IT Security PAM Administrator

Company Description

Eurofins Scientific is an international life sciences company, providing a unique range of analytical testing services to clients across multiple industries, to make life and our environment safer, healthier and more sustainable. From the food you eat, to the water you drink, to the medicines you rely on, Eurofins laboratories work with the biggest companies in the world to ensure the products they supply are safe, their ingredients are authentic, and labelling is accurate.

The Eurofins network of companies is the global leader in food, environment, pharmaceutical and cosmetic product testing and in agro-science Contract Research Organization services. It is one of the market leaders in certain testing and laboratory services for genomics, discovery pharmacology, forensics, advanced material sciences and in the support of clinical studies, as well as having an emerging global presence in Contract Development and Manufacturing Organizations. It also has a rapidly developing presence in highly specialized and molecular clinical diagnostic testing and in-vitro diagnostic products.

In over 30 years, Eurofins has grown from one laboratory in Nantes, France to 58,000 staff across a decentralized and entrepreneurial network of 900 laboratories in over 54 countries. Eurofins companies offer a portfolio of over 200,000 analytical methods to evaluate the safety, identity, composition, authenticity, origin, traceability and purity of biological substances and products.

In 2021, Eurofins generated total revenues of EUR 6.72 billion, and has been among the best performing stocks in Europe over the past 20 years.

Job Description

In this role, you will be responsible for supporting the Privileged Access Management (PAM) services while adhering to Eurofins standards and best practices for the entire environment (On-Prem and Cloud).

It is essential for you to be able to take up challenges, adapt to the business needs, and staying focused on delivering results, as well as act as a strong technical leader. Therefore, you will be expected to provide out of business support hours from time to time, and on short notice, as and when required (e.g., troubleshooting and resolving production issues, or carry out essential maintenance activities).

You will work closely with business and IT stakeholders to develop and perform stronger governance of PAM & IAM processes, engage in risk-based security assessments, and assist in remediation efforts.

Other responsibilities will include:

• Responsible for creating, maintaining, and monitoring the policies on PAM solutions
• Ability to document and define PAM target state processes and gather business requirements
• Support security-related assessments and configurations for PAM platforms and provide a recommendation of the best practices for implementation
• Develop and report risk metrics (KPIs/KRIs) as well periodic scorecards consumed by management for the PAM program
• Keep pace with emerging IAM and PAM technology, cyber threats, and industry trends around cybersecurity
• Establishes and refines procedures and other business processes to detect errors and inconsistencies in privileges
• Support detailed reporting and root cause analysis with various internal technology teams
• Build relationships and serve as a liaison between system/application owners and the internal technology team for governance and security-specific initiatives

Qualifications

Requirements:

• University degree in a Computer Science or relevant field, ideally with CISSP, CCSK/CCSP or CISM Certifications or relevant work experience.

• Advanced English

1+ years of relevant PAM experience in:

• Design, build, and operations of PAM solutions and experience integrating PAM solutions with infrastructure and applications: BeyondTrust, CyberArk, Observe IT, Arcos or other PAM technologies.

• IAM/PAM Standards and common best practices including Authentication, Authorization, role-based access controls and PAM Governance and Administration

• Privileged Access Management processes:
• • Privileged access controls
  • Role Base Access Control and/or Attribute and Policy-based Access Control
  • Managed credentials and systems
  • ITSM integration
  • Manage Applications Credentials
  • User Access Policy Management
  • Break Glass procedures

1+ years of general IT Infrastructure experience in but not limited to:

• Windows Active Directory, UNIX, Linux & SSH key management
• Network hardware configuration and password management options (SSH, ACS, LDAP)
• Microsoft SQL Databases
• Authentication methods and techniques (LDAP/AD, others)

Desired but not required:

• Knowledge of SAML, Header-Based authentication, SCIM, FIDO, OAuth, Open ID connect and REST concepts
• Understanding of the information security domains
• Experience with different services, technologies within cloud environments like AWS, Azure, GCP
• Ability to perform a risk assessment and security threat modelling exercises with technology engineering teams