Cissp jobs

Security & Access Management Governance (PAM) Lead

Job Summary

• We are looking for a highly capable Security & Access Management Governance (PAM) Lead to own and drive Privileged Access Management (PAM) and Identity & Access Management (IDAM) governance activities across NGN / CNC / Packet Core environments for both Production and Pre-Production landscapes.
• This role will act as the key security governance interface among the customer, vendors, and system integrators, ensuring secure onboarding, access control, compliance alignment, and operational readiness for network and application platforms. The ideal candidate will bring strong expertise in CyberArk PAM, access governance, telecom core infrastructure understanding, and cross-functional stakeholder management.

Role Purpose

The primary purpose of this role is to ensure secure, compliant, and operationally efficient access management practices across critical telecom core and network environments. The PAM Lead will be responsible for coordinating onboarding, readiness, access controls, service-flow dependencies, and security approvals while ensuring governance standards are maintained across all participating parties.

Key Responsibilities

1. CyberArk PAM Ownership

• Act as the primary point of ownership for CyberArk PAM onboarding, access-related issues, and enhancements across customer systems.
• Coordinate onboarding and governance of:
• Local administrator accounts
• Individual user accounts
• RDP, SSH, SFTP, and application connectors
• Ensure secure privileged account management practices are followed across environments.
• Define and enforce secure password handling practices, including:
• Avoiding password sharing over email
• Enabling secure screen-shared password entry where required
• Supporting password vaulting and access control best practices
• Work closely with technical and security teams to ensure PAM implementation aligns with policy and operational requirements.

2. IDAM Readiness and RFS Tracking

• Drive Identity & Access Management readiness for systems, users, and services.
• Track and follow up on all pending prerequisites affecting onboarding and access governance.
• Monitor and chase closure on:
• Connectivity dependencies
• Service flow enablement
• User onboarding activities
• User modification and leaver/de-provisioning processes
• Ensure readiness for RFS (Ready for Service) from an access and governance perspective.

3. Connectivity and Service Flow Management

• Identify systems and services that are not reachable from CyberArk or associated secure access components.
• Coordinate with vendors, network teams, and relevant stakeholders to:
• Enable required service flows
• Open necessary ports
• Validate end-to-end secure connectivity
• Maintain and govern Production and Pre-Production connectivity matrices, trackers, and supporting evidence sheets.
• Ensure all dependencies are documented and regularly reviewed for compliance and operational effectiveness.

4. Security Design Decisions and Approvals

• Review, evaluate, and provide recommendations on key security design decisions, including:
• TLS over RDP enablement
• SSH public key authentication
• Manual versus automatic password rotation
• Provide security governance sign-off where applicable.
• Escalate exceptions, risks, or unresolved decisions to security leadership when required.
• Ensure design decisions balance operational practicality with risk mitigation and compliance standards.

5. Stakeholder and Vendor Management

• Act as the central coordination point between Operator, Vendor, and System Integrator teams.
• Lead daily coordination activities across stakeholders through calls, meetings, and email communication.
• Drive actions, clarifications, approvals, and follow-ups to closure.
• Challenge gaps, push for accountability, and ensure agreed timelines are met.
• Support governance reviews, status reporting, and management escalations where necessary.

6. Governance, Risk, and Compliance

• Ensure privileged access and identity management activities adhere to internal security policies, standards, and governance requirements.
• Highlight risks, non-compliance issues, and operational concerns proactively.
• Maintain audit-ready records, trackers, approvals, and access governance documentation.
• Support control validation and evidence collection for internal and external audits if needed.

Required Skills and Experience

Technical Skills

1) Strong hands-on and governance-level understanding of CyberArk PAM, including:

• RDP
• SSH
• SFTP
• Connectors
• Password rotation

2) Strong understanding of Identity & Access Management (IDAM) concepts, including:

• User lifecycle management
• Joiner, mover, leaver processes
• Readiness for service onboarding

3) Good understanding of network security fundamentals, including:

• Ports
• Service flows
• Firewall access dependencies
• Familiarity with Linux, SSH, and RDP access model
• Understanding of telecom core/network environments, such as:
• CNC
• PCG
• EPC
• CLMP
• NGN / Packet Core landscapes

Professional Skills

• Strong cross-vendor and cross-functional coordination experience
• Ability to work effectively across Operator, Vendor, and SI ecosystems
• Strong security governance and risk awareness
• Excellent written and verbal communication skills
• Ability to drive discussions, challenge assumptions, clarify requirements, and ensure closure
• Strong ownership mindset with the ability to manage multiple dependencies in parallel
• Good escalation management and stakeholder handling capabilityPreferred Experience
• Prior experience in telecom, network security, or core platform governance
• Experience in Production and Pre-Production access governance environments
• Exposure to regulated or high-security enterprise landscapes
• Experience handling access governance in large, multi-vendor transformation or managed service programs

Reporting and Interfaces

• Manage reporting and governance interfaces across internal security teams, customer stakeholders, vendors, and delivery teams.
• Provide regular updates on onboarding status, connectivity blockers, pending approvals, readiness progress, and risk items.
• Work closely with operations, infrastructure, network, security, and project teams to ensure seamless execution.

Ideal Candidate Profile

The ideal candidate is a strong security governance professional with practical understanding of PAM, IDAM, telecom core environments, and access control operations. This person should be confident in leading cross-team discussions, driving action across multiple stakeholders, and ensuring secure, compliant access enablement in complex enterprise environments.

Pay: ₹5,000,000.00 - ₹6,000,000.00 per year

Work Location: Remote