Role Title: PAM Analyst
Functional Area: CISO Identity & Access Management
Role Purpose
The Privileged Access Management (PAM) Analyst / Security Engineer will report to the Offshore PAM Lead within the Intact UK CISO Identity and Access Management team. This role is responsible for ensuring that privileged identities are properly controlled and utilized strictly according to defined business requirements.
The position plays a critical role within the Cyber Defence function and requires close collaboration with teams across CISO, CIO, and external third-party partners. The successful candidate will possess strong communication skills, particularly in written communication.
This role requires expertise in implementing and maintaining enterprise PAM solutions such as CyberArk, along with experience managing cloud identities across multiple cloud service providers.
The ideal candidate will have a strong understanding of both traditional IT infrastructure and modern cloud technologies.
The role offers flexible working arrangements with remote working options, along with occasional office attendance for team collaboration and meetings. Since Privileged Access Management operates as a 247 service, the role will also involve periodic out-of-hours standby technical support.
Key Responsibilities
- Design, develop, and implement PAM solutions for privileged account lifecycle management, session monitoring, and compliance.
- Configure and customize CyberArk components including Safes, Platforms, CPM policies, PSM connectors, workflows, and plugins for enterprise integration.
- Enhance and scale the CyberArk environment through automation and standardization.
- Integrate CyberArk Privilege Cloud with enterprise applications, directories, and hybrid cloud services.
- Create and maintain technical documentation including architecture diagrams, configuration standards, onboarding documentation, and integration specifications.
- Monitor, troubleshoot, and resolve CyberArk platform issues such as CPM failures, PSM errors, authentication issues, and plugin/platform errors.
- Work closely with internal teams and third-party vendors to address security risks, compliance requirements, audits, and incident response.
- Contribute to the overall PAM strategy and roadmap, including initiatives around Privilege Cloud, Secrets Management, and cloud-based PAM adoption.
Regulatory Requirements
The role requires adherence to relevant regulatory frameworks and industry standards including:
- Industry best practice security standards
- Data Protection and compliance frameworks such as General Data Protection Regulation (GDPR) and Payment Card Industry Data Security Standard (PCI-DSS)
- Regulatory requirements including NI52-109 and Financial Conduct Authority (FCA) guidelines
Functional / Technical Skills
- Configure CyberArk components including CPM, PSM, PSMP, Cloud Connectors, and platform plug-ins.
- Onboard and manage privileged accounts across servers, databases, network devices, and enterprise applications.
- Maintain CPM policies, manage password lifecycle, and configure PSM connectors with session recording capabilities.
- Integrate CyberArk with enterprise systems including Active Directory / Entra ID, LDAP, MFA solutions, SIEM platforms, and ITSM tools.
- Automate operational tasks using REST APIs and PowerShell scripting.
- Troubleshoot CyberArk platform components including CPM, PSM, and PVWA.
- Manage safes, access control policies, dual-control workflows, and least-privilege access models.
- Deliver end-to-end PAM implementations and maintain supporting documentation such as architecture designs, SOPs, and operational runbooks.
- Perform platform health checks, system upgrades, disaster recovery testing, security hardening, and compliance audits.
- Collaborate with security teams and vendors to support incident response and remediation activities.
- Contribute to PAM roadmap initiatives including Privilege Cloud (PCloud), Application Access Manager (AAM), and Conjur solutions.
Role Profile
A successful contributor in this role will typically demonstrate the following competencies.
Core Competencies
- Influencing Others Advanced
- Building Effective Relationships Advanced
- Making Change Happen Intermediate
- Planning and Organizing Advanced
- Decision Making and Judgement Advanced
- Leadership Intermediate
- Strong Written and Verbal Communication Advanced
- Presentation Skills Intermediate
- Ability to communicate risks and issues clearly to non-technical stakeholders
- Strong attention to detail and a proactive, positive attitude
- High motivation and interest in modern cybersecurity threats and attack techniques
Technical Competencies
- IT / Information Security Knowledge Advanced
- Infrastructure Security Advanced
- IT Risk, IT Audit, and IT Controls Intermediate
- Awareness of emerging cybersecurity technologies and trends
Experience Requirements
- Experience working within the Financial Services industry
- Preferably 3+ years of hands-on experience in cybersecurity roles, particularly with security tools and platforms
- Experience delivering threat intelligence or cybersecurity services within large enterprise environments
