Privileged Access Management Engineer

Bausch Health is a global company that develops, manufactures, and markets a differentiated product portfolio across multiple high-growth therapeutic areas including Gastroenterology, Generics, Neurology, Ortho Dermatologics, Medical Aesthetics and Dentistry.

We are delivering on our commitments as we build an innovative company dedicated to advancing global health. Each day, Bausch Health products are used by over 150 million people around the world.

Our approximately 7,000 employees are united around our mission of improving people’s lives with our health care products.

The primary function of the Privileged Access Management Engineer is to implement and support infrastructure, processes, procedures, and associated technologies relating to Privileged Access Management (PAM).

Key to this is the ongoing management and support of critical systems pertaining to credential management, remote desktop (RDP), and secure shell (SSH).

This role focuses on a multitude of PAM functions and integrations to enable access for IT systems and serves as L3 / L4 escalation support to operations teams.

• Supports the introduction and promotion of PAM within the organization and assists with implementing new technologies to meet security goals
• Serves as the engineering technical point of contact for the corporate PAM tool
• Responsible for identifying and remediating misaligned permissions related to vaulted credentials, including coordinating access reviews and certifications
• Implements and maintains integrations between the corporate PAM tool and external systems to enable remote access (RDP, SSH, etc.

and credential rotation

• Maintains awareness of Common Vulnerabilities and Exposures (CVEs) and updates applicable to the corporate PAM tool and performs patches and upgrades as needed
• Provides technical oversight and support to the wider IT Security team with regards to security investigations, incident response and blue team exercises
• Collaborates with operational support teams to address recurring issues. Reviews policies, procedures, knowledge articles and other documentation as needed to ensure the effectiveness of the overall PAM program
• Interfaces with the global audit and compliance team to align PAM security and data retention functions with corporate and third-party audit requirements
• Responsible for delivering reports, health checks, and operational plans to deliver the incremental improvements required to maintain a strong security posture
• Utilizes technical and environmental knowledge to support secure, risk-based practices, exercising judgment within broadly defined security practices and policies

Experience Requirements

• Bachelor's degree in Information Systems, Computer Science or equivalent work experience required
• At least 3 years of experience in the Information Security field
• Experience implementing and supporting PAM technologies such as CyberArk, Delinea, or BeyondTrust in a complex global environment
• Proficient knowledge of Windows and Linux server management and troubleshooting
• Proficient knowledge of Remote Desktop (RDP) and Secure Shell (SSH)
• Working knowledge of PowerShell, JSON, REST APIs and API authentication
• Working knowledge of Active Directory and Entra ID with specific emphasis on password management and domain replication
• Knowledge of Active Directory Organizational Units (OU), groups and user attributes
• Basic understanding of authentication protocols such as SAML, OAuth and LDAP
• Excellent research, analytical, and critical thinking skills. Ability to analyze information / data, identify trends, draw conclusions, and make recommendations
• Strong verbal and written communications skills with the ability to facilitate crucial conversations and influence stakeholders
• Effective interpersonal and group communication skills, including negotiation, ability to influence, strong presentation, motivational, change management and teaching skills
• Familiarity with Identity and Access Management lifecycle, concepts, and technologies

Benefits package includes a Comprehensive Medical (includes Prescription Drug), Dental, Vision, Health Savings Account with company contribution, Flexible Spending Accounts, 401(k) matching, discretionary time off, paid sick time, tuition reimbursement, parental leave, short-term disability, long-term disability, life insurance, accidental death & dismemberment insurance, paid holidays, Employee Assistance Plan, commuter benefit, recognition awards, voluntary benefits (including Identity Theft, Student Loan and Breast Milk Shipping), employee referral bonuses and employee discounts.

LI-hybrid

This position may be available in the following location(s) : US - Bridgewater, NJ

Bausch Health Companies Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment regardless of race, color, religion, gender, national origin, age, sexual orientation, gender identity or expression, marital or veteran status, disability, or any other legally protected status.

We are committed to building diverse teams, representative of the patients and communities we serve, and we strive to create an inclusive workplace that cultivates collaboration.

If a candidate needs a reasonable accommodation / adjustment due to physical or mental health impairment for any part of the application process, they are encouraged to send their request to or call 908-927-1400 and let us know the nature of the request and their contact information.

Please be sure to include the job requisition number.

Job Applicants should be aware of job offer scams perpetrated through the use of the Internet and social media platforms.

To learn more please read .