Manager, PAM and SSO Services

ABOUT THE DEPARTMENT

The University of Southern California (USC) is advancing its cybersecurity posture with a renewed focus on resilience, cyber risk management, and threat-informed defense. As a world-class research institution, is building a culture of security that supports its academic and research mission in a rapidly evolving threat landscape.

This role sits within a newly restructured cybersecurity organization that's leading this transformation. You'll join a team focused on scalable, proactive defense strategies, incident preparedness, and operational excellence-working alongside experts who are deeply committed to service, innovation, and impact.

If you're driven by purpose, thrive in complexity, and want to help shape the future of cybersecurity at a leading university, we invite you to bring your leadership to the table.

POSITION SUMMARY

As the Manager, PAM and SSO Services you will be an integral leader of the cybersecurity department while also collaborating with stakeholders across the university ecosystem, and reporting to the Director, Enterprise Identity and Access Management. This is a full-tim e exempt position, eligible for all of 's fantastic Benefits + Perks . This opportunity is remote.

The Manager, PAM and SSO Services oversees the implementation, optimization and maintenance of privileged access management solutions and single sign on /multi-factor authentication systems to secure privileged accounts and streamline user authentication across the university. Ensures operational effectiveness of PAM, SSO and MFA systems, supporting integration with enterprise applications and enforcing security policies that align with the university's broader cybersecurity framework.

The Manager, PAM and SSO Services will:

• Manages the implementation and operation of PAM tools (e.g., privileged account provisioning, credential vaulting, session monitoring). Oversees SSO and MFA systems to ensure secure and seamless user authentication across all university systems.

• Collaborates with cybersecurity and IT teams to align PAM and SSO initiatives with the broader security framework. Integrates PAM and SSO technologies with enterprise applications, directory systems and cloud platforms. Provides training and support to technical staff and end-users on PAM and authentication tools and processes.

• Implements and enforces security policies for privileged access (e.g., least privilege, just-in-time access). Configures adaptive authentication mechanisms (e.g., conditional access policies) to balance security and user experience.

• Ensures compliance with regulatory standards and internal security frameworks for PAM and SSO systems. Conducts regular audits and reviews of privileged accounts and authentication logs to detect and mitigate risks. Leads the resolution of technical issues related to PAM and SSO, ensuring high availability and reliability.

• Develops and documents operational standards and workflows for privileged account lifecycle management and authentication systems. Monitors and reports on the performance and adoption of PAM and SSO systems, providing metrics to inform leadership decisions. Stays updated on emerging PAM and authentication technologies, driving innovation and improvement within access management practices.

• Encourages a workplace culture where all employees are valued, value others and have the opportunity to contribute through their ideas, words and actions, in accordance with the Code of Ethics.

MINIMUM QUALIFICATIONS

Great candidate s for the position of Manager, PAM and SSO Services will meet the following qualifications:

• 7 years in Identity and Access Management.

• A Bachelor's degree or combined experience/education as substitute for minimum education.

• Experience with PAM and SSO technologies.

• Expertise in implementing and managing PAM solutions (e.g., CyberArk. BeyondTrust and SSO platforms (e.g., Okta, Azure AD).

• Proficient in designing secure authentication frameworks (e.g., MFA, adaptive authentication, passwordless solutions).

• Strong understanding of privileged access workflows, session monitoring and compliance standards.

• Experience developing metrics to evaluate the performance of PAM and SSO solutions.

• Proven ability to manage incidents and mitigate risks related to PAM and SSO vulnerabilities.

• Strong leadership and interpersonal skills to manage cross-functional teams and vendor relationships.

• Knowledge of scripting or programming languages (e.g., PowerShell, Python) to support automation initiatives.

PREFERRED QUALIFICATIONS

Exceptional candidate s for the position of Manager, PAM and SSO Services will also bring the following qualifications or more :

• 10 years of related experience.

• A bachelor's degree in information science or computer science or computer engineering o r in related field(s).

• Extensive proven leadership experience.

• Experience in a university environment.

• Relevant certifications such as CyberArk Certified Trustee or similar.

In addition, the successful candidate must also demonstrate , through ideas, words and actions, a strong commitment to USC's Unifying Values of integrity, excellence, community, well-being, open communication, and accountability.

SALARY AND BENEFITS

The annual base salary range for this position is $164,548.27 to $185,306.86 . When extending an offer of employment, the University of Southern California considers factors such as (but not limited to) the scope and responsibilities of the position, the candidate's work experience, education/training, key skills, internal peer alignment, federal, state, and local laws, contractual stipulations, grant funding, as well as external market and organizational considerations.

To support the well-being of our faculty and staff, provides benefits-eligible employees with a broad range of perks to help protect their and their dependents' health, wealth, and future. These benefits are available as part of the overall compensation and total rewards package. You can learn more about USC's comprehensive benefits here .

Join the cybersecurity team within an environment of innovation and excellence.

Minimum Education: Bachelor's degree Addtional Education Requirements Combined experience/education as substitute for minimum education Minimum Experience: 7 years in Identity and Access Management. Addtional Experience Requirements Combined experience/education as substitute for minimum work experience Minimum Skills: Experience with PAM and SSO technologies. Expertise in implementing and managing PAM solutions (e.g., CyberArk. BeyondTrust and SSO platforms (e.g., Okta, Azure AD). Proficient in designing secure authentication frameworks (e.g., MFA, adaptive authentication, passwordless solutions). Strong understanding of privileged access workflows, session monitoring and compliance standards. Experience developing metrics to evaluate the performance of PAM and SSO solutions. Proven ability to manage incidents and mitigate risks related to PAM and SSO vulnerabilities. Strong leadership and interpersonal skills to manage cross-functional teams and vendor relationships. Knowledge of scripting or programming languages (e.g., PowerShell, Python) to support automation initiatives. Preferred Education: Bachelor's degree In Information Science Or Computer Science Or Computer Engineering Or in related field(s) Preferred Certifications: Relevant certifications such as CyberArk Certified Trustee or similar. Preferred Experience: 10 years Preferred Skills: Extensive proven leadership experience. Experience in a university environment.