Bank of America Jobs

Privileged Access Management (PAM) Sr. Analyst

Bank of America

Privileged Access Management (PAM) Sr. Analyst

Reposted 15 Days Ago

Be an Early Applicant

2 Locations

In-Office

135K-182K Annually

Senior level

Big Data • Fintech • Mobile • Payments • Financial Services • Data Privacy

The Role

Senior PAM analyst responsible for enforcing privileged access controls, assessing PAM risk, developing PAM requirements and cloud security solutions, advising stakeholders, partnering with governance and audit, and driving PAM modernization across on-prem and cloud environments.

Summary Generated by Built In

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.
Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.
At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!

Role Description:

This role reports directly to the Technology Executive overseeing Privileged Access Management governance and operations for the bank. This role is primarily responsible for ensuring that relevant Privileged Access controls are adequately enforced across platforms and applications to comply with or exceed requirements in the IAM Standard.

Responsibilities:

This role is primarily responsible for ensuring that relevant Privileged Access Controls are enforced across platforms and applications to provide optimal security.
Partner with PAM Governance leads to ensure that Privileged Access Controls are appropriately measured, reported and governed.
Appropriately assess Privileged Access risk when business and technology decisions are made, demonstrating an outstanding risk management mindset and best practices to safeguard BAC’s reputation, its clients, and assets by driving or exceeding compliance with applicable laws, rules, and regulations, adhering to BAC Policy and Standards.
Monitor industry information security and PAM trends and engages peer organizations to refine and enhance BAC’s PAM strategy.
Apply industry PAM best practices, templates, and documentation while also proposing improvements based on practical knowledge.
Provide extensive Active Directory security best practices and consultation to the cross functional teams, ensuring compliance with or exceeding IAM standards, and better protect privileged accounts against cyberattacks.
Develop new PAM requirements and cloud-based security solutions to govern cloud identities, credentials, and access.
Establish and maintain strong partnership with other Global Information Security (GIS) functions, Core Technology Infrastructure (CTI), Cyber Security Technology (CST), Third Party management, Global Compliance and Operations Risk (CGOR), internal Audit, and regulatory agencies.
Influence technology and PAM tools’ owners to build/implement enhanced PAM solutions that are efficient, highly-effective, and modern and able to result in material risk reduction in sustainable manner.
Collaborate with stakeholders to develop PAM requirements that iteratively support long term PAM modernization and transformation (covers Process, Data and Technology aspects).
Engage with Product Managers and Senior Architects to comprehend the strategic PAM technology roadmap, which dictates the need for modernized security principles.
Consult with the business to identify gaps and governance issues, leveraging own domain expertise to find effective solutions.
Clearly articulate reasons and methods behind proposed changes through informative materials for educating others.

Required Qualifications:

10+ years experience.
Provide education to team members and technology partners regarding the proposed changes.
Partner with the policy governance team for socialization and publication of proposed changes to the PAM Standard
Take accountability for addressing PAM risks. Proactively identify risk and ways to continuously enhance and improve BAC’s PAM controls. Implement and take decisive actions in finding solutions. Drives towards intended outcomes.
Engage senior management to provide factual, transparent, and timely reporting on existing and emerging PAM or information security risks.
Active participation in GIS IAM/PAM forums including but not limited to Monthly IAM Stakeholder Forum and Control Owner Forum for standard and Single Process Inventory (SPI) enhancements.
Support audit issues for closure and sustainability
Extensive knowledge and understanding of PAM-specific laws, rules, and regulations within the financial services sector.
Expert level knowledge of privileged access management methodologies and techniques for on-prem and Cloud implementation.
Familiarity with security standards such as NIST, ISO/EC, FFIEC, and MITRE ATT&CK framework. Knowledge of Compliance Certifications such as SOX, SOC, SOC2.
Understanding and interpreting BAC’s established information security Policy, Standards, Procedure and Guides, and applying this knowledge to related PAM decisions and response. Serve as the Subject Matter Experts in advising BAC business and technology counterparts on effective ways to achieve or exceed compliance with applicable Policy, Standards, Procedures and Guides
Proficiency in implementing and governing Risk and Role based access security controls.
Extensive experience in managing Active Directory to enforce privileged access controls.
Ability to influence platform and application owners to build more secure processes.
Strong understanding and risk management mindset, proactively mitigating PAM related risks.
Expert knowledge of PAM related tools which support session proxy, vaulting, just-in-time provision, integration with service management tool would be an advantage.
10 years relevant hands-on experience in PAM with at least of 5 years of management experience
Deep security knowledge which covers core technology infrastructure (network, storage, servers, databases, etc.) identity management and application security practice.
Deep experience with Linux, Windows, Cloud scale Identity, Access Management (Single Sign-On, Multi Factor Authentication), Authorization services or design and architecture of PAM services
Expert level knowledge of authentication platforms such as Active Directory, LDAP, Kerberos, LDAP, Radius.
Deep knowledge on Federation platforms or protocols such as Oauth, OpenID, SAML, WS-Fed, etc.
Hands on experience in consumption of Web Service APIs such as JSON / XML; hands on experience and proficient with AWS, Azure, GCP, and/or Cloud Technologies.
Working level experience with IAM platforms such as Ping Identity, Active Directory OpenLDAP, OpenDJ.

