Role Purpose:
We are looking for a skilled PAM / IDAM Engineer to own and coordinate Privileged Access Management (PAM) and Identity & Access Management (IDAM) activities across NGN, CNC, and Packet Core environments (Production & Pre-Production). The role acts as a key security interface between internal teams, vendors, and system integrators, ensuring secure onboarding, access governance, compliance, and operational readiness of network and application platforms.
🔹 Key Responsibilities:
CyberArk PAM Ownership
* Act as the primary owner for CyberArk onboarding, access issues, and enhancements across systems
* Manage onboarding of privileged accounts including:
* Local admin accounts
* Individual user accounts
* RDP, SSH, SFTP, and application connectors
* Enforce secure password management practices and eliminate insecure password sharing methods
IDAM (Identity & Access Management)
* Drive IDAM readiness and ensure smooth onboarding/offboarding processes
* Manage user lifecycle activities (joiners, movers, leavers)
* Track and resolve access and connectivity-related issues
Connectivity & Service Flow Management
* Identify systems not reachable via CyberArk
* Coordinate with vendors to:
* Enable service flows
* Open required ports and firewall access
* Maintain connectivity matrices for Production & Pre-Production environments
Security Governance & Approvals
* Evaluate and approve:
* TLS over RDP configurations
* SSH public key authentication
* Password rotation mechanisms (manual vs automated)
* Provide security sign-offs or escalate risks to leadership
Stakeholder & Vendor Management
* Coordinate daily with operators, vendors, and system integrators
* Drive issue resolution, approvals, and follow-ups through calls and emails
* Act as a central point for security-related communication
🔹 Required Skills & Experience:
Technical Skills
* Strong hands-on experience with CyberArk PAM (RDP, SSH, SFTP, connectors, password rotation)
* Solid understanding of IDAM concepts (user lifecycle, access governance)
* Knowledge of network security fundamentals (ports, firewall rules, service flows)
* Experience with Linux, SSH, and RDP access models
* Understanding of telecom environments such as:
* NGN (Next Generation Network)
* CNC (Cloud Native Core)
* Packet Core (EPC, PCG, CLMP)