The AVP, Active Directory and Privileged Account Management Administration is responsible for the day to day technical management and protection of Cathay Bank’s Active Directory and Azure AD, and the management and enforcement of Privileged Account Management (PAM) technical platform and the enforcement of PAM controls and policies, their technical integration to the bank’s enterprise network / directory environment(s) and applications for identification, authentication, and authorization purposes. This role is responsible for the technical enforcement of our IAM policy ensuring automated and auditable compliance on all relevant IAM controls.
ESSENTIAL FUNCTIONS
• Manage Cathay Bank’s Active Directory domains (on-premises and cloud-based), ensuring proper and sustained hygiene, privilege auditing and reviews, as well as assurance of the environment’s security, integrity, and compliance to IAM and Security Policy.
• Manage Cathay Bank’s PAM technical platform and enforce PAM technical solution, principles, policy, and controls as part of a fully managed privileged account lifecycle in close collaboration with the Digital Identity Administration team.
• Monitor platforms’ availability, capacity, changes, performance and compliance to our IAM policy and security program and its enforcement on the management of identity lifecycle and application/asset access management.
• Collaborate with Managed Service Providers (MSP) towards the delivery of expert services (application onboarding, connector development, platform evolution) guaranteeing satisfaction of service level agreements and overall continuous improvement.
• Support the technical integration-onboarding of our application portfolio (on premise and cloud) to our IAM platforms enabling automation-driven enforcement of IAM policy, controls and solutions – SSO, Identity Federation, Multifactor Authentication, Access Reviews/Attestations, etc.
• Provide timely engineering support and guidance to our Digital Identity Administration, IAM Platform Administration and Access, and overall IT Application Management teams to ensure timely incident and problem resolution, secure protocol(s) / cipher(s) support and continuous environment integration.
• Ensure efficient handing of logs and audit trails supporting compliance verification, event evidencing, and overall security operations efforts.
• Support the development of information security processes and procedures as they apply to Bank informational assets, networks and equipment.
• Drive performance and compliance data / metrics analysis related to the bank’s identity and access management program, policy, and standards providing periodic operational / compliance / risk KPIs associated to overall platform performance and IAM compliance baseline.
• Participates in efforts to remediate audit and regulatory findings and recommendations related to identity and access management.
QUALIFICATIONS
Education:
• Bachelor’s degree in information technology engineering with 5+ years of relevant experience.
• Proven familiarity (certification preferred) with IT Security, Risk Management and Identity and Access Management principles and practices (CISSP, CISM, CIAM).
• Relevant product certifications preferred (Microsoft Active Directory, Microsoft Azure, CyberArk, Delinea, etc.)
Experience:
• Strong hands-on experience of Active Directory and Azure AD, environment operations and service delivery, administration and tracking of group policy objects, integrations / segmentations (mergers, acquisitions, divestments), etc.
• Strong hands-on experience working with PAM technical platforms (Delinea, CyberArk…), protection of secrets and credentials, and connected management of privileged accounts.
• Holistic view of end-to-end IAM (authentication and authorization data, endpoint security, network security, policy engine) and solid understanding of IAM/IGA technologies and concepts,
• Proven ability to collaborate with peer technical teams and manage third-party service providers.
Skills/Ability:
• Strong ability to collaborate, participate and lead groups and projects.
• Strong analytical and problem-solving skills.
• Proven ability to effectively manage concurrent requests and objectives.
• Comfortable working and collaborating with key stakeholders, peers, clients, and partners.
• Assist efforts around requirement definitions, learning new concepts, and producing clear and accurate documentation.
• Demonstrate agility accepting and delivering assignments with high quality solutions.
• Proven track record of building strong relationships across business functions.
• Excellent verbal and written communication and presentation skills with the ability to adjust presentation details based on target audience.
• Extensive knowledge and experience in regulatory guidance, most importantly from the FDIC, CFPB, and FFIEC requirements and supporting guidelines.
• Strong Microsoft Excel, PowerPoint, and report writing skills, including the ability to evaluate the usefulness of data and use if in meaningful communication.