Overview
On Site
Full Time
Skills
Threat Modeling
Security Architecture
Expect
Roadmaps
JIT
Workflow
Leadership
Bloomberg
Productivity
Collaboration
Microsoft Exchange
CyberArk
Partnership
Build Vs Buy
FOCUS
Scalability
Access Control
LDAP
Kerberos
SAML
OAuth
OIDC
Remote Access
Management
Operating Systems
Security Controls
Security-Enhanced Linux
Identity Management
Regulatory Compliance
Job Details
Our team:
We are the CTO Infrastructure group. We solve complex systems problems, enabling our engineers to quickly ship new products, and prototype the next generation of infrastructure security technologies. Whether we're designing our next generation security controls, or threat modeling our distributed systems, our goal is to define the future of how we secure Bloomberg's infrastructure. That's where you come in.
As an architect and product owner in the CTO's office, you'll be trusted to understand the intersections between Bloomberg's global technology footprint, unique software stack and security requirements, provide guidance for usable infrastructure security, ensure that logical security controls are manageable at our scale, and much more. Your leadership skills will influence the roadmap for future security technologies, while working alongside motivated engineers across the company to keep Bloomberg at the cutting edge. Our team works across many areas of security architecture, and you will have the opportunity to focus on the projects you are passionate about and bring your expertise to help reach our team's goals.
We'll expect you to:
- Develop a strategy for enterprise privileged access management, building on industry best practices and establishing a clear roadmap for adoption in collaboration with security, infrastructure, and application teams.
- Lead the evolution of our privileged access platform, including integration with identity management systems, secure vaulting solutions, just-in-time (JIT) access, and session management technologies.
- Continuously assess and identify opportunities to improve the security and efficiency of privileged access workflows and technologies, aligning them with organizational needs and regulatory requirements.
- Take a leadership role in defining the tools, techniques, and technologies used to control, monitor, and secure privileged access across Bloomberg's infrastructure and systems.
- Drive modernization of PAM-related infrastructure, guiding teams toward secure architectures and updated access control standards.
- Foster a culture of least privilege and access transparency while understanding and managing the trade-offs between security, operational agility, and user productivity.
- Collaborate with vendors, consultants, and industry peers to exchange knowledge and stay informed on the latest developments in PAM tools, standards, and threat landscapes.
You'll need to have:
- 10+ years of experience designing, implementing, and managing security controls in large-scale, distributed systems-with a strong emphasis on access control and identity governance.
- Proven expertise in privileged access management, including integration, automation, and policy enforcement for tools like CyberArk, BeyondTrust, or HashiCorp Vault.
- A history of building collaborative partnerships across engineering, operations, and risk teams to align privileged access strategies with enterprise goals.
- Strong ability to prototype and implement access control solutions, innovate on access models, and partner with engineering to drive enterprise-wide adoption.
- Experience evaluating build vs. buy tradeoffs, with a focus on scalability, security, and maintainability.
- Deep understanding of identity and access control protocols such as LDAP, Kerberos, SAML, OAuth, OIDC, and how these intersect with privileged access strategies.
We'd love to see:
- Solid understanding of cryptographic principles as they relate to secrets management, credential rotation, and secure remote access.
- Experience managing infrastructure at scale with an emphasis on secure automation and privileged task execution.
- Familiarity with operating system-level security controls used to enforce access restrictions (e.g., sudo policies, SELinux, eBPF, auditd).
- Experience integrating and securing both homegrown and third-party systems within a PAM framework.
- Hands-on experience designing and operating privileged access management platforms in complex enterprise environments.
- Understanding of enterprise identity ecosystems and how privileged access fits into broader governance and compliance initiatives.
We are the CTO Infrastructure group. We solve complex systems problems, enabling our engineers to quickly ship new products, and prototype the next generation of infrastructure security technologies. Whether we're designing our next generation security controls, or threat modeling our distributed systems, our goal is to define the future of how we secure Bloomberg's infrastructure. That's where you come in.
As an architect and product owner in the CTO's office, you'll be trusted to understand the intersections between Bloomberg's global technology footprint, unique software stack and security requirements, provide guidance for usable infrastructure security, ensure that logical security controls are manageable at our scale, and much more. Your leadership skills will influence the roadmap for future security technologies, while working alongside motivated engineers across the company to keep Bloomberg at the cutting edge. Our team works across many areas of security architecture, and you will have the opportunity to focus on the projects you are passionate about and bring your expertise to help reach our team's goals.
We'll expect you to:
- Develop a strategy for enterprise privileged access management, building on industry best practices and establishing a clear roadmap for adoption in collaboration with security, infrastructure, and application teams.
- Lead the evolution of our privileged access platform, including integration with identity management systems, secure vaulting solutions, just-in-time (JIT) access, and session management technologies.
- Continuously assess and identify opportunities to improve the security and efficiency of privileged access workflows and technologies, aligning them with organizational needs and regulatory requirements.
- Take a leadership role in defining the tools, techniques, and technologies used to control, monitor, and secure privileged access across Bloomberg's infrastructure and systems.
- Drive modernization of PAM-related infrastructure, guiding teams toward secure architectures and updated access control standards.
- Foster a culture of least privilege and access transparency while understanding and managing the trade-offs between security, operational agility, and user productivity.
- Collaborate with vendors, consultants, and industry peers to exchange knowledge and stay informed on the latest developments in PAM tools, standards, and threat landscapes.
You'll need to have:
- 10+ years of experience designing, implementing, and managing security controls in large-scale, distributed systems-with a strong emphasis on access control and identity governance.
- Proven expertise in privileged access management, including integration, automation, and policy enforcement for tools like CyberArk, BeyondTrust, or HashiCorp Vault.
- A history of building collaborative partnerships across engineering, operations, and risk teams to align privileged access strategies with enterprise goals.
- Strong ability to prototype and implement access control solutions, innovate on access models, and partner with engineering to drive enterprise-wide adoption.
- Experience evaluating build vs. buy tradeoffs, with a focus on scalability, security, and maintainability.
- Deep understanding of identity and access control protocols such as LDAP, Kerberos, SAML, OAuth, OIDC, and how these intersect with privileged access strategies.
We'd love to see:
- Solid understanding of cryptographic principles as they relate to secrets management, credential rotation, and secure remote access.
- Experience managing infrastructure at scale with an emphasis on secure automation and privileged task execution.
- Familiarity with operating system-level security controls used to enforce access restrictions (e.g., sudo policies, SELinux, eBPF, auditd).
- Experience integrating and securing both homegrown and third-party systems within a PAM framework.
- Hands-on experience designing and operating privileged access management platforms in complex enterprise environments.
- Understanding of enterprise identity ecosystems and how privileged access fits into broader governance and compliance initiatives.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.