Merrick Bank employees share in our mission to delight our customers and empower underserved consumers to achieve their credit goals. In return, we delight our associates; ensuring they are noticed, heard, appreciated and understand the importance of their role(s). For over 20 years, our Guiding Principles of; doing the right thing, putting the customer first, and Earn, Learn, Have Fun (aka E.L.F.), have defined who we are as an Employer of Choice. Give Yourself Credit, Work at Merrick!
Position Summary:
The Priviledged Access Management (PAM) Engineer II will work in the Merrick Bank and CardWorks security team. They will be involved in day-to-day activities focused on privileged access management. Other areas of daily activity include supporting risk-based access control, attribute-based access control, role-based access control, managing lifecycle processes with access modifications and access terminations. They will engage in the support of tools and services within and external to the information security team. The PAM Engineer will design solutions, engineer integrations, set-up processes, provide reporting, instruct other teams on said processes and integrations and manage tools and data.
They implement, operate, monitor, and improve information security processes and systems that protect the Companies data, customers, and computer systems from business disruption, data/identity compromise, cyber fraud, and regulatory criticism.
Essential Functions:
- Utilize information security tools and develop processes related to PAM.
- Perform identity and access tasks based on daily process and or procedure.
- Participate in identity and access planning, design and feedback.
- Support application integrations with IAM suite of applications and tools.
- Create APIs where necessary to automate lifecycle management.
- Investigate, troubleshoot and fix issues and errors generated by IAM tools.
- Use a variety of tools to monitor tool operations, outages, errors, data integrity, etc.
- Work with others to assist with gathering information during penetration testing, incident handling/digital forensics, identity theft, and other types of identity or access concerns.
- Assist and/or Implement tools, processes, and communications that support information security initiatives.
- Participate in tactical projects as they arise to clarify and respond to identified security risks across different technical domains.
- Collaborate with engineers to implement standardized practices and follow routine processes to promote secure systems and proper visibility.
- Assists in the development of security policies and procedures.
- Provide metrics and reporting.
- Work on user access recertifications as needed.
Education and Experience:
- 3+ years of work experience in IAM, cybersecurity engineering, and IAM tools.
- Bachelor’s degree in computer or cybersecurity-related studies, or equivalent broad experience required, five (5) years of related and equivalent experience accepted in lieu of education requirement.
- CISSP, CCSK, CompTIA Cloud+, GCSA, CCSP, AWS Security Certification, CIST, CIAM, CIMP, CAMS or other recognized certifications are also desirable
- Experience as a security or IT system administrator preferred, including day-to-day operations, troubleshooting, access administration, updating/patching, etc.
- Familiarity highly-regulated industries, and specifically the banking industry (including PCI, SOX, and FDIC regulations) is desirable.
Summary of Qualifications:
- Ability to support integrations into Delinea and other PAM solutions.
- Ability to work with Enterprise Password Vaults.
- Ability to analyze, interpret and correct data inconsistencies, errors, gaps, and inaccuracies for impact.
- Strong understanding of IAM principles including details for joiner, mover, leaver operations.
- Strong understanding of workflows from systems of record through many different layers of IAM to application use.
- Strong understanding of Azure AD/EntraID including lifecycle management for all account types.
- Strong knowledge of AWS.
- Knowledge of client-server applications, multi-tier web applications, relational databases, and cloud IAM and security tools.
- Strong understanding of SSO, oauth, OpenID and SAML.