Information Security PAM Analyst

Supporting millions of Aussies since 1988 with low fees and competitive long-term performance. Profits back to members, not shareholders

Please note Rest does not accept speculative resumes from recruitment agencies

Rest will review applications prior to the closing date and may close the role earlier

Job Description

• Experienced Privileged Access Management IAM security specialist required
• Permanent Position
• Hybrid work environment

Established in 1988, Rest is one of Australia's largest profit-to-member superannuation funds.

We support nearly two million members, with around $86 billion of funds under management and are recognised as a responsible investment leader*. We believe when members understand and engage with their super, they're more likely to get a better retirement outcome.

Everything we do at Rest is underpinned by our values and behaviours, we want to Be Daring, Keep it Simple, Take Action and Have Grit. To put it simply we want our people to thrive and love the work they do.

Primary Role Purpose

As an Information Security Identity PAM Analyst/ Engineer, you will play a critical role in designing, implementing, and managing Privilege Identity Access Management solutions across the Rest environment. Your primary focus will be on deploying and maintaining CyberArk Privileged Cloud solution to secure privileged access throughout the enterprise.

Key Accountabilities/Responsibilities

• Design, implement, and manage CyberArk Privileged Cloud solution to secure privileged accounts and sensitive credentials across the enterprise.
• Lead the installation, configuration, and maintenance of CyberArk privileged Cloud components including Vault, PAS, PVWA, CPM, PSM, and PTA.
• Monitor and maintain daily operations of PAM systems to ensure high availability, optimal performance, and robust security of privileged access.
• Oversee the full lifecycle management of privileged accounts—provisioning, deprovisioning, credential rotation, and auditing—across platforms such as CyberArk Privilege Cloud, Microsoft Entra ID, and SailPoint Identity Security Cloud (ISC).
• Conduct regular privileged access reviews, ensuring strict adherence to the principle of least privilege and compliance requirements.
• Investigate and respond to security incidents or anomalies related to privileged access, working closely with the incident response team for swift resolution and root cause analysis.
• 3 | Position Description
• Partner with IT and application teams to integrate PAM solutions seamlessly with critical enterprise systems and tools.
• Develop and enforce policies governing privileged access in line with security frameworks and compliance standards.
• Manage patching, upgrades, and troubleshooting of all CyberArk components, ensuring a secure and stable environment.
• Provide technical expertise, guidance, and training to internal teams and end-users on best practices in identity and access management.
• Perform regular audits and generate detailed reports on privileged account usage, policy violations, and compliance status.
• Identify and resolve issues related to authentication, access controls, and application integration within the broader identity ecosystem.
• Maintain comprehensive documentation of configurations, processes, and operational best practices across all supported identity platforms.

Qualifications

Qualifications

• Bachelor's degree in computer science, Information Security, or a related field.
• Professional certifications such as CISSP, CISM, or equivalent are highly desirable.
• Minimum of 4 years of experience in a similar role, with a strong focus on Privileged Access Management (PAM) engineering and operational support.

Preferred Certifications

• CyberArk Certified Delivery Engineer (CDE)

Required experience, understanding or credentials including:

• Hands-on experience implementing CyberArk Privilege Cloud solutions, including Core PAS, Endpoint Privilege Manager (EPM), Conjur, and Secure Infrastructure Access (SIA).
• Proven expertise in integrating CyberArk with Active Directory, major cloud platforms (AWS, Azure, GCP), and DevOps tools for seamless privileged access management.
• Experience with Microsoft Windows Server, Solaris, and Red Hat Enterprise Linux environments,
• PowerShell scripting and API integration for automating administrative tasks and streamlining system operations.
• Solid experience with Multi-Factor Authentication (MFA) and Single Sign-On (SSO) technologies.
• Familiarity with SIEM & ServiceNow integration to enhance security monitoring and incident response.
• Strong infrastructure background, preferably within AWS, Azure, or GCP environments.
• Foundational knowledge of network architecture, including firewalls, DNS, whitelisting, and general networking principles.
• Excellent communication skills, with the ability to explain complex architectural concepts and technical issues to both business and technical audiences.
• Strong analytical and problem-solving abilities, capable of translating intricate requirements into effective PAM solutions that drive business value.

Additional Information

Our benefits have been designed so you can tailor your experience with us and include:

• Personal and professional development opportunities
• Hybrid working
• Purchase leave scheme and gender neutral 16 weeks paid parental leave
• Super Contribution Continuation for 12 Months of parental leave
• Linkedin Learning
• Income Protection Insurance
• Rest Excellence awards (peer recognition awards based on Rest's values and behaviours)
• Rest Stops - meeting free breaks

If you share our values, believe you can help make a difference for our members and want to be part of a leading superannuation fund with a
Super
culture, please click Apply Now.

Rest is committed to creating a flexible work environment and culture that embraces diversity, equity, and inclusion - where people feel welcome, safe to be themselves and inspired to do their best.

We value the different backgrounds, lived experiences and abilities our diverse team brings. We welcome and encourage applications from candidates of all ages, cultural backgrounds, faiths, gender identities, sexual orientations and thinking styles. This includes people with disability, neurodiverse individuals, Aboriginal & Torres Strait Islander peoples and those with disrupted work history due to career or other breaks.

Please note only people with the right to work in Australia will be considered.

*Funds under management as at 30 June 2024. Rest is recognised as a
Responsible Investment Leader
by the Responsible Investment Association Australia (RIAA) in its Responsible Investment Benchmark Report 2022.