Senior PAM Engineer
Date: Nov 8, 2024
Location: US-NJ-Bridgewater, New Jersey, US
Company: Bausch Health
Join a team! We are a global diversified pharmaceutical company enriching lives through our relentless drive to deliver better health outcomes. We develop, manufacture and market a range of products, primarily in gastroenterology, hepatology, neurology, dermatology, medical aesthetic devices, international pharmaceuticals. Our 7,000 employees share a common goal and values, propelling us to provide essential care to millions of people globally. We seek dedicated individuals who share our sense of urgency, unity, and excellence.
We are looking for a trustworthy and respectful individual who consistently does the right thing. Someone who is imaginative and proactive, with a keen eye for what is possible. A perceptive and adaptive person who is action oriented. We need a disciplined, focused, and accountable team member. If you embody these values, come join our company and help us shape the future.
We are all in it together to make a difference. Be a part of a culture that doesn't just wait for change but actively creates it—where your skills and values drive our collective progress and impact.
The Senior Privileged Access Management (PAM) Engineer is responsible for the strategic design, implementation, and oversight of the organization's Privileged Access Management infrastructure. This role focuses on driving the PAM strategy, leading cross-functional teams, and making key decisions to enhance the security posture of the enterprise. The Senior PAM Engineer acts as a thought leader and decision-maker within the IT security organization, ensuring alignment between PAM initiatives and overall business goals. The Senior PAM Engineer focuses on PAM functions and integrations to enable access for IT systems and serves as L3/L4 escalation support to operations teams.
Key Responsibilities -
Strategic PAM Leadership
- Guide the long-term PAM strategy and design in alignment with security and business goals.
- Function as the engineering technical contact for the corporate PAM tool.
- Identify and fix misaligned permissions for vaulted credentials, including managing access reviews.
- Implement and maintain integrations between the PAM tool and external systems for remote access and credential rotation.
- Stay informed about relevant CVEs, update the PAM tool, and perform necessary patches and upgrades.
Cross-Functional Collaboration and Leadership
- Offers technical guidance and support to the IT Security team for investigations, incident responses, and blue team activities.
- Works with senior leaders in IT, security, and business units to incorporate PAM solutions into wider security and IT strategies.
- Cooperates with operational support teams to resolve recurring issues and reviews documentation to ensure PAM program effectiveness.
Oversight and Governance
- Acts as the main contact for the global audit and compliance team to ensure PAM security and data retention functions comply with corporate and third-party audit standards.
- Tasked with providing reports, health checks, and operational plans to achieve the necessary improvements for maintaining robust security measures.
- Applies technical and environmental expertise to promote secure, risk-informed practices, making decisions within broadly defined security guidelines and policies.
Experience Requirements -
- A bachelor’s degree in information systems, Computer Science, or a related discipline.
- A minimum of 7 years of experience in Information Technology with a minimum of 5 years in Information Security.
- Comprehensive understanding of Identity and Access Management lifecycle, principles, and technologies.
- Extensive expertise in deploying and managing PAM technologies like CyberArk, Delinea, or BeyondTrust in intricate global settings.
- Strong proficiency in managing and troubleshooting Windows and Linux servers.
- Solid knowledge of Remote Desktop (RDP) and Secure Shell (SSH).
- Adept with PowerShell, JSON, REST APIs, and API authentication methods.
- Working familiarity with Active Directory and Entra ID, particularly regarding password management and domain replication.
- Fundamental understanding of authentication protocols, including SAML, OAuth, and LDAP.
- Exceptional research, analytical, and critical thinking abilities.
- Strong leadership skills that promote a culture of security excellence.
- Effective interpersonal and group communication capabilities, including negotiation, influence, presentations, motivational, change management, and instructional skills.
Benefits package includes a Comprehensive Medical (includes Prescription Drug), Dental, Vision, Health Savings Account with company contribution, Flexible Spending Accounts, 401(k) matching, discretionary time off, paid sick time, tuition reimbursement, parental leave, short-term disability, long-term disability, life insurance, accidental death & dismemberment insurance, paid holidays, Employee Assistance Plan, commuter benefit, recognition awards, voluntary benefits (including Identity Theft, Student Loan and Breast Milk Shipping), employee referral bonuses and employee discounts.
#LI-hybrid
This position may be available in the following location(s): US - Bridgewater, NJ
We thank you in advance for your interest in growing and developing with our company. Kindly note that in order for all stakeholders to be successful, we do require a minimum of one year in your current role before applying to another one. Please ensure you have discussed with your current manager the intent of applying to a new role.
Any exception will have to be authorized by your HR Business Partner.
We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment regardless of race, color, religion, gender, national origin, age, sexual orientation, gender identity or expression, marital or veteran status, disability, or any other legally protected status. We are committed to building diverse teams, representative of the patients and communities we serve, and we strive to create an inclusive workplace that cultivates collaboration.
If a candidate needs a reasonable accommodation/adjustment due to physical or mental health impairment for any part of the application process, they are encouraged to send their request to humanresources@bauschhealth.com or call 908-927-1400 and let us know the nature of the request and their contact information. Please be sure to include the job requisition number.
Job Applicants should be aware of job offer scams perpetrated through the use of the Internet and social media platforms.
To learn more please read Job Offer Fraud Statement.