Sr Info Sec Ops Specialist

This is a Non-Employee Contingent Worker Role providing services for TIAA’s family of companies and will be employed by TIAA's preferred 3rd Party Supplier. As a Non-Employee CW, perform a variety of moderately complex business planning, support, and project-related duties. Demonstrates an exceptional standard of quality and holds themselves accountable to achieving excellent results.

This role will sit onsite, likely in a hybrid capacity, at the location(s) listed in this posting.

The anticipated term of this engagement will be 4 months. This term could be extended based on company business needs.

CW-Sr Info Sec Incident Response Specialist
The Information Security Incident Response Specialist job assists in analyzing all response activities related to cyber incidents within the network environment or enclave. Working independently under general supervision, this job monitors all networks and systems within the organization to identify and deter potential threats. This job also helps analyze data to protect and maintain the overall information technology (IT) security of the organization.

Key Responsibilities and Duties

• Assists in analyzing cyber threat information from a variety of information technology (IT) security tools, including intrusion detection system alerts, firewall and network traffic logs and host system logs.
• Conducts non-complex strategic assessments on systems and networks to determine potential cyber threat opportunities.
• Analyzes non-complex events and anomalies in accordance with IT Security directives, including initiating, responding, and reporting discovered events.
• Monitoring industry security updates, technologies and best practices to improve security management.
• Helps perform digital forensic tasks to consistently monitor all designated networks, enclaves and systems.
• Participates in tactical analyses and makes suggestions for network operations within the organization.
• Lends technical assistance to other incident response and security operation teams, including vulnerability assessments and intrusion detection.

Educational Requirements

• University (Degree) Preferred

Work Experience

• 3+ Years Required; 5+ Years Preferred

Physical Requirements

• Physical Requirements: Sedentary Work

Career Level
7IC

Job Summary

We are seeking an experienced Privileged Access Management Analyst to lead and support our organization's migration from on-premise CyberArk to CyberArk's SaaS Privilege Cloud solution. This role will be responsible for managing privileged access controls, implementing security best practices, and ensuring seamless transition to cloud-based identity access management.

Key Responsibilities

CyberArk Migration & Management

• Lead the migration effort from on-premise CyberArk PAM solution to CyberArk's SaaS Privilege Cloud platform
• Design and implement privileged access workflows and policies in the new SaaS Privilege Cloud/ CyberArk Identity environment
• Configure, manage, and troubleshoot CyberArk components including Password Vault Web Access (PVWA) and Central Policy Manager (CPM)
• Create and maintain documentation for CyberArk administration and end-user procedures
• Collaborate with technology teams to facilitate applications migrating/on-boarding to the Privilege Cloud solution.

Active Directory Management

• Provision, modify, and deprovision user accounts in Active Directory
• Implement and manage AD group policies and security settings
• Configure and maintain AD organizational units, groups, and delegation models
• Troubleshoot authentication issues and directory synchronization problems

Unix System Administration

• Provision and manage user accounts on Unix/Linux systems
• Implement security controls and access policies for Unix environments
• Integrate Unix systems with centralized identity management platforms

General Access Management

• Create and maintain access management policies and procedures
• Respond to access-related security incidents
• Collaborate with security, IT, and business teams on access requirements

Qualifications

Required Skills & Experience

• 3+ years of experience with privileged access management tools, preferably CyberArk
• Demonstrated experience with CyberArk migrations or significant version upgrades
• Experience with PAM Operational tasks, including safe creation and management, account onboarding, and policy generation.
• Strong working knowledge of Active Directory administration and group policy management
• Hands-on experience with Unix/Linux user provisioning and access control
• Understanding of identity and access management principles and best practices
• Experience implementing least privilege access models

Technical Knowledge

• CyberArk components: PVWA, CPM, Secrets Hub, Conjur, EPV,  SIA, Privilege Cloud, Identity PSM, and PTA
• CyberArk task automation via PACLI & REST API
• Microsoft Active Directory, Group Policy, and PowerShell scripting
• Unix/Linux authentication systems and access controls
• LDAP, SAML, OAuth, and other authentication protocols
• Cloud security concepts and SaaS implementation best practices

Preferred Qualifications

• CyberArk Trustee certification, or CyberArk PAM Defender, Sentry, or Certified Delivery Engineer
• Microsoft certified (MCSA/MCSE)
• CISSP, CISM, or other security certifications
• Experience with identity governance and administration (IGA) platforms
• Scripting abilities in PowerShell, Python, or Bash
• Experience with DevOps and automation tools

Additional Information

This role requires strong problem-solving skills and the ability to work in a fast-paced environment

The candidate must demonstrate excellent communication skills to work with various stakeholders 

Start Date: 18-Aug-2025

End Date: 31-Dec-2025

Travel Required: No

Anticipated Posting End Date:

2025-08-01

Base Pay Range: $38.80/hr - $61.15/hr

Actual base salary may vary based upon, but not limited to, relevant experience, time in role, base salary of internal peers, prior performance, business sector, and geographic location.

_____________________________________________________________________________________________________

Equal Opportunity

We are an Equal Opportunity Employer. TIAA does not discriminate against any candidate or employee on the basis of age, race, color, national origin, sex, religion, veteran status, disability, sexual orientation, gender identity, or any other legally protected status.

Read more about your rights and view government notices here.

Accessibility Support

TIAA offers support for those who need assistance with our online application process to provide an equal employment opportunity to all job seekers, including individuals with disabilities. 

If you are a U.S. applicant and desire a reasonable accommodation to complete a job application please use one of the below options to contact our accessibility support team: 

Phone: (800) 842-2755

Email: accessibility.support@tiaa.org

Privacy Notices

For Applicants of TIAA, Nuveen and Affiliates residing in US (other than California), click here.

For Applicants of TIAA, Nuveen and Affiliates residing in California, please click here.

For Applicants of TIAA Global Capabilities, click here.

For Applicants of Nuveen residing in Europe and APAC, please click here.