Privileged Access Management (PAM) Engineering and Operations Lead

ROLE SUMMARY

Pfizer’s Global Information Security (GIS) organization delivers proactive cyber defense for the global enterprise.  Our mission is to secure all of Pfizer’s digital information assets ranging from our scientific breakthroughs to the manufacturing floor, and out to the patients we serve.  We achieve this mission through a combination of world-class talent, top-tier technologies, industry leading best practices, and the promotion of a cybersecurity ownership culture across the company.

Strong identity and access controls are vital to the security and operational resilience of Pfizer. The Privileged Access Management Engineering and Operations Lead is accountable technology and operations of all privileged access technologies across Pfizer Digital. The leader will be responsible for driving innovation that reduces the risk to Pfizer by securing privileged accounts across numerous enterprise environments while also improving the user experience.

The position requires a balance of technical expertise and good communication skills to drive and support effective Privileged Access Management solutions. The incumbent will report to the Director, Privileged Access Management. The Privileged Access Management team is part of the Identity and Access Management organization with Pfizer Global Information Security.

ROLE RESPONSIBILITIES

• Accountable for the deployment, maintenance, and support of current and future PAM technologies in Pfizer’s enterprise environment. This includes troubleshooting and monitoring system performance, providing technical support and guidance to end-users and other technical teams, and implementing changes and improvements. As the Operations Engineer Lead for Privileged Access Management, this role will also be responsible for day-to-day operations and supporting PAM operations staff as well as driving new initiatives to increase Pfizer’s PAM capabilities to meet security and business needs. 

• Provide expertise on industry leading PAM solutions, including API capabilities, to team members, stakeholders, members of cross-functional teams and leadership. 

• Lead BAU PAM operations, providing guidance and expertise to PAM Operations team members. 

• Provide 24x7 support as needed for emergency response and planned maintenance activities. 

• Manage existing and future PAM technologies and infrastructure within the enterprise, including monitoring, alerting, configuration, administration, maintenance, and disaster recovery and capacity planning. 

• Manage the lifecycle of privileged accounts in the PAM platforms and their adherence to policies and frameworks. 

• Analyze the current PAM environment to identify opportunities for technical and operational improvements and automation to streamline processes to improve the usability, efficiency, and effectiveness of Pfizer’s PAM solutions. 

• Serve as a lead or contributor for various PAM projects. 

• Collaborate with technical and non-technical business units to understand their needs and translate them into requirements and designs for PAM systems and processes. 

• Perform integration assessments and advise on best practices for new and existing integrations. 

• Participate in incident response activities, including analyzing security incidents, identifying root causes, and recommending appropriate remediation measures. 

• Create and review detailed documentation and procedures, including architectural diagrams, implementation and integration documentation, end-user documentation and security policies related to PAM. 

• Eliminate duplicative capabilities where possible, reduce complexities, and leverage enterprise standards and industry best practices. 

• Assist with providing training and mentorship to colleagues. 

• Exercise sound judgement and decision-making by leveraging knowledge and experience, along with policies, procedures, and company values (Courage, Excellence, Equity, and Joy). 

• Demonstrated ability to work in an agile work environment possessing qualities such as a collaborative mindset, adaptability to change, and a proactive problem-solving approach.

QUALIFICATIONS  

• Bachelor’s degree in computer science, Information Security, or a related field. 

• 5+ years of experience in Information Security or Identity and Access Management with strong focus in IAM PAM platforms (e.g. CyberArk, Thycotic, TPAM, Netwrix). 

• Detailed knowledge and experience in enabling new, migrating to, and/or managing an enterprise PAM platform based on best practices. 

• Detailed knowledge and experience with automatingPAM processes by leveraging out of box capabilities and custom build connectors / APIs. 

• Knowledge and experience of Just-in-Time Administration, Zero Trust, and Multi-Factor Authentication. 

• Experience with designing and developing J2EE/Java applications, web services, and databases. 

• Experience with Agile methodologies and corresponding Agile based tools. 

• Proven ability to influence and gain trust at senior management levels in multi-cultural environments. 

• Demonstrable professional experience in a corporate environment supporting Identity and Access Management, Information Security, or Information Technology in a technical lead capacity. 

• Previous extensive professional hands-on experience managing industry standard PAM technologies, policies, and related infrastructure.  

• Experience performing continual operational and maintenance tasks such as: security patching, platform version updates, security vulnerability response, change control and other administrative functions required to maintain the operations of IT systems. 

• Demonstrated experience leading an operational support team. 

• Strong understanding of virtualization and cloud technologies, AWS infrastructure, directory services, Windows and Unix based platforms and general networking concepts. 

• Strong understanding of Privileged Access Management and Information Security principles, best practices, frameworks, and technologies. 

• Familiarity and understanding of RESTful APIs. 

• Experience with one or more scripting languages, such as Python, Bash, or PowerShell. 

• Ability to work independently with instruction on complex problems and be able to work as a team player. 

• Demonstrated history of administering industry leading PAM technologies and supporting end-users and technical teams in a fast-paced enterprise environment. 

• Outstanding communication skills, including the ability to communicate potentially complex information in a concise, accurate, and complete manner in both written and verbal form. 

• Ability to manage multiple competing tasks simultaneously and complete work within allocated timeframes. 

• Extensive professional experience in a corporate environment supporting Identity and Access. 

• Management, Information Security, or Information Technology. 

• Comprehensive knowledge of virtualization and cloud technologies, directory services, Windows and Unix based platforms and general networking concepts. 

• Strong understanding of JIT, least privileged and dynamic privilege concepts. 

• Strong understanding and experience with RESTful API’s. 

• Advanced knowledge of one or more scripting languages, such as Python, Bash, or PowerShell. 

• Understanding of DevOps pipeline and CI/CD tools. 

• Experience with Agile methodologies.

• Experience working in GxP environments and regulatory requirements. 

• CISSP, CISM, CISA or other relevant security certifications and knowledge of ISO and NIST security standards preferred.

 
Work Location Assignment: Flexible

EEO (Equal Employment Opportunity) & Employment Eligibility 

Pfizer is committed to equal opportunity in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, or disability.