PAM Remediation
- Driving & tracking delivery against agreed remediation plan for 11 PAM controls
- Maintaining the PAM remediation plan and associated trackers
- Detailed action tracking with tactical fix owners
- Agree & track dependencies with key partners
- Identifying tactical solutions to meet audit remediation deadlines
- Identifying, addressing, tracking and escalating as necessary key risks & issues
- Weekly status reporting to weekly IFC (internal finance controls) remediation working group and monthly steering group
- Ensuring timely completion of key deliverables including:
- Control (re)design
- Privileged user activity monitoring solutions/processes
- PUAM RACI
- Evidence collection & review
- Process/procedure definition/updates
- SOC log onboarding
- CMDB inventory updates
- Azure PIM process improvements
- Driving & tracking delivery of baselined CyberArk implementation plan across Office & PCI environments
- Maintain the Telehouse CyberArk implementation plan
- Detailed action tracking across delivery team (Security tech team & BA)
- Identifying, addressing, tracking and escalating as necessary key risks & issues
- Weekly status reporting to the weekly One ID working group and monthly steering group
- Ensuring timely completion of key deliverables including:
- Onboarding assets and users to the two CyberArk environments
- Defining and agreeing the service design/operating model
- Solutions for capability gaps
- Documentation including processes & procedures
- Access management/request products in ServiceNow
- Integration to SIEM (and potentially to a target IGA tool being deployed in 2024)
- Developing communication plan
- Approach for removing direct access
- Service introduction pack