Information Security Analyst I

Get Referred

Job Description

Why American Express?
There’s a difference between having a job and making a difference.
American Express is entering into a technology transformation phase driven by opportunities to modernize legacy platforms, and explore modern software to be on the leading edge of the payments industry. American Express is looking for strong leaders to be part of high performing teams that will build and support our next generation platforms. If you have the talent and passion to drive innovation and deliver at a rapid pace, with deep hands on experience in areas of real-time, highly available, cloud-native application development, join our engineering teams to transform our systems. 
Your primary responsibility is to lead the development of our next generation distributed platform, aligning resources and delivery with business growth and diversification, while significantly improving service quality and cost-effectiveness. We expect the individual to be innovative and energetic with strong communications skills. 



Role Objective:


Operate, administer, manage & enhance Privileged Access Management (PAM) solutions & services for American Express (AXP) enterprise business.

Organizational context:


The Privileged Access Management Operations team is part of the AXP enterprise Identity & Access Management service portfolio within the broader IT Security organization. The team is engaged in providing best-in-class PAM services to the entire AXP organization.




Role Expectations:


As part of the PAM operations team, you will be required to:


  • Ensure availability of PAM services as per stated SLAs

  • Responsible for responding to service interruptions and outages and restoration of service as per committed service agreements.

  • Administer & manage appointed PAM solutions and all underlying components including but not limited to, enterprise password vault, session brokering & management, application password vault and integrations with SIEM & system monitoring tools.

  • Own and be responsible for Incident, Service Request and problem management within the PAM service span.

  • Participate in all key activities related to service availability & continuity including DR exercises

  • Ensure PAM service meets all service parameters and KPIs.

  • Regular reporting of PAM service SLAs & KPIs and adherence to associated targets.

  • Closely collaborate with PAM architecture & engineering team on enhancements, new service functionalities & components.

  • Lead the operationalization of new service offerings, components & integrations.

  • Ensure that the PAM service, solutions & implementations are in complete adherence to AXP & regulatory controls and audit requirements (PCI DSS, SOX etc)

  • Work closely with other associated functional areas both within and outside IAM organization to ensure seamless PAM service delivery.

  • Propose, lead & drive initiatives that positively contributes to the overall IAM service portfolio & roadmap.


  • BE/MCA/M Tech/B Tech graduate with 4-7 years of overall IT experience with minimum 3 years of experience in administration & operation of large-scale implementation of industry-leading enterprise PAM solutions preferably CyberArk (CorePAS/EPM/AIM) and BeyondTrust (Power Broker for Unix & Windows)

  • Hands-on experience in handling PAM service operations, incident & problem management in large-scale & geographically disparate environments.

  • Deep technical knowledge & competence in all aspects of privileged access management including password vaults, session brokering & management, application privilege identity & access management, integration with SIEM, HSM and service monitoring tools, discovery & management of end-points and privileged accounts

  • Hands-on experience in creating and modifying account/credential/end point policies and integrating OOB and custom platforms

  • Hands-on experience in writing/developing PowerBroker policy scripts

  • Deep understanding of person & non-person identities & their management in Windows, Unix & Mainframe platforms.

  • Good command over Windows, Unix, Mainframe system administration

  • Good understanding of Directory structure, attribute/schema and PAM integration with Active Directory, RedHat, LDAP based directory services

  • Good overall understanding of enterprise identity management, access management & MFA services besides PAM.

  • Hands-on experience in large-scale implementation & upgrade of PAM solutions (preferred)

  • Good understanding of regulatory standards including PCI DSS, SOX, NIST etc. (preferred)

  • Experience in BFSI & Retail industry (preferred)

  • Other key competences:

    • Agile Practices & SDLC Methodologies and Practices

    • System/Platform Domain Knowledge including Systems Integration

    • Testing Functional

    • Application Support

    • Requirements Gathering and analysis

    • Adaptive Communication

    • Analytical Thinking

    • Problem Solving

    • Technology Industry Trends

    • Adaptability, collaboration & Teamwork

    • Continuous Improvement & Learning Agility

    • Open Communication

ReqID: 19017956
Schedule (Full-Time/Part-Time): Full-time
Date Posted: Oct 2, 2019, 10:52:16 PM