Desired Qualifications:

Possession of CISSP certification is a plus.
Proficient in articulating facts and data-driven plans and to partner with stakeholders to implement intended solutions to drive risk reductions and adherence to PAM standards.
Strong attention to detail and advanced analytical skills.
Excellent communication and presentation skills.
Excellent organizational skills and be able to effectively prioritize multiple tasks
Hands on experience and involvement in large and complex projects
Proficient in data management which includes strong data analytical capability with advanced understanding of the collection and management of metadata
Efficient in motivating, engaging, and leveraging other teams and business partners to efficiently deliver business solutions. Proven track record of influencing and relationship management skills.
Proficient in Microsoft Office suite of products with ability to quickly analyze and synthesize large volumes of data
Pro-active and able to drive direction of work that needs to be completed, ability to work independently on initiatives with little oversight. Motivated and willing to learn.
Confident and effective in delivering messages across a wide spectrum of individuals with varying degrees of technical and business understanding
Deep knowledge of bank financial practices and policies and ability to adapt to fast changing environment

Shift:

1st shift (United States of America)

Hours Per Week:

Pay Transparency details

US - MA - Boston - 100 Federal St - 100 Federal St Lp (MA5100), US - NJ - Jersey City - 101 Hudson St - 101 Hudson (NJ2101)

Pay and benefits information

Pay range$135,000.00 - $182,100.00 annualized salary, offers to be determined based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.

Benefits

This role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.

Skills Required

10+ years experience
10 years relevant hands-on PAM experience with at least 5 years management experience
Expert level knowledge of privileged access management methodologies and techniques for on-prem and cloud implementation
Extensive experience managing Active Directory to enforce privileged access controls
Deep experience with Linux, Windows, cloud-scale Identity and Access Management (SSO, MFA), and authorization services or PAM design and architecture
Expert knowledge of authentication platforms (Active Directory, LDAP, Kerberos, Radius)
Deep knowledge of federation platforms/protocols (OAuth, OpenID, SAML, WS-Fed)
Hands-on experience consuming Web Service APIs (JSON, XML) and proficiency with AWS, Azure, GCP or other cloud technologies
Working level experience with IAM platforms such as Ping Identity, OpenLDAP, OpenDJ
Extensive knowledge of PAM-specific laws, rules, and regulations within the financial services sector
Familiarity with security standards (NIST, ISO/IEC, FFIEC) and frameworks (MITRE ATT&CK); knowledge of SOX, SOC, SOC2
Proficiency in implementing and governing risk- and role-based access security controls
Ability to influence platform and application owners and provide AD security best practices and consultation
Strong risk management mindset; proactively identify and remediate PAM risks and report to senior management
Partner with policy governance team for socialization and publication of proposed changes to the PAM Standard
Engage in GIS IAM/PAM forums and support audit issue closure and sustainability
Expert knowledge of PAM-related tools supporting session proxy, vaulting, just-in-time provisioning and integration with service management tools
Provide education to team members and technology partners regarding proposed PAM changes
Establish and maintain partnerships with GIS, CTI, CST, Third Party management, Compliance, Operations Risk, and Audit
Develop new PAM requirements and cloud-based security solutions to govern cloud identities, credentials, and access

Bank of America Compensation & Benefits Highlights

The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Bank of America and has not been reviewed or approved by Bank of America.

Fair & Transparent Compensation — The $25/hour U.S. minimum wage, reaffirmed in recent company materials, sets a clear compensation floor that lifts entry-level and operations pay. Public salary information and disclosures provide visible benchmarks for pay across roles.
Parental & Family Support — Parental leave extends up to 26 weeks with 16 weeks fully paid for eligible teammates, alongside backup child and adult care and a dedicated Life Event Services team. Family-building assistance offers up to a $20,000 lifetime reimbursement and bereavement leave provides 20 paid days for loss of a spouse, partner, or child.
Retirement Support — Retirement programs include a 401(k) match up to 5% of eligible pay plus an additional 2–3% annual company contribution based on service. These employer contributions add meaningful long-term value beyond base pay.

Learn more about Bank of America's Compensation & Benefits →

Bank of America Insights

What's It Like to Work at Bank of America? Bank of America Culture & Values Bank of America Career Growth & Development What's the Work-Life Balance Like at Bank of America? Bank of America Leadership & Management Bank of America Company Growth, Stability & Outlook

View all jobs at Bank of America

View Bank of America Profile

Report Job

Am I A Good Fit?

beta

Get Personalized Job Insights.

Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company

HQ: Charlotte, NC

208,000 Employees

Year Founded: 1784

What We Do

We make financial lives better for our clients and our communities through the power of every connection. Our employees are at the heart of this purpose, and are key to driving responsible growth. Every day, across the globe, our employees bring a commitment to our purpose and to driving responsible growth by living our values: deliver together, act responsibly, realize the power of our people and trust the team. A key aspect of driving responsible growth is doing so in a sustainable manner, a critical pillar of which is being a great place to work for our teammates.