CyberArk PAM-Manager / AVP

Job Description :

• Ensure ISO27002 aligned risk controls are covered, including but not limited to Cyber Security and PAM (e.g. CyberArk) Policies & Standards
• Ensure MUFG EMEA operates under comprehensive and relevant Cyber Security policies and standards with appropriate staff awareness, compliance monitoring and reporting.
• Monitor and proactively manage Cyber Security toolset that includes Privileged Access Management (e.g. CyberArk).
  • Ensure adequate technical safeguards are in place and are being actively managed by the support teams to provide appropriate protection to MUFG's information assets across various environments such as: Windows & Unix operating systems
  • Databases (Oracle, SQL, Sybase, etc.)
  • Networks & its components
  • Middleware systems
  • Cloud & its various services (IaaS, PaaS, SaaS)
    
    
• Conduct CyberArk reviews for existing and new, in-house and 3rd party systems to ensure these are consistent with policy requirements and MUFG's risk appetite.
• Be seen as the CyberArk / PAM centre of excellence for MUFG EMEA and ensure MUFG adopts an appropriate and professional response on any PAM issues raised by the organisation's business activities
• Liaise with IT teams to ensure CyberArk / PAM alerts, threats and vulnerabilities across the IT estate are highlighted, managed and mitigated within appropriate timescales
• Liaise with Technology and Business teams as necessary to ensure all MUFG systems meet CyberArk / PAM standards and/or agree appropriate measures to mitigate the risk where they don't.
• Maintain an up to date, working knowledge of current laws, regulations and best practices relating to Privileged Access Management.
• Support with CyberArk incidents, DR and other testing activities.
• Support Operational Risk management & Operational Security duties where requested.
• Support MUFG EMEA PAM & Cyber Security risk profile and associated operational risk reporting.
• Support Audit & Regulatory liaison and ensure consistent and timely answers to information requests.
• Support any issues and remedial actions resulting from incidents and audits within agreed timelines.
• Provide PAM / CyberArk awareness and/or training to MUFG staff as necessary.

• Degree or equivalent in IT related discipline with some programming knowledge or understanding.
• Strong Privilege Access Management, Information or Cyber Security Operations/Engineering background with over 4 to 8 years of experience.
• Strong ability to implement security solutions that enable business activity rather than close opportunities.
• Strong ability to analyse and distill complex issues and present succinct updates to management.
• Strong knowledge of cyber security frameworks, standards, and regulations such as ISO27001, NIST, CIS, GDPR, etc.
• Active involvement in internal and external audits and experience of managing Audit relationships.
• Excellent communication and interpersonal skills
• A structured, logical and proactive approach to work
• Results driven, with a strong sense of accountability
• The ability to operate with urgency and prioritise work accordingly
• A calm approach, with the ability to perform well in a pressurised environment
• Strong decision making skills and the ability to demonstrate sound judgement
• Comfortable in taking ownership of workstreams and seeing them through to completion
• Self-awareness and confidence to challenge business requirements and deliver difficult messages
• Passion for PAM and a proactive approach to identifying and mitigating risks
• Commitment to continuous learning and improvement in the rapidly evolving field
• Understanding typical Enterprise Change Management processes
• PSM connector customisation is strongly preferred
• Extensive experience with digital password vaulting solutions