Job Title

Location: Anywhere in Country At EY, we're all in to shape your future with confidence. We'll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world. In an ever"‘evolving IT landscape, EY stands as a beacon of trust for clients across diverse industries seeking reliable solutions to address their intricate risks and vulnerabilities. As a vital member of our Identity and Access Management (IAM) team, you will play a central role in empowering clients to comprehend and navigate their complex Enterprise Identity environments. Opportunity EY Cyber Managed Services within the Service Delivery Center (SDC) provides 24í—7 operational support to help clients manage and reduce privileged access risks across complex enterprise environments. As a PAM Operations Specialist, you will be responsible for the day"‘to"‘day operation, monitoring, and continuous improvement of Privileged Access Management platforms, ensuring stability, security, and compliance with client and EY standards. This role is delivery"‘focused and operations"‘centric, supporting global clients by managing privileged identities, enforcing access controls, and responding to incidents in a structured environment. Your Key Responsibilities PAM Platform Operations Perform day"‘to"‘day administration of PAM platforms (e.g., CyberArk PAS, EPM, PSM, AAM), including user onboarding, account lifecycle management, and access provisioning/deprovisioning. Monitor PAM infrastructure health, vault availability, password rotation status, and privileged session availability. Execute routine operational tasks such as password reconciliations, account discovery validations, and platform housekeeping. Access & Policy Enforcement Enforce privileged access policies, approvals, and segregation"‘of"‘duties requirements as defined by client governance models. Support privileged access requests, emergency access (break"‘glass) processes, and time"‘bound access workflows. Validate compliance of privileged accounts across Windows, Unix/Linux, databases, network devices, and cloud platforms. Incident, Problem & Change Support Act as L1/L2 support for PAM"‘related incidents, alerts, and service requests, ensuring resolution within defined SLAs. Perform root"‘cause analysis for recurring PAM operational issues and support problem management activities. Support planned changes, patching, upgrades, and configuration updates in coordination with engineering teams. Monitoring, Audit & Compliance Review and respond to alerts, logs, and privileged session recordings as part of security monitoring and audit support. Generate operational and compliance reports for privileged access usage, password health, and platform KPIs. Support internal and external audits by providing evidence, reports, and operational documentation. Documentation & Continuous Improvement Maintain and update SOPs, runbooks, operational procedures, and knowledge articles for PAM services. Identify opportunities to automate repetitive PAM operational tasks and improve service efficiency. Contribute to service transition activities for new PAM onboardings into SDC operations. Skills and Attributes for Success Hands"‘on experience operating PAM solutions, with a strong preference for CyberArk (PAS, PSM, EPM), BeyondTrust, Delinea. Working knowledge of privileged access concepts, including vaulting, session management, credential rotation, and least privilege. Familiarity with operating systems and platforms commonly integrated with PAM (Windows, Unix/Linux, databases, network devices). Understanding of ITSM processes (Incident, Problem, Change, Request). Strong operational discipline with experience working in SLA"‘driven, managed services environments. Qualifications Bachelor's degree in computer science, Information Security, or a related field. 3-5 years of experience in cybersecurity operations, IAM, or PAM support roles. Hands"‘on operational experience with at least one PAM platform (CyberArk preferred). Experience supporting enterprise environments with Active Directory, Azure AD, LDAP, and service accounts. Willingness to work in shift"‘based or on"‘call operational models as required by SDC. Ideally, you'd also have CyberArk certifications (Defender, Sentry, or PAM"‘related credentials) BeyondTrust and Delinea. Exposure to cloud PAM integrations (Azure, AWS, GCP). Understanding of regulatory and security frameworks (ISO 27001, NIST, SOX, GDPR). Experience with scripting or automation (PowerShell, Python) for operational efficiency. Prior experience supporting global clients in a managed security services model. What We Offer You We offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $77,500 to $140,900. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $92,900 to $160,500. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team"‘led and leader"‘enabled hybrid model. Our expectation is for most people in external, client"‘serving roles to work together in person 40"‘60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you'll decide how much vacation time you need based on your own personal circumstances. You'll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well"‘being. Are you ready to shape your future with confidence? Apply today. EY accepts applications for this position on an ongoing basis. For those living in California, please click here for additional information. EY focuses on high"‘ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1"‘800"‘EY"‘HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY's Talent Shared Services Team (TSS) or email the TSS at . #J-18808-Ljbffr