Job Description YOUR LIFE'S MISSION POSSIBLE You have goals, dreams, hobbies and things you're passionate about. What's Important to You Is Important to Us We're looking for people who not only want to do meaningful, challenging work, keep their skills sharp and move ahead, but who also take time for the things that matter to them-friends, family and passions. And we're looking for team members who are passionate about our mission-making a difference in military members' and their families' lives. Together, we can make it happen. Don't take our word for it. FORTUNE 100 Best Companies to Work ForRegistered ComputerworldRegistered Best Places to Work in IT FORTUNERegistered Best Workplaces for Millennials ForbesRegistered America's Best Employers IND123 Basic Purpose The Privileged Access Management (PAM) Engineer is responsible for the installation, operations, and maintenance of the Navy Federal PAM solution infrastructure. The PAM engineer will analyze, develop, and build processes and technology to ensure timely delivery of PAM services. The PAM engineer will be expected to contribute to overall design and long term strategy of the Privileged Access and Identity Management program. The PAM Engineer will work closely with internal teams such as information security, service desk, systems engineering, network security, audit, application developers, and other administrators in delivering PAM services. This will include managing the life cycle of users in the PAM system, creating and maintaining credentials and secrets, and implementing least privilege storage and delegation of access to secured objects. The PAM engineer will be expected to monitor and ensure the health of the systems providing PAM services. They will also develop and support the automation of PAM services and it's integtration with IT service catalog and other identity systems. Responsibilities bull Operation of the Privileged Access Management (PAM) technologies, including accounts management, secrets management, and software and systems patching. bull Lead projects to develop and deliver new security features and or software currency. bull Work with PAM team to implement and automate processes for administration and integration with external services. bull Contribute to PAM Security Strategy, including provisioning, password management and access policies, SSH key management, API key management, and reporting. bull Design, configure, and maintain PAM solutions for AIX, RHEL, Windows, and Mainframe systems. bull Integrate the PAM solution with various technologies such as Service Now, VMWare, SailPoint or other top IDM solutions bull Provide security consultation on internal projects focusing on business needs and how data is transmitted internally and externally. bull Authoring and maintaining documentation procedures, inventories, and diagrams for PAM systems and processes. bull Monitors and responds to capacity and perofmance needs of the PAM infrastructure. bull Provides regular reports to leadership regarding security, capacity, usage, and licensing bull Provide rotational on-call support for production PAM infrastructure systems and processes. Qualifications bull Bachelor's Degree in Information Technology, Computer Science or other related fields bull Industry certifications in cyber or identity security attesting to broad knowledge of security best practices and design. bull 5-7+ years administering and maintaining Privileged Access Management (PAM) solutions, such as CyberArk, BeyondTrust, Thycotic or Lieberman bull Experience working in large security access system upgradesprojects using the Scaled Agile Framework (SAFe) bull Significant experience working in a large IT organization with responsibility for supporting the technology and processes in the Privileged Access Management domain and controls program, preferably in a financial services organization bull Considerable experience with Identity and Access Management vendors like Microsoft, CyberArk, SailPoint, ServiceNow, RSA, etc. bull Significant experience in working with all levels of staff, management, stakeholders, vendors bull Significant experience administering tier zero identity infrastructure that provides AAA services such as Active Directory, Azure Active Directory, and RSA. bull Advanced knowledge of Service Life Cycle or Agile Frameworks bull Advanced verbal and written communication skills bull Advanced research, analytical, and problem-solving skills bull Effective in producing desired results and achieving goals and objectives bull Practical skill presenting findings, conclusions, alternatives, and information clearly and concisely bull Experience in developing automated solutions and processes using PowerShell for Windows and BASH for UNIXLinux. bull Demonstrates an understanding of how PAM integrates with common resources such as Windows, LinuxUNIX, VMWare, Azure, SQLOracleDB2 database systems, Network appliances, and Mainframe. Hours Monday - Friday, 800am - 430pm Location 820 Follin Lane, Vienna, VA 22180 Due to COVID-19 and social distancing, this position will be temporarily working from home with plans to return to campus at the desired location listed once Navy Federal is back to normal operations. The specific logistics for returning to campus will be determined at a future date by individual leadership Equal Employment Opportunity Navy Federal values, celebrates, and enacts diversity in the workplace. Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans. EOEAAMFVeteranDisability Disclaimer Navy Federal reserves the right to fill this role at a higherlower grade level based on business need. An assessment may be required to compete for this position. Bank Secrecy Act Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act. Employee Referrals This position is eligible for the TalentQuest employee referral program. Please indicate the employee who referred you when applying.