Privileged Access Management Engineer

SailPoint, the industry leader in Identity Security, is looking for an Identity professional to contribute to our company’s internal corporate Identity program. The Privileged Access Management Engineer will be a key team member in our growing and impactful organization as SailPoint continues to scale globally as the industry leader in Identity Governance. This position will report to the Manager of Identity & Access Management (IAM) and will support SailPoint’s internal Privileged Access Management (PAM) and Endpoint Privilege Management (EPM) systems and operations. As the Privileged Access Management Engineer, you will be responsible for the design, installation, operation and maintenance of the Privileged Access Management (PAM) and Endpoint Privilege Management (EPM) infrastructure(s) and capabilities. You will analyze, develop and build processes and technology to ensure the comprehensive and timely delivery of PAM and EPM services. Expect to work in cross-functional teams across IT, Cybersecurity, DevOps & Desktop Engineering, Support, Professional Services, and Corporate Compliance in support of the PAM Program. Come make your mark in a high energy environment at one of the most consistently highest rated “best places to work” in Austin over the past 10 years! Job Responsibilities Design, build, configure and deploy SailPoint’s PAM and EPM solution(s), including accounts management, access policies, SSH & API key management, secrets management, endpoint privilege management and reporting. Conduct analysis, generate designs & procedures, work closely with stakeholders to define use-cases, keep & maintain inventories, and develop comprehensive documentation & diagrams. Integrate SailPoint’s PAM / EPM solutions with other core enterprise technologies, such as ServiceNow, VMWare. SailPoint and other IDM systems. Support PAM / EPM infrastructure operations, including troubleshooting user issues, implementing changes and performing system administration & maintenance. Monitor and respond to any capacity and/or performance needs, including rotational on-call support for the PAM / EPM infrastructure. Provide regular reports to leadership regarding security, data governance, capacity, performance, usage and licensing. Lead projects, provide security consultation(s), and develop detailed project plans for various projects & phases (PoC, Pilot, Production rollouts). Deploy software clients on workstations, servers & Macs. Recommend and implement modifications that will enhance system usability & reliability while analyzing all aspects of the existing infrastructure. Proactively establish and grow a broad collaboration with business analysts, app / system owners, architects and engineers focusing on strategy, proliferation of automation & integrations, as well as defining / building and refining enterprise services & capabilities. Provide training on changes to user experience (UX), document support procedures, and analyze user feedback in order to minimize impacts to the business. Devise, develop and implement SOPs, SLAs and supporting workflows and approval criteria. Collect, analyze and decipher customer metrics & event data in order to provide meaningful recommendations to improve current policy configurations, and improvements to the UX. Essential Skills Bachelor’s degree in Information Security, Computer Science, Engineering, or equivalent experience, preferred, not required.4+ years of experience using, installing, and administering PAM & EPM solutions such as CyberArk, Thycotic and BeyondTrust.Solid understanding of PAM & EPM concepts, associated controls, terminology & technology. Experience administering and integrating tier zero identity infrastructure that provides AAA services such as MS Active Directory, Azure Active Directory, and RSA. Good knowledge / understanding of Active Directory, GPO, JAMF, Azure Active Directory, and other cloud platforms such as AWS and GCP. Experience with developing automated solutions using PowerShell for Windows and BASH for Unix / Linux. Strong customer service and interpersonal skills. Good knowledge of managing infrastructure & endpoints in an enterprise setting. Must be a team player and analytical thinker, with robust troubleshooting skills and a creative problem-solving approach. Must be able to work with stakeholders & end-users who are located across the globe. Ability to work independently, present and describe highly technical topics in a non-technical manner, and effectively communicate with / educate business stakeholders at all levels, from individual contributors to C-level executives. Ability to produce and maintain detailed technical documentation, business processes and training material. Basic understanding of QA methodology including usability testing, performance testing, automated testing, test scripts, test cases and test plans. Familiarity with continuous delivery model and agile development processes. Must be flexible, willing to undertake a wide variety of new and challenging tasks all while driving results. Preferred Skills Significant experience working within a large enterprise, with responsibility for administering & supporting the technology and processes in the PAM & EPM domains; ideally, within the software vertical. Significant knowledge / experience designing, implementing, managing, and supporting BeyondTrust PASM, PEDM and remote access solutions. Experience building, managing & maintaining ISO27001, SOC2, FedRAMP & SOX environments. Strong development (SDLC-based) & QA experiences with upgrading MAC OS, using Homebrew & other UI tools such as Microk8s, Keka, VirtualBox, etc. 4+ years of experience with APIs and scripting languages (e.g. JavaScript, Python, etc.).Experience with JSON, XML, SOAP and REST web-services.SailPoint is an equal opportunity employer and we welcome everyone to our team.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.