PAM Governance Analyst, VP

Overview

Global Cybersecurity (GCS) protects State Street and its clients from the impact of cyber‑attacks against systems by understanding the risks these attacks present and mitigating them through a robust, continuously evolving, cybersecurity program and control environment. Cyber Architecture & Engineering (Cyber A&E) is one of five functions that make up GCS. Cyber A&E designs, architects, deploys, and continually enhances security measures for the protection of State Street’s information related to its assets and customers.

The Infrastructure Access and Privileged Management (IAPM) Governance Vice President plays a critical role in establishing and maintaining the firm’s privileged access governance framework. This position provides enterprise‑wide oversight of privileged access controls, ensuring alignment with internal risk standards, regulatory expectations, and audit requirements. The ideal candidate works closely with technology, security, risk, compliance, and audit partners to ensure privileged access is appropriately designed, governed, measured, and remediated across all platforms and environments.

The role requires strong technical expertise in IAM and PAM solutions, strong critical thinking and problem solving skills and excellent communication skills.

• Lead cross‑departmental teams to design and implement manual and automated controls for all PAM policies.
• Participate in the review and maintenance of privileged access policies and standards.
• Oversee PAM‑related controls, metrics, and key risk indicators, including board‑level and regulatory reporting.
• Develop, maintain, and execute IAM and PAM governance SOPs, ensuring processes are repeatable, defensible, and audit‑ready.
• Serve as a point of contact for audit, risk, and regulatory inquiries related to privileged and elevated access.
• Identify control gaps and emerging risks, drive remediation activities, and track issues to closure.
• Provide expert advisory guidance on privileged access solutions, including firecall access, time‑bound access, and non‑persistent access models.
• Provide privileged access expertise in the shift to AI driven compliance.

• BS/BA degree in a technical discipline.
• Strong oral and written skills in English.
• 12+ years of experience working within a cybersecurity related discipline.
• Strong familiarity with PAM tools and processes.
• Strong skills with Microsoft Office tools such as Excel, MS Word and PowerPoint.
• Self‑starter, showing initiative without waiting to be asked.
• Detail oriented.
• Critical thinking skills and ability to solve problems independently.
• Ability to work well within a team.

• Operating Systems:
  Windows, Unix, Linux.
• Databases:
  Oracle, Sybase, SQL Server.
• Code and Scripting
  
  Languages:
  
  SQL, Power Shell, Linux shell scripting, Python and understanding of operating systems.
• Windows and Linux account management.
• Knowledge of AWS and Azure cloud security.
• Familiarity with Copilot or other AI tools.

Location:

Quincy, MA USA.

Salary Range: $120,000 - $202,500 Annual. The range quoted above applies to the role in the primary location specified. If the candidate would ultimately work outside of the primary location above, the applicable range could differ.

• Retirement savings plan (401K) with company match.
• Insurance coverage including basic life, medical, dental, vision, long‑term disability, and other optional additional coverages.
• Paid‑time off including vacation, sick leave, short term disability, and family care responsibilities.
• Employee Assistance Program.
• Incentive compensation including eligibility for annual performance‑based awards (excluding certain sales roles subject to sales incentive plans).
• Eligibility for certain tax‑advantaged savings plans.

As an Equal Opportunity Employer, we consider all qualified applicants for all positions without regard to race, creed, color, religion, national origin, ancestry, ethnicity, age, disability, genetic information, sex, sexual orientation, gender identity or expression, citizenship, marital status, domestic partnership or civil union status, familial status, military and veteran status, and other characteristics protected by applicable law.

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.