Moderna is a biotechnology company focused on advancing mRNA science to transform medicine. The Senior Privileged Access Management Engineer will play a key role in enhancing Moderna’s Privileged Access Management capabilities, ensuring secure and scalable access solutions while collaborating with various teams to align with industry best practices.
Responsibilities:
- Serve as the engineering subject matter expert for Moderna’s Privileged Access Management program, owning the CyberArk platform and its associated components
- Manage the configuration, administration, maintenance, and ongoing optimization of the CyberArk environment
- Collaborate with business units, application owners, and engineering teams to understand requirements and translate business needs into secure and scalable PAM solutions and technical designs
- Conduct stakeholder interviews and gather application, service, and infrastructure information to support CyberArk onboarding activities
- Define and articulate business and functional requirements based on evolving industry best practices, emerging technologies, and organizational needs
- Partner with DevOps, systems, network, cybersecurity, and infrastructure teams to ensure privileged access management standards are consistently implemented and maintained
- Perform application integration assessments and provide technical guidance on CyberArk integration approaches and options
- Lead and manage the onboarding of privileged accounts into CyberArk, ensuring adherence to established design frameworks and operational standards
- Develop and maintain end-user documentation, knowledge articles, standards, and training materials to support adoption and operational excellence
- Create detailed architecture documentation, implementation plans, technical standards, and solution designs
- Evaluate the existing PAM environment to identify technical, operational, and security enhancement opportunities, driving continuous improvement initiatives
- Participate in disaster recovery planning, capacity management, performance monitoring, maintenance activities, and platform resilience efforts to ensure high availability
- Work closely with Cybersecurity and Governance teams to ensure PAM solutions align with corporate security policies, regulatory requirements, and established standards
- Regularly review, evaluate, and enhance PAM policies, procedures, and controls to maintain strong security compliance and operational effectiveness
- Develop, support, and maintain security policies, standards, and operational processes related to privileged access management
- Stay current on industry trends, threat landscapes, emerging technologies, and evolving identity security practices to help ensure Moderna’s IAM and PAM strategies remain effective and future ready
- Contribute to the overall cybersecurity posture of the organization through adherence to security policies, procedures, and best practices
- Support emergency incidents and planned maintenance activities, including participation in 24x7 support requirements when necessary
Requirements:
- BS level technical degree or equivalent experience required; Computer Science or Math background preferred
- 8+ years in the technology field, with 4-6+ years working in the identity and access management domain
- 3+ years of experience with CyberArk and Privileged Cloud technologies including hands-on experience with account and safe management, CyberArk administration and configuration, management and troubleshooting of the various CyberArk Privileged Cloud components
- Hands-on experience with DevOps and Agile methodologies, including implementation and administration of CyberArk's secret management technologies such as Credential Provider, Secrets Hub and Conjur (Cloud or Enterprise)
- Proficiency in English (verbal and/or written) required due to global collaboration needs
- Experience with Privileged Access Management principles, best practices, and technologies
- Familiarity with JIT, Least privileged and dynamic privilege concepts
- Strong understanding of virtualization and cloud platforms with knowledge of AWS infrastructure and architecture. Familiarity with other cloud platforms, such as Azure, or GCP a plus
- Knowledge of both Windows and Unix platforms, with programming (PowerShell, etc.) a plus
- Understanding of DevOps pipeline and CI/CD tools
- Knowledge and understanding of APIs, specifically RESTful APIs, and familiarity with service-oriented architecture and web services integration
- Self-starter with ability to work in a team environment, with demonstrated ability to manage multiple competing tasks simultaneously and complete work within allocated timeframes
- Strong knowledge of Information Security frameworks and security architecture frameworks
- Strong analytical and problem-solving skills
- Ability to work independently and as part of a team
- Relevant certifications such as CISSP, CISM, or CISA are a plus
- CyberArk certification a plus
- Experience with GxP environments and regulatory requirements
- Understanding of security risks and implementation of mitigating controls, and ability to convey risk to all levels of the business, from management to operations and development teams
- Excellent communication and interpersonal skills, including writing and presentation skills
- Embrace a culture of continuous service improvement and service excellence
- A desire to make an impact as part of a high-growth, transformational company that is Bold, Relentless, Curious, and Collaborative