PAM Security Engineer- Remote
Location
Cary, NC | United States
Job description
Nice to meet you!
We’re the leader in analytics. Through our software and services, we inspire customers around the world to transform data into intelligence – and questions into answers.
We’re also a debt-free multi-billion-dollar organization on our path to IPO-readiness. If you’re looking for a dynamic, fulfilling career coupled with flexibility and world-class employee experience, you’ll find it here.
About the job
The Identity & Access Management team is looking for a PAM Security Engineer to join our PAM program. Our team is implementing privileged access management for thousands of human users, service accounts and system accounts across multiple environments. We need an energetic, motivated, and team player to assist with the implementation of the PAM program, migrate existing users from a legacy PAM solution, accelerate adoption by users, and provide an outstanding user experience all while meeting SAS’ compliance and security requirements.
As a PAM Security Engineer, you will:
- Support the PAM program with project initiatives, day-to-day tasks, and support of PAM technologies.
- Be passionate about information security to help evangelize PAM and work to enable its adoption throughout SAS.
- Ensure the correct configuration and maintenance of hardware, software, network firewalls, and encryption protocols related to the PAM tools and supporting infrastructure.
- Research latest security best practices, staying abreast of new threats and vulnerabilities and helps disseminate this information to appropriate groups within the organization.
- Assist in developing and implementing controls to enforce security policies to control physical and virtual access to systems.
- Communicate well and work with cross-functional teams to meet PAM program goals by ensuring the team is meeting requirements regarding compliance, scope, reliability, and adherence to enterprise standards.
- Successfully manage relationships with SAS personnel and all stakeholders.
- Establish and maintain relationships with third-party personnel and product/service vendors.
- Deliver excellent customer service using a customer first and continuous improvement mindset.
- Collaborate with geographically distributed teams of engineers, support staff, and stakeholders.
- Contribute to document creation and the maintaining of existing documentation, such as FAQ's and KB articles.
Required Qualifications
- Bachelor’s degree in IT Security or Computer Science with a minimum of 3+ years of IAM or Information Security experience.
- Equivalent combination of related education, training and experience may be considered in place of the above qualifications.
- Ability to participate in 24x7 paid on-call.
- 5+ years of IT experience.
- 1+ years of direct experience with Privileged Access Management and Delinea Secret Server (Thycotic).
- Experience with Active Directory (on-premises, Azure AD), LDAP, and other directory services and integrating these with security tools.
- Familiarity with least privilege, zero trust, Role Based Access Control (RBAC), and general IT security principals.
- Experience with technical document creation.
- Strong ability to communicate with others, including explaining technical concepts to non-technical users.
- Ability to appropriately prioritize tasks and be productive with minimal supervision.
- You’re curious, passionate, authentic, and accountable. These are our values and influence everything we do.
Preferred Qualifications
- 2+ years of direct experience with the configuration, support and migration of secrets using Delinea Secret Server (Thycotic).
- Strong understanding of privileged access and experience with identifying, categorizing, and building controls around elevated privilege.
- Experience with scripting (PowerShell or others) and simple programming to automate repetitive tasks.
- Experience integrating applications with cloud services (Azure, AWS, Secret Server).
World-Class Benefits
Highlights include...
- Comprehensive medical, prescription, dental and vision plans.
- Medical plan options include...
- PPO with low annual deductible and copays.
- HDHP combined with a health savings account with a contribution from SAS (no access to on-site health care center).
- Onsite Health Care Center (HQ) that’s free to employees and family members enrolled in the PPO plan. There's a pharmacy too! Not local to HQ? The pharmacy will ship prescriptions for no additional charge!
- An industry-leading 401k plan.
- Generous time away including vacation time, a variety of paid holidays, and our much-loved U.S. Winter Wellness Break between December 25 and January 1.
- Volunteer Time Off, parental leave and unlimited paid sick days.
- Generous childcare benefits for all full-time employees.
Diverse and Inclusive
At SAS, it’s not about fitting into our culture – it’s about adding to it. We believe our people make the difference. Our diverse workforce brings together unique talents and inspires teams to create amazing software that reflects the diversity of our users and customers. Our commitment to diversity is a priority to our leadership, all the way up to the top; and it’s essential to who we are. To put it plainly: you are welcome here.
Additional Information:
To qualify, applicants must be legally authorized to work in the United States, and should not require, now or in the future, sponsorship for employment visa status. SAS is an equal opportunity/Affirmative Action employer. All qualified applicants are considered for employment without regard to race, color, religion, gender, sexual orientation, gender identity, age, national origin, disability status, protected veteran status or any other characteristic protected by law. Read more: Know Your Rights . Also view the Pay Transparency notice.
Resumes may be considered in the order they are received. SAS employees performing certain job functions may require access to technology or software subject to export or import regulations. To comply with these regulations, SAS may obtain nationality or citizenship information from applicants for employment. SAS collects this information solely for trade law compliance purposes and does not use it to discriminate unfairly in the hiring process.
SAS only sends emails from verified “sas.com” email addresses and never asks for sensitive, personal information or money. If you have any doubts about the authenticity of any type of communication from, or on behalf of SAS, please contact [email protected].
#SAS
Job tags
Salary