Privileged Access Management (PAM) Specialist (Active Directory Architecture exp. required) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Bank of America · 1 month ago

Privileged Access Management (PAM) Specialist (Active Directory Architecture exp. required)

positionBoston
timeFull-time
remoteOnsite
senioritySenior Level
money$78K/yr - $136K/yr
date5+ years exp

Bank of America is one of the largest financial institutions in the U.S., dedicated to safeguarding its most critical assets. The Privileged Access Management Specialist will focus on implementing robust privileged access controls and mitigating attack paths, playing a crucial role in enhancing the organization's cybersecurity posture.

Asset ManagementBankingFinanceFinancial ServicesFinTech
check
H1B Sponsor Likelynote

Responsibilities

Secure Tier 0 Assets: Implement and enforce privileged access controls for Active Directory, Entra ID, and other Tier 0 systems
Attack Path Mitigation: Use tools like Semperis, BloodHound, SentinelOne, to identify and remediate attack paths, reducing lateral movement risks
Automation & Scripting: Develop and maintain PowerShell scripts to automate security tasks and enforce compliance
Governance & Compliance: Ensure adherence to IAM standards, regulatory requirements (NIST, ISO, FFIEC), and internal security policies
Risk Assessment: Evaluate privileged access risks during technology and business decisions; recommend mitigation strategies
Collaboration: Partner with IAM, PAM governance, and infrastructure teams to design and implement secure solutions
Continuous Improvement: Monitor industry trends and propose enhancements to PAM strategy and tooling
Incident Response Support: Assist in investigations involving privileged accounts and Tier 0 systems

Qualification

Active Directory ArchitectureAttack Path AnalysisPowerShell ScriptingPrivileged Access ManagementMicrosoft Entra IDZero Trust PrinciplesAuthentication ProtocolsCloud Identity SecurityRisk Management MindsetContinuous ImprovementCollaboration

Required

Strong knowledge of AD Architecture
Knowledge of Forest domains, trees
Must have working knowledge and hands on experience with building trust/FMSO/sites and replication etc
Knowledge of Microsoft Enterprise Access Model (formerly Tiered Administration Model)
Deep understanding of ACLs and permission models in Active Directory
Strong Attack Path analysis skills
Attack path collection methods: AD Structure/Session/ACL/Local Admin
Ability to write custom cypher queries
Analyze ACL-based relationships to uncover privilege escalation paths and complex edge structures, enable effective prioritization of remediation efforts
Maintain Active Directory hygiene by identifying and remediating stale permissions
5+ years in cybersecurity or identity management focused on privileged access or Active Directory security
Expert-level knowledge of Bloodhound, Active Directory and Microsoft Entra ID administration. Must have worked on privileged groups such as Domain Admins/Enterprise admins etc
Strong proficiency in PowerShell scripting for automation and security hardening. Also must have programming experience
Hands-on experience with attack path analysis tools and remediation strategies
Deep understanding of Tier 0 infrastructure, domain controllers, and tiered administration models
Familiarity with Zero Trust principles, least privilege enforcement, and PAM best practices
Knowledge of authentication protocols (Kerberos, LDAP, SAML, OAuth) and federation technologies
Experience with cloud identity security (Azure AD, Entra ID) and hybrid environments
Strong risk management mindset and ability to influence stakeholders

Preferred

3+ Years technical experience in attack path analysis
5+ Years experience administering Active Directory and Entra (formerly AzureAD)
CISSP, CISM, or equivalent security certifications
Offensive Security certifications (e.g., CEH, OSCP, CRTP) or red team focused credentials are a plus
Experience with PAM vendors and tools (CyberArk, Hashi, BeyondTrust, etc.)
Familiarity with compliance frameworks (NIST, ISO/IEC, FFIEC)

Benefits

Discretionary incentive eligible
This role is currently benefits eligible.
We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.

Company

Bank of America

twittertwittertwitter
Glassdoor3.9
company-logo
Bank of America is a financial institution that offers credit cards, home loans, and auto loan services.
dateFounded in 1998
location
Charlotte, North Carolina, USA
people-size10001+ employees
web-link
https://www.bankofamerica.com

H1B Sponsorship

Bank of America has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (780)
2024 (546)
2023 (590)
2022 (759)
2021 (715)
2020 (931)

Funding

Current Stage
Public Company
Total Funding
$3.59B
Key Investors
Berkshire Hathaway
2025-02-20Post Ipo Debt· $386.79M
2024-11-26Post Ipo Debt· $2B
2020-07-28Post Ipo Equity· $400M

Leadership Team

leader-logo
Charissa Messer
Senior Vice President, Creative Agency Executive (Enterprise Creative Solutions)
linkedin
leader-logo
Rami Salem
SVP Strategic Competitive Intelligence
linkedin

Recent News

Morningstar.com
Dow Jones Top Financial Services Headlines at 11 AM ET: Saks Closes In on Bankruptcy Financing Package | Financial ...
2026-01-11
IndiaTimes
MTAR Technologies bulk deal: BofA buys 2 lakh shares worth Rs 55 crore
2026-01-11
Benzinga.com
How To Earn $500 A Month From Bank of America Stock Ahead Of Q4 Earnings
2026-01-11
Company data provided by crunchbase