, Hashi Corp and Beyond Trust.
Experience with automated provisioning/de-provisioning workflows , including integration with HR systems to demonstrate proficiency in scripting and automation (e.g., PowerShell, Python) to support scalable access provisioning and audit processes.
Familiarity with cloud infrastructure security and access controls in hybrid environments, particularly within Microsoft Azure AWS and Oracle Cloud .
Ability to conduct access reviews , entitlement audits , and risk assessments to identify and remediate access-related vulnerabilities.
Excellent analytical, problem-solving, and communication skills, with the ability to collaborate across technical and business teams.
These jobs might be a good fit
