Cyber Managed Services - Identity Access Management SDC PAM -Senior

Location:

Anywhere in Country

At EY, we’re all in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world.

In an ever-evolving IT landscape, EY stands as a beacon of trust for clients across diverse industries seeking reliable solutions to address their intricate risks and vulnerabilities. As a vital member of our Identity and Access Management (IAM) team, you will play a central role in achieving this objective by empowering clients to comprehend and navigate their complex Enterprise Identity environments.

Your expertise will be instrumental in evaluating, enhancing, and devising innovative solutions, processes, and policies to cater to each client s unique IAM requirements. This is an opportunity to leverage both your technical prowess and business acumen to drive our mission and make a significant impact on global cybersecurity.

EY Cyber Managed Services within the Service Delivery Center (SDC) provides 24x7 operational support to help clients manage and reduce privileged access risks across complex enterprise environments. As a PAM Operations Specialist, you will be responsible for the day-to-day operation, monitoring, and continuous improvement of Privileged Access Management platforms, ensuring stability, security, and compliance with client and EY standards.

This role is delivery-focused and operations-centric, supporting global clients by managing privileged identities, enforcing access controls, and responding to incidents in a structured environment.

The PAM Operations role is responsible for operating, administering, monitoring, and supporting enterprise PAM solutions across production environments. The role works closely with L2/L3 teams, engineering, and client stakeholders to ensure PAM services remain resilient, compliant, and aligned with agreed service levels.

• Perform day-to-day administration of PAM platforms (e.g., Cyber Ark PAS, EPM, PSM, AAM), including user onboarding, account lifecycle management, and access provisioning/deprovisioning.
• Monitor PAM infrastructure health, vault availability, password rotation status, and privileged session availability.
• Execute routine operational tasks such as password reconciliations, account discovery validations, and platform housekeeping.

• Enforce privileged access policies, approvals, and segregation-of-duties requirements as defined by client governance models.
• Support privileged access requests, emergency access (break-glass) processes, and time-bound access workflows.
• Validate compliance of privileged accounts across Windows, Unix/Linux, databases, network devices, and cloud platforms.

• Act as L1/L2 support for PAM-related incidents, alerts, and service requests, ensuring resolution within defined SLAs.
• Perform root cause analysis for recurring PAM operational issues and support problem management activities.
• Support planned changes, patching, upgrades, and configuration updates in coordination with engineering teams.

• Review and respond to alerts, logs, and privileged session recordings as part of security monitoring and audit support.
• Generate operational and compliance reports for privileged access usage, password health, and platform KPIs.
• Support internal and external audits by providing evidence, reports, and operational documentation.

• Maintain and update SOPs, runbooks, operational procedures, and knowledge articles for PAM services.
• Identify opportunities to automate repetitive PAM operational tasks and improve service efficiency.
• Contribute to service transition activities for new PAM onboardings into SDC operations.

• Hands-on experience operating PAM solutions, with a strong preference for Cyber Ark (PAS, PSM, EPM), Beyond Trust, Delinea.
• Working knowledge of privileged access concepts, including vaulting, session management, credential rotation, and least…