Cyber SDC - Privileged Access Management - Manager

Cyber SDC - Privileged Access Management - Manager – Location OPEN

Join EY as a Cyber Security Design Center (SDC) Manager focused on Privileged Access Management. You will lead the design, engineering, maintenance and troubleshooting of privilege and secret management solutions across EY’s Identity and Access Management (IAM) portfolio.

In an ever‑evolving IT landscape, EY stands as a beacon of trust for clients across diverse industries seeking reliable solutions to address their intricate risks and vulnerabilities.

We’re looking for a manager to design, engineer, maintain and troubleshoot a diverse range of privilege and secret management solutions across the IAM spectrum. Collaborate with esteemed and innovative professionals in the cybersecurity industry to apply cutting‑edge tools and techniques to address critical security challenges.

• Develop privilege and secret access management controls for Cyber Ark, Beyond Trust, Hashi and Delien solutions.
• Oversee the design and implementation of the privileged access and secret management solution.
• Assist with privilege and secret management requirement gathering and define the use cases at the enterprise level.
• Configure and optimize discovery tools for privilege accounts, services, SSH keys, and tasks (Cyber Ark, Hashi Corp, Delinea, Beyond Trust), including auto‑detection and auto‑onboarding.
• Manage onboarding of target systems such as Windows, Linux, and Unix accounts, databases (Oracle, MS SQL, Redis cache) and integration of Dev Ops solutions such as Ansible, Puppet, Jenkins, Kubernetes, Open Shift, Git Hub, Git Lab, Docker, and Ansible platforms.
• Apply knowledge of modern cloud vaults such as AWS Secret Manager and Azure Key Vault.
• Define and implement vaulting, rotation, and heartbeat policies for human and non‑human identities; enable SSH key and password rotation, check‑out/check‑in, dual control, and break‑glass.
• Participate in the self‑service design and implementation of privilege or secrets lifecycle management using enterprise identity governance solutions (creation, management, certification, deletion).
• Develop and establish governance processes for non‑human identity management.
• Develop policies for endpoint management solutions including Windows workstations, macOS, Linux and Unix servers.

• Proven experience integrating, deploying, and configuring PAM and secret management technologies, with a strong focus on Cyber Ark (vault, privilege cloud, secure infrastructure, endpoint access management and Conjur) and familiarity with other IAM solutions such as Saviynt, SailPoint, Entra.
• In‑depth knowledge of privilege access management frameworks and the ability to offer guidance on their integration into existing applications.
• Practical expertise in developing Cyber Ark technology stack, Hashi Corp Vault, Beyond Trust and Delinea experience.
• Proficiency in implementing, managing, and maintaining enterprise‑level privilege access and secret management tools.
• Solid understanding of enterprise directory services such as Active Directory, Azure AD, and LDAP, and experience implementing MFA and SSO solutions.
• Strong problem‑solving and analytical skills, translating business requirements into technical specifications and executing technical deliveries effectively.
• A track record of delivering high‑quality client services and work products within expected time frames.
• Excellent documentation skills, including creation of procedures, process documentation, and user documentation related to IAM applications.

• A bachelor’s degree in a related field and approximately 8 years of related work experience; or a graduate degree and approximately 3 years of related work experience.
• Experience with PAM architecture and development within Cyber Ark, Hashi Corp, or other PAM solutions.
• Well‑versed and hands‑on experience with Cyber Ark Conjur and Hashi Corp Vault usage and functionality.
• A valid driver’s license in the U.S. and/or a valid passport are required; willingness and ability to travel.

• Professional certifications in Identity & Access Management, such as CISSP,…