Privileged Access Management Service Lead
US: USA Remote
Full Time Senior-level / Expert USD 135K - 226K
Eli Lilly and Company
Lilly is a medicine company turning science into healing to make life better for people around the world.At Lilly, we unite caring with discovery to make life better for people around the world. We are a global healthcare leader headquartered in Indianapolis, Indiana. Our employees around the world work to discover and bring life-changing medicines to those who need them, improve the understanding and management of disease, and give back to our communities through philanthropy and volunteerism. We give our best effort to our work, and we put people first. We’re looking for people who are determined to make life better for people around the world.
Ready to put your mark on the world of cybersecurity? We’re looking for a Privileged Access Management (PAM) Service Lead to bring fresh perspectives and bold solutions to our team. In this role, you’ll be instrumental in shaping how our organization provides secure, appropriate, and timely access to enterprise resources and as well as be a catalyst to drive our Identity and Access Management strategy.
What You'll Be Doing:
The PAM Service Lead will be part of the Lilly Cybersecurity team, responsible for delivering and securing technology that supports the Lilly mission, specifically focused on PAM services. This role is responsible for defining and executing the strategy for the company's PAM capabilities globally. This includes developing technology roadmaps, prioritizing enhancements, driving continuous service improvements, engaging stakeholders, and optimizing the authentication technology stack.
Technology Strategy & Roadmap:
Define the long-term strategic vision and roadmap for PAM services aligned with business objectives and risk posture.
Evaluate emerging PAM technologies and vendors to inform roadmap decisions.
Develop and maintain an integrated, global PAM roadmap.
Build PAM services that are resilient and resistant to evolving threats, leveraging industry best practices and threat intelligence.
Demonstrate experience in identity-related security incident response and incorporating learnings into PAM roadmaps.
Service Delivery & Optimization:
Manage the prioritization and delivery of enhancements to PAM controls based on risk, compliance, and operational criteria.
Ensure reliability and availability of the service by defining service metrics and standard SLAs.
Drive continuous improvement through review of metrics, threat intelligence, vulnerabilities, and customer feedback.
Optimize the PAM architecture and technology stack to increase efficacy and operational efficiency.
Foster an environment focused on continuous learning, innovation, and operational excellence.
Stakeholder Engagement:
Engage with security leadership, architecture, cyber defense, IT, and business stakeholders to understand priorities and constraints.
Evangelize the PAM service strategy across the enterprise and foster tight alignment.
Collaborate with cyber defense operations, and other cybersecurity teams on PAM threat detection strategies and capabilities.
Compliance & Risk Management:
Ensure PAM services enable compliance with regulatory and industry requirements.
Define appropriate PAM services controls to mitigate risks identified through security architecture reviews and risk assessments.
Provide oversight and guidance during security audits related to PAM services domains.
Budget & Vendor Management:
Develop and manage the annual budget for PAM services and associated capital expenditures.
Evaluate, select and manage PAM services vendors through RFPs, product evaluations, and commercial negotiations.
Your Basic Qualifications:
Bachelor's degree in Computer Science, Cybersecurity or related technical field
8+ years of experience in Identity and Access Management with deep expertise in areas of privileged access management, secrets management, and Just In Time Access.
5+ years of experience in technology strategy and roadmap planning in an enterprise environment.
Additional Preferences:
Demonstrated experience in CyberArk.
Experience with Entra ID
Strong business acumen with ability to map technical capabilities to business needs and priorities.
Excellent stakeholder management, communication, and leadership skills.
Knowledge of IT operations, system administration and identity and access management processes
Experience with compliance frameworks like PCI-DSS, HIPAA, NIST 800-171 etc.
Relevant certifications like CISSP, CISM, GCIA, GCIH preferred.
Experience managing both operational and capital expenditure budgets.
Additional Information:
Remote with travel to Indianapolis -10-25%
Local candidates will be required to work a hybrid model at the Lilly Corporate Center in Indianapolis, Indiana.
Lilly currently anticipates that the base salary for this position could range from between $135,000 to $226,600 and will depend, in part, on the successful candidate’s qualifications for the role, including education and experience. Full-time equivalent employees also will be eligible for a company bonus (depending, in part, on company and individual performance). In addition, Lilly offers a comprehensive benefit program to eligible employees, including eligibility to participate in a company-sponsored 401(k); pension; vacation benefits; eligibility for medical, dental, vision and prescription drug benefits; flexible benefits (e.g., healthcare and/or dependent day care flexible spending accounts); life insurance and death benefits; certain time off and leave of absence benefits; and well-being benefits (e.g., employee assistance program, fitness benefits, and employee clubs and activities). Of course, the compensation described above is subject to change and could be higher or lower than the range described above. Further, Lilly reserves the right to amend, modify, or terminate its compensation and benefit programs in its sole discretion and Lilly’s compensation practices and guidelines will apply regarding the details of any promotion or transfer of Lilly employees.
Lilly is dedicated to helping individuals with disabilities to actively engage in the workforce, ensuring equal opportunities when vying for positions. If you require accommodation to submit a resume for a position at Lilly, please complete the accommodation request form (https://careers.lilly.com/us/en/workplace-accommodation) for further assistance. Please note this is for individuals to request an accommodation as part of the application process and any other correspondence will not receive a response.
Lilly is an EEO/Affirmative Action Employer and does not discriminate on the basis of age, race, color, religion, gender, sexual orientation, gender identity, gender expression, national origin, protected veteran status, disability or any other legally protected status.
Our employee resource groups (ERGs) offer strong support networks for their members and help our company develop talented individuals for future leadership roles. Our current groups include: Africa, Middle East, Central Asia Network, African American Network, Chinese Culture Network, Early Career Professionals, Japanese International Leadership Network (JILN), Lilly India Network, Organization of Latinos at Lilly, PRIDE (LGBTQ + Allies), Veterans Leadership Network, Women’s Network, Working and Living with Disabilities. Learn more about all of our groups.
#WeAreLilly
Tags: Audits CISM CISSP Compliance Computer Science Cyberark Cyber defense GCIA GCIH HIPAA IAM Incident response NIST Risk assessment Risk management SLAs Strategy Threat detection Threat intelligence Vendor management Vulnerabilities
Perks/benefits: Career development Flex hours Flex vacation Health care Insurance Medical leave Salary bonus Travel
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.