Deloitte delivers long term value to clients by providing industry leading risk management solutions to assist clients in managing key risk domains including Cyber, Forensic, Strategic and Financial Risk. Deloitte’s solutions enable leading global organizations to focus on their core competencies and mission-critical challenges, while maximizing the power of risk management to protect and grow their businesses. Deloitte is focused on building, delivering, and managing large-scale solutions to establish long-term relationships where Deloitte’s solutions continue to grow and evolve with the rapidly changing market needs to drive differentiated results and insight to help our clients more cost effectively manage their business.

Work you will do

The PAM Operate manager will be responsible for building, monitoring and managing the Privilege Access Management Technology Platform and related processes.

The key job responsibilities include

• Serve as technical specialist for the Privileged access management (PAM) solution.
• Monitor the environment and automated alerts to ensure the services are up and running.
• Build and configure script for custom monitoring of PAM solution.
• Perform safe creation, platform creation, access provisioning.
• Analyze password change & verification failure and put appropriate fix to resolve the problem.
• Co-ordinate with application and infrastructure team for manual password management or fixes in password policy.
• Analyze inventory and gather evidence to support certification activity.
• Co-ordinate with audit team to apply fixes based on certification activity outcome.
• Configure PAM environment in production and Disaster Recovery (DR) environments on cloud or on premise with the help of infrastructure team.
• Emergency support in providing technical resolution on high severity incidents in production environment.
• Lead major incidents calls and perform troubleshooting and restore services to normalcy.
• Perform root-cause analysis for high severity issues and provide permanent resolution.
• Perform gap analysis, provide the resolution for recurring/reported issues and plan evolution roadmap directly with client stakeholders.
• Coordinate with client / client teams at onsite / globally, discuss issues and resolutions. Identify the risks and mitigation plan. Timely escalation of issues to avoid business disruption.
• Work with product vendors to discuss product defects and releases, manage patches / hotfix rollouts.
• Knowledge of ITIL processes (incident management, service request management, change management, problem management).
• Participate in continuous improvement initiatives, identify ways to improve client delivery by introducing technological innovations or processes re-engineering to increase efficiencies of the team.
• Reviews and ensures compliance of technical documents including operating instruction manuals, system and configurations documentation, work instructions / runbooks, processes, standards and procedures, RACLI & know issue document.

The Team

The Cyber Services team delivers fully managed cyber capabilities that bring together market-tested technologies, leading practices, and pre-built use cases to accelerate time to value and improve operational resilience.

Key Cyber Managed Services technical capabilities delivered by the team

• Managed cyber operations and service delivery across multiple cybersecurity domains
• Security monitoring, operational support, and continuous service improvement
• Cyber risk management support, remediation coordination, and reporting
• Cyber program operations, platform support, and modernization to improve resilience and service performance

Qualifications and Experience Required:

Required:

• 10+ years of progressive experience in Privileged Access Management service delivery, including at least 5 years in a lead or delivery management capacity overseeing enterprise-scale implementations
• Minimum 5 years managing CyberArk engagements in environments with 10,000+ privileged accounts; experience spanning full lifecycle — design, deployment, operations, and client governance
• Active CDE-CPC or CDE-PAM CyberArk certification required at time of hire
• Hands-on, production-level experience with a minimum of 6 of the following CyberArk components: Session Manager, Privileged Threat Analytics, Application Identity Manager (AIM), Endpoint Privilege Manager (EPM), Viewfinity, PACLI, Password Upload Utility, Conjur, CyberArk Privilege Cloud (PCloud), Secure Cloud Access (SCA), Secure Infrastructure Access (SIA), and Secrets Hub
• Demonstrated experience translating business and compliance requirements into PAM architecture decisions; has led or supported at least 3 client-facing requirements workshops or discovery engagements
• Proven ability to design custom integration solutions for PAM, including at least 2 documented instances of scoping and delivering non-standard or customized integrations in client environments
• 3+ years deploying and managing PAM solutions on cloud platforms (AWS, Azure, or GCP); AWS experience is required, including IAM, EC2, Secrets Manager, and VPC-level configuration in the context of PAM workloads
• Hands-on development experience building PSM connectors using AutoIT scripts and CPM plugins; able to demonstrate or describe at least 2 connectors built or significantly modified in production environments
• Experience designing, documenting, or executing PAM Disaster Recovery runbooks, including participation in at least 1 DR test or failover exercise in a production or production-equivalent environment
• 3+ years operating within an ITIL-aligned service delivery model across Incident, Change, and Problem Management disciplines; ITIL Foundation certification preferred
• Demonstrated experience managing SLA/OLA frameworks in a managed services or outsourced delivery context, including defining metrics, producing recurring client reports, and driving performance reviews via ITSM platforms such as ServiceNow or BMC Remedy
• Working knowledge of relevant security and privacy control frameworks (e.g., NIST 800-53, CIS Controls, ISO 27001) as they apply to privileged access governance and audit readiness
• Proven experience in leading major incident troubleshooting and root cause analysis

Preferred:

• Understanding of DevOps, Virtualization and IT Infrastructure, Network Protocols (SSL, SSH, FTP, SMTP, HTTP and

HTTPS etc.)

• Ability to create, plan, and execute advanced IAM trainings and independently drive proof of concepts involving emerging IAM technologies.
• One or more certifications like CISSP, IAM Product certifications – CyberArk
• Exposure to other security domains.
• Experience in querying monitoring tools like Newrelic, Crible, Elastic etc.
• Excellent verbal and written communication skills
• Flexibility to work outside business hours for handing the business-critical

The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions, including but not limited to skill sets, experience and training, licensure and certifications, and other business and organizational needs. At Deloitte, it is not typical for an individual to be hired at or near the top of the range for their role. Compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is $130,800 - 241,000.

Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities. Learn more.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.