Job Description

🧭 Job Summary + Role Specification

This position is with a leading industry organization, offered under direct payroll.

We are seeking a skilled PAM Engineer to design, implement, and manage enterprise-grade Privileged Access Management (PAM) solutions. The role focuses on securing privileged identities, enforcing least privilege access, and managing credential vaulting, session monitoring, and privileged account lifecycle across on-premise and cloud environments.

The ideal candidate will have hands-on experience with CyberArk / BeyondTrust / HashiCorp Vault, strong knowledge of identity security, infrastructure, and DevOps environments, and the ability to integrate PAM solutions into enterprise ecosystems.

📄 Job Description

• Implement and manage PAM solutions (CyberArk, BeyondTrust, Delinea, HashiCorp Vault) 
• Configure and maintain Privileged Access Security (PAS), Vault, CPM, PSM components 
• Onboard privileged accounts across Windows, Linux, databases, network devices, and cloud platforms
• Automate credential rotation, password management, and secret lifecycle 
• Monitor and record privileged sessions (session recording, command control) 
• Integrate PAM with IAM systems (Active Directory, Azure AD, LDAP) 
• Support API-based integrations and DevOps secrets management (CI/CD pipelines) 
• Perform access reviews, compliance audits, and policy enforcement 
• Troubleshoot PAM-related issues and ensure high availability 
• Collaborate with security, infrastructure, and DevOps teams for secure access implementation 
• Work experience and good understanding Active Directory, LDAP, SSO, MFA

🎯 Roles & Responsibilities (Day-to-Day Activities)

• Onboard and manage privileged accounts into vault platforms 
• Configure safe policies, access controls, and privileged roles 
• Monitor privileged sessions and investigate suspicious activities 
• Rotate credentials and manage password reconciliation processes 
• Handle access requests and approvals via IAM workflows 
• Perform audit reporting and compliance checks (SOX, ISO 27001, PCI-DSS) 
• Integrate PAM tools with SIEM (Splunk, QRadar, Sentinel) for monitoring 
• Develop scripts for automation (account onboarding, password rotation) 
• Support production issues and ensure uptime of PAM infrastructure 
• Work with stakeholders to enforce least privilege and Zero Trust principles
• Onboard Applications and integration

🧠 Skills & Technologies (ATS Optimized)

🔐 PAM & Identity Security

• Privileged Access Management (PAM) 
• CyberArk (PAS, CPM, PSM, PVWA)  
• BeyondTrust / Delinea 
• HashiCorp Vault (Secrets Management) 
• Least Privilege Access, Zero Trust 

🛠️ Tools & Platforms

• CyberArk/ BeyondTrust/ Thycotic (Delinea) 
• ServiceNow (Access Requests, ITSM) 
• SIEM: MS  Sentinel /Splunk/QRadar
• Endpoint Security: CrowdStrike, Defender 

☁️ Cloud & Infrastructure Security

• AWS IAM, Azure AD, GCP IAM 
• Secrets Management in cloud (AWS Secrets Manager/Azure Key Vault) 
• Kubernetes Secrets, Docker 

🌐 Networking & Systems

• Active Directory, LDAP 
• Windows Server, Linux (RHEL, Ubuntu) 
• SSH, RDP, VPN, TCP/IP 

⚙️ Automation & Scripting

• PowerShell, Python, Bash , REST APIs, JSON 
• CI/CD Integration (Jenkins, GitHub Actions) 

📊 Frameworks & Compliance : ISO 27001, NIST, CIS Controls, SOX, PCI-DSS, GDPR, Audit & Compliance Reporting.

✅ Eligibility Criteria

• 3–6 years of hands-on experience in Privileged Access Management (PAM) 
• Strong practical experience with CyberArk / BeyondTrust / Vault implementations 
• Experience working in enterprise infrastructure environments (Windows, Linux, AD, Cloud) 
• Solid understanding of networking, security concepts, and identity governance 
• Bachelor’s degree in Computer Science, IT, Cybersecurity, or related field 

Certifications (Preferred / Advantage):

• CyberArk Defender / Sentry Certification 
• Certified Privileged Access Manager (CPAM) 
• Microsoft / AWS Security Certifications