SPECTRAFORCE
Job Title: Sr. Privileged Access Management (PAM) Platform Engineer
Duration: 6 months (Potential of conversion to FTE)
Location: Seattle, WA (Hybrid)
Description:
PAM Platform Leadership:
Serve as the primary technical expert for privileged access management solutions, including architecture, deployment, configuration, and optimization of password vaults and endpoint privilege management systems Enterprise PAM Implementation:
Design and execute large-scale PAM deployments across Windows, macOS, and Linux environments, ensuring seamless integration with existing infrastructure Policy Development & Management:
Create and maintain privilege elevation policies, credential rotation schedules, access request workflows, and governance rules aligned with security and compliance requirements Integration & Automation:
Integrate PAM solutions with ITSM platforms, SIEM tools, vulnerability scanners, directory services, and other security infrastructure to create comprehensive privileged access workflows Troubleshooting & Support:
Provide expert-level technical support for PAM platform issues, performance optimization, privileged account onboarding, and user access requests Security & Compliance:
Ensure PAM implementations meet PCI DSS, and other requirements through proper audit trails, session recording and monitoring, and privileged account governance Documentation & Training:
Develop technical documentation, procedures, and training materials for internal teams and end users Continuous Improvement:
Monitor platform performance, evaluate new features, and implement best practices to enhance security posture and operational efficiency Required Experience: 4-6+ years
of hands-on experience implementing and managing
enterprise PAM platforms
such as
CyberArk, BeyondTrust, Delinea (Thycotic)
in large-scale environments Vendor certifications
in one or more major PAM platforms (CyberArk Certified Delivery Engineer, BeyondTrust Certified Implementation Engineer, Delinea certified professional, etc.) preferred Deep expertise in
privileged account discovery, credential management, password rotation, session management, and access request workflows
using enterprise PAM solutions Strong understanding of
Windows Server administration, Active Directory, Group Policy, and PowerShell scripting Experience with
Linux/Unix system administration
and shell scripting for cross-platform PAM deployments Knowledge of
networking fundamentals
including protocols, ports, certificates, load balancing, and security hardening Experience with
cloud platforms
(AWS, Azure) and containerization technologies (Docker, Kubernetes) Understanding of
identity and access protocols
(SAML, OIDC, OAuth, SCIM, LDAP) and their integration with PAM solutions Technical Skills: PAM Platforms:
Experience with major vendors (CyberArk Privileged Access Security, BeyondTrust Password Safe/EPM, Delinea Secret Server/Privilege Manager, Ping Identity PingOne Protect) Operating Systems:
Windows Server (2016/2019/2022), Windows 10/11, macOS, RHEL, Ubuntu, SUSE Databases:
SQL Server, MySQL, PostgreSQL, Oracle for PAM backend configuration Virtualization:
VMware vSphere, Hyper-V, cloud-based virtual machines Scripting:
PowerShell, Bash, Python for automation and integration tasks Security Tools:
Integration experience with vulnerability scanners, endpoint detection tools, and identity governance platforms Preferred Qualifications: Experience with
multiple PAM vendors
and platform migration/integration projects Knowledge of
DevOps practices , CI/CD pipelines, and Infrastructure as Code (Terraform, Ansible) Familiarity with
ITSM integration
(ServiceNow, Jira) for ticket-driven privileged access workflows Experience with
SIEM integration
and security monitoring platforms (Splunk, QRadar, etc.) Understanding of
zero trust architecture
and least privilege access principles Experience with
secrets management
platforms (HashiCorp Vault, AWS Secrets Manager, Azure Key Vault) Previous experience in
retail technology environments
or large-scale enterprise deployments Industry certifications such as
CISSP, CISM, or relevant cloud security certifications
Serve as the primary technical expert for privileged access management solutions, including architecture, deployment, configuration, and optimization of password vaults and endpoint privilege management systems Enterprise PAM Implementation:
Design and execute large-scale PAM deployments across Windows, macOS, and Linux environments, ensuring seamless integration with existing infrastructure Policy Development & Management:
Create and maintain privilege elevation policies, credential rotation schedules, access request workflows, and governance rules aligned with security and compliance requirements Integration & Automation:
Integrate PAM solutions with ITSM platforms, SIEM tools, vulnerability scanners, directory services, and other security infrastructure to create comprehensive privileged access workflows Troubleshooting & Support:
Provide expert-level technical support for PAM platform issues, performance optimization, privileged account onboarding, and user access requests Security & Compliance:
Ensure PAM implementations meet PCI DSS, and other requirements through proper audit trails, session recording and monitoring, and privileged account governance Documentation & Training:
Develop technical documentation, procedures, and training materials for internal teams and end users Continuous Improvement:
Monitor platform performance, evaluate new features, and implement best practices to enhance security posture and operational efficiency Required Experience: 4-6+ years
of hands-on experience implementing and managing
enterprise PAM platforms
such as
CyberArk, BeyondTrust, Delinea (Thycotic)
in large-scale environments Vendor certifications
in one or more major PAM platforms (CyberArk Certified Delivery Engineer, BeyondTrust Certified Implementation Engineer, Delinea certified professional, etc.) preferred Deep expertise in
privileged account discovery, credential management, password rotation, session management, and access request workflows
using enterprise PAM solutions Strong understanding of
Windows Server administration, Active Directory, Group Policy, and PowerShell scripting Experience with
Linux/Unix system administration
and shell scripting for cross-platform PAM deployments Knowledge of
networking fundamentals
including protocols, ports, certificates, load balancing, and security hardening Experience with
cloud platforms
(AWS, Azure) and containerization technologies (Docker, Kubernetes) Understanding of
identity and access protocols
(SAML, OIDC, OAuth, SCIM, LDAP) and their integration with PAM solutions Technical Skills: PAM Platforms:
Experience with major vendors (CyberArk Privileged Access Security, BeyondTrust Password Safe/EPM, Delinea Secret Server/Privilege Manager, Ping Identity PingOne Protect) Operating Systems:
Windows Server (2016/2019/2022), Windows 10/11, macOS, RHEL, Ubuntu, SUSE Databases:
SQL Server, MySQL, PostgreSQL, Oracle for PAM backend configuration Virtualization:
VMware vSphere, Hyper-V, cloud-based virtual machines Scripting:
PowerShell, Bash, Python for automation and integration tasks Security Tools:
Integration experience with vulnerability scanners, endpoint detection tools, and identity governance platforms Preferred Qualifications: Experience with
multiple PAM vendors
and platform migration/integration projects Knowledge of
DevOps practices , CI/CD pipