Secure Platform Access Facilitator

Job Purpose

We are seeking a Secure Platform Access Facilitator to manage the secure lifecycle of user accounts and privileged access within our Secure Landing Zone and Supercomputer infrastructure. This role is responsible for onboarding and offboarding users, administering privileged access with CyberArk, and supporting secure authentication and authorization processes, primarily across Windows platforms. The Facilitator will ensure compliance with security policies and regulatory requirements while enabling smooth user access to critical systems.

Major Accountabilities

User Access Lifecycle Management

• Manage end-to-end user lifecycle processes, including provisioning, modification, and de-provisioning of accounts.
• Coordinate access requests and approvals in alignment with organizational policies.
• Ensure timely revocation of access during offboarding or role changes.
• Maintain accurate records of access rights for audit and compliance purposes.

Privileged Access Management (CyberArk)

• Administer CyberArk Privileged Access Management platform (Vault, PVWA, CPM, PSM).
• Onboard privileged accounts (human and non-human) and manage credential rotation.
• Enforce privileged session policies, including isolation, monitoring, and recording.
• Troubleshoot CyberArk access issues and support integrations with Active Directory and other identity platforms.
• Monitor CyberArk health and escalate incidents when necessary.

Windows Platform Administration

• Support user and group management in Active Directory and Windows environments.
• Apply security baselines, group policies, and role-based access controls.
• Collaborate with IT teams to align Windows system access with security standards.
• Assist in patching, updates, and security hardening for Windows servers.

Security & Compliance

• Ensure user and privileged access comply with organizational security standards and regulatory frameworks (e.g., NIST, ISO).
• Participate in internal and external audits by providing access evidence and documentation.
• Support periodic access reviews and certification processes.
• Contribute to remediation of access-related compliance findings.

Collaboration & Support

• Work closely with IT Operations, InfoSec, and Compliance teams to manage secure access.
• Provide guidance to end-users and administrators on secure access practices.
• Assist in training and awareness around privileged access management.

Person Requirements

Competencies

• Strong understanding of user lifecycle management and access governance.
• Hands-on knowledge of CyberArk PAM solutions.
• Proficiency in Windows platforms and Active Directory.
• Detail-oriented, with strong organizational and documentation skills.
• Good communication skills to coordinate with technical and non-technical stakeholders.

Qualifications

• Bachelor’s degree in Information Technology, Cybersecurity, or related field (or equivalent experience).
• Preferred Certifications:

• CyberArk Trustee/Defender
• Microsoft Certified: Windows Server / Active Directory
• ITIL Foundation (nice to have)

• 2–5 years of experience in IT administration, access management, or security operations.
• Practical experience with:
  • CyberArk PAM (Vault, PVWA, CPM, PSM
  • Windows/Active Directory administration
• Familiarity with compliance frameworks (e.g., NIST 800-53, ISO 27001).
• Experience in handling user onboarding/offboarding processes.