IAM & PAM Lead Analyst

The Apex Group was established in Bermuda in 2003 and is now one of the world’s largest fund administration and middle office solutions providers.

Our business is unique in its ability to reach globally, service locally and provide cross-jurisdictional services. With our clients at the heart of everything we do, our hard-working team has successfully delivered on an unprecedented growth and transformation journey, and we are now represented by over circa 13,000 employees across 112 offices worldwide.Your career with us should reflect your energy and passion.

That’s why, at Apex Group, we will do more than simply ‘empower’ you. We will work to supercharge your unique skills and experience.

Take the lead and we’ll give you the support you need to be at the top of your game. And we offer you the freedom to be a positive disrupter and turn big ideas into bold, industry-changing realities.

For our business, for clients, and for you

The Role:

The IAM & PAM Lead Analyst is a key position within the Information Security function, responsible for leading the strategy, implementation, and ongoing management of Apex’s Identity & Privileged Access Management (IAM & PAM) frameworks. This role covers both user identity lifecycle and privileged access governance across the organization. It will report directly to the Identity & Privileged Access Manager and work closely with global stakeholders in IT, Security, Risk, and Compliance.

Key duties and responsibilities:

Identity & Access Management (IAM)

• Lead operational IAM activities, including joiner-mover-leaver processes, access provisioning, role-based access control (RBAC), and periodic access reviews.
• Collaborate with IT and HR systems to ensure alignment and automation of identity lifecycle workflows.
• Participate in IAM governance efforts and help design access policies and controls for both enterprise and cloud applications.
• Support continuous improvement and maturity of IAM processes and tools.

Privileged Access Management (PAM)

• Oversee the privileged access lifecycle for critical systems, including administration of Apex’s enterprise PAM solution (CyberArk).
• Drive the global implementation and optimisation of PAM tools, controls, and automation.
• Maintain the integrity of privileged access processes including provisioning, session monitoring, credential management, and access certifications.
• Identify, assess, and remediate risks associated with privileged access.
• Lead audits and compliance reviews related to privileged and elevated access.
• Create and maintain PAM policies, standards, and operational documentation.
• Provide guidance and mentorship to regional teams and end-users on PAM best practices.

Experience and Knowledge:

• 5–8 years of experience in Identity and Access Management, with a strong focus on Privileged Access Management.
• Deep understanding of IAM/PAM principles, role-based access control, authentication methods, and zero-trust architecture.
• Demonstrated expertise with CyberArk.
• Experience leading PAM deployments in large, complex environments.
• Strong familiarity with Active Directory, Azure AD, LDAP, SAML, OAuth, and cloud access management.
• Experience in the financial services or highly regulated industry is a strong advantage.
• Strong stakeholder engagement skills, including experience working across IT, InfoSec, and business teams.
• High attention to detail, well-organised, and effective at managing competing priorities.
• Excellent verbal and written communication skills in English.
• CyberArk Defender, CyberArk Sentry or relevant certifications such as CISSP, CISM and CIAM will be encouraged.

What you will get in return:

• High visibility and impact within a large, globally expanding organisation.
• A supportive, collaborative, and high-performance work culture.
• Cross-functional exposure and opportunities to lead global security initiatives.
• Career development opportunities within one of the world’s leading independent fund administrators.
• The chance to innovate and influence security maturity and architecture.

Disclaimer: Unsolicited CVs sent to Apex (Talent Acquisition Team or Hiring Managers) by recruitment agencies will not be accepted for this position. Apex operates a direct sourcing model and where agency assistance is required, the Talent Acquisition team will engage directly with our exclusive recruitment partners.