IAM Senior Analyst

ABOUT US 

We are Alter Domus. Meaning “The Other House” in Latin, Alter Domus is proud to be home to 85% of the top 30 asset managers in the alternatives industry, and more than 5,000 professionals across 23 countries. 

With a deep understanding of what it takes to succeed in alternatives, we believe in being different. Invest yourself in the alternative, and join an organization where you progress on merit, where you can speak openly with whoever you are speaking to, and where you will be supported along whichever path you choose to take. 

Find out more about life at Alter Domus at careers.alterdomus.com  

Job Summary: 

We are seeking a skilled Identity and Access Management (IAM) & Privileged Access Management (PAM) Specialist to join our team. The ideal candidate will be responsible for managing and securing user identities and access rights across our organization. This role involves implementing IAM and PAM solutions, ensuring compliance with security policies, and providing support for identity-related issues.

Key Responsibilities:

• Develop, implement, and maintain IAM & PAM policies, procedures, and standards to ensure secure access to systems and data.

• Work as Subject Matter Expert Engineer for CyberArk solutions for Privileged Access Management and Password Vault Management which includes:
  • Configure Application Identity Manager (AIM) including the Central Provider (CP) and Application Service Credential Provider (ASCP).
  • Configure CyberArk Enterprise Password Vault, Password Vault Web Access (PVWA), PrivateArk Client, Central Password Manager (CPM), Privileged Session Manager (PSM).
  • Work with Infrastructure, Platform DevOps, Network Engineers and Workplace Productivity teams to ensure CyberArk and CyberArk plugins are configured, installed, developed, and tested correctly.
  • Design, engineer, upgrade and customize CyberArk CPM and PSM plugins and connectors aligned to different scenarios.
  • Create and manage CyberArk Policies and Safe and monitor its infrastructure and components.
  • Ensure CyberArk log ingestion for security incident response and platform and components are patched regularly.
• Responsible for Privileged User account engineering for various platforms; LDAP, Windows, Linux, Databases, and Azure & AWS workloads.
• Integrate service accounts through the IAM solution and LDAP providers, Windows & Linux Servers, Databases, and Azure & AWS accounts.

• Administer IAM & PAM systems, including user provisioning, de-provisioning, and access requests.
• Provide support for IAM & PAM related incidents and issues, including troubleshooting and resolution. Stay updated on IAM trends, technologies, and best practices to enhance the organization’s security posture.
• Document IAM processes, workflows, and system configurations.
• Monitor and audit user access and permissions to ensure compliance with internal and external regulations.
• Conduct regular reviews of user access rights and recommend changes as necessary to align with the principle of least privilege.

Required Skills:

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Have 3+ years of hands-on experience in IAM, PAM, and IT Security role.
• CyberArk experience includes engineering, installation, configuration, architecture and design of CyberArk (PVWA, PSM, CPM, AIM/AAM, PSMP, PTA, Vault & DR) PAM Solution.
• Experience with requirements, processes, procedures, and deployment of custom plugins using CLI.
• Knowledge of; Active Directory/LDAP management, JDBC, PKI, MFA, PAM, Identity Governance, SSO (e.g., Okta, Microsoft Azure Active Directory, SailPoint).
• Working knowledge of, Windows Server, Linux, Cloud Environment, Active Directory, PowerShell
• Experience with troubleshooting issues with Vault, PVWA, CPM, and PSM component servers (including gathering various CyberArk logs, diagnosing firewall or network-related issues, etc.).
• Proficiency in at least one scripting language (e.g., PowerShell, Python) for automation tasks.
• CyberArk Certifications is a nice-to-have; CyberArk Certified Delivery Engineer (CDE) Defender, Sentry, or Guardian.
• Knowledge of securing cloud environments and services (Azure, AWS) is advantageous.
• Strong interpersonal skills to work effectively with cross-functional teams.
• Excellent problem-solving and analytical skills.
• Effective verbal and written communication skills that include the ability to describe highly technical concepts in non-technical terms.

WHAT WE OFFER:

We are committed to supporting your development, advancing your career, and providing benefits that matter to you. 

Our industry-leading Alter Domus Academy offers six learning zones for every stage of your career, with resources tailored to your ambitions and resources from LinkedIn Learning. 

Our global benefits also include: 

• Support for professional accreditations such as ACCA and study leave 
• Flexible arrangements, generous holidays, birthday leave
• Continuous mentoring along your career progression 
• Active sports, events and social committees across our offices 
• Support with mental, physical, emotional and financial support 24/7 from our Employee Assistance Program 
• The opportunity to invest in our growth and success through our Employee Share Plan 
• Plus additional local benefits depending on your location 

Equity in every sense of the word 

We are in the business of equity, in every sense of the word. For us, this means taking action to ensure every colleague has equal opportunity, valuing every voice and experience across our organisation, maintaining an inclusive culture where you can bring your whole self to work, and making Alter Domus a workplace where everyone feels they belong. 

We celebrate our differences, and understand that our success relies on diverse perspectives and experiences, working towards shared goals and a common purpose. Thanks to the work of our Group DE&I Committee and network of DE&I Champions, we empower all of our people to be truly invested in the alternative.  

We are committed to ensuring an inclusive recruiting and onboarding process. Please contact our hiring team if you require any accommodations to make our recruitment process more accessible for you. 

(Alter Domus Privacy notice can be reviewed via Alter Domus webpage: https://alterdomus.com/privacy-notice/)

#LI-HYBRID