IT Security Engineer

SailPoint, the industry leader in Identity Security, is looking for an Identity professional to contribute to our company’s internal corporate Identity program. The Privileged Access Management Engineer will be a key team member in our growing and impactful organization as SailPoint continues to scale globally as the industry leader in Identity Governance. This position will report to the Manager of Identity & Access Management (IAM) and will support SailPoint’s internal Privileged Access Management (PAM) and Endpoint Privilege Management (EPM) systems and operations.

As the Privileged Access Management Engineer, you will be responsible for the design, installation, operation and maintenance of the Privileged Access Management (PAM), Endpoint Privilege Management (EPM) and Privileged Password Management (PPM) infrastructure(s) and capabilities. You will analyze, develop and build processes and technology to ensure the comprehensive and timely delivery of PAM, EPM and PPM services. Expect to work in cross-functional teams across IT, Cybersecurity, DevOps & Desktop Engineering, Support, Professional Services, and Corporate Compliance in support of the PAM Program. Come make your mark in a high energy environment at one of the most consistently highest rated “best places to work” in Austin over the past 10 years!

Job Responsibilities

• Design, build, configure and deploy SailPoint’s PAM, EPM and PPM solution(s), including accounts management, access policies, SSH & API key management, secrets management, endpoint privilege management and reporting.
• Conduct analysis, generate designs & procedures, work closely with stakeholders to define use-cases, keep & maintain inventories, and develop comprehensive documentation & diagrams.
• Integrate SailPoint’s PAM / EPM / PPM solutions with other core enterprise technologies, such as ServiceNow, VMWare. SailPoint and other IDM systems.
• Support PAM / EPM / PPM infrastructure operations, including troubleshooting user issues, implementing changes and performing system administration & maintenance.
• Monitor and respond to any capacity and/or performance needs, including rotational on-call support for the PAM / EPM / PPM infrastructure.
• Provide regular reports to leadership regarding security, data governance, capacity, performance, usage and licensing.
• Lead projects, provide security consultation(s), and develop detailed project plans for various projects & phases (PoC, Pilot, Production rollouts).
• Deploy software clients on workstations, servers & Macs.
• Recommend and implement modifications that will enhance system usability & reliability while analyzing all aspects of the existing infrastructure.
• Proactively establish and grow a broad collaboration with business analysts, app / system owners, architects and engineers focusing on strategy, proliferation of automation & integrations, as well as defining / building and refining enterprise services & capabilities.
• Provide training on changes to user experience (UX), document support procedures, and analyze user feedback in order to minimize impacts to the business.
• Devise, develop and implement SOPs, SLAs and supporting workflows and approval criteria.
• Collect, analyze and decipher customer metrics & event data in order to provide meaningful recommendations to improve current policy configurations, and improvements to the UX.

Essential Skills

• Bachelor’s degree in Information Security, Computer Science, Engineering, or equivalent experience in an enterprise setting.
• 4+ years of experience using, installing, and administering PAM, EPM and PPM solutions such as CyberArk, Delinea and BeyondTrust.
• Solid understanding of PAM, EPM & PPM concepts, associated controls, terminology & technology.

• Experience administering and integrating tier zero identity infrastructure that provides AAA services such as MS Active Directory, Azure Active Directory, and RSA.
• Experience with ISO27001, SOC2, NIST, or similar compliance frameworks preferred
• Experience managing compliance projects and effectively collaborating with stakeholders and partners
• Good knowledge / understanding of Active Directory, GPO, JAMF, Azure Active Directory, and other cloud platforms such as AWS and GCP.
• Experience with developing automated solutions using PowerShell for Windows and BASH for Unix / Linux.
• Strong customer service and interpersonal skills.
• Good knowledge of managing infrastructure & endpoints in an enterprise setting.
• Must be a team player and analytical thinker, with robust troubleshooting skills and a creative problem-solving approach.
• Must be able to work with stakeholders & end-users who are located across the globe.
• Ability to work independently, present and describe highly technical topics in a non-technical manner and effectively communicate with / educate business stakeholders at all levels, from individual contributors to C-level executives.
• Ability to produce and maintain detailed technical documentation, business processes and training material.
• Basic understanding of QA methodology including usability testing, performance testing, automated testing, test scripts, test cases and test plans.
• Familiarity with continuous delivery model and agile development processes.
• Must be flexible, willing to undertake a wide variety of new and challenging tasks all while

driving results.

Preferred Skills

• Significant experience working within a large enterprise, with responsibility for administering & supporting the technology and processes in the PAM, EPM and PPM domains; ideally, within the software vertical.
• Significant knowledge / experience designing, implementing, managing, and supporting BeyondTrust PASM, PEDM and remote access solutions.
• Experience building, managing & maintaining ISO27001, SOC2, FedRAMP & SOX environments.
• Strong development (SDLC-based) & QA experiences with upgrading MAC OS, using Homebrew & other UI tools such as Microk8s, Keka, VirtualBox, etc.
• 4+ years of experience with APIs and scripting languages (e.g. JavaScript, Python, etc.).
• Experience with JSON, XML, SOAP and REST web-services

SailPoint is an equal opportunity employer and we welcome all qualified candidates to apply to join our team.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by applicable law.  

Alternative methods of applying for employment are available to individuals unable to submit an application through this site because of a disability. Contact [email protected] or mail to 11120 Four Points Dr, Suite 100, Austin, TX 78726, to discuss reasonable accommodations.  NOTE: Any unsolicited resumes sent by candidates or agencies to this email will not be considered for current openings at SailPoint.