A top Fortune 50 financial institution in Vienna, VA is seeking a Privileged Access Management (PAM) Engineer to support enterprise-wide PAM operations and drive key security initiatives across a large-scale technology environment.
About the Opportunity:
- Schedule: Monday to Friday
- Hours: 40 hours per week
- Setting: Hybrid to HQ (2x a week, moving to 3x a week in April); open to fully remote for the right candidate
Responsibilities:
- Operating and administering enterprise PAM technologies, including privileged accounts and secrets management
- Leading projects to design, enhance, and deliver new PAM features and software updates
- Automating PAM processes and integrating with external systems and enterprise services
- Supporting PAM strategy through discovery, gap analysis, and onboarding of new systems
- Designing, configuring, and maintaining PAM solutions across AIX, RHEL, Windows, and Mainframe environments
- Integrating PAM with ServiceNow, IGA, SIEM, cloud services, and other security tools
- Providing security guidance to internal teams on access governance and identity best practices
- Maintaining documentation, diagrams, and inventories for PAM systems.
- Monitoring PAM infrastructure capacity, performance, and licensing; preparing leadership reports
- Participating in rotational on-call support for production PAM environments
Qualifications:
- 5+ years of Privileged Access Management experience (CyberArk, BeyondTrust, or Delinea).
- Bachelor’s Degree in IT, Computer Science, or related field
- Strong experience supporting PAM in large IT or financial services organizations.
- Hands-on experience with IAM platforms such as Microsoft AD/Azure AD, Saviynt, ServiceNow, and RSA.
- Experience administering tier-zero identity infrastructure (AD, PKI, Federation Services)
- Proficiency in automation using PowerShell and Bash; familiarity with Ansible
- Solid understanding of PAM integrations with Windows, UNIX/Linux, VMware, Azure, databases, and Mainframe
- Familiarity with change control and production discipline processes
Desired Skills:
- CyberArk Certifications (Defender, Sentry, Guardian).
- Experience building and deploying PSM and CPM connectors
- Experience with CyberArk Credential Providers (AAM, CCP)
- PTA experience
- Physical server and OS platform experience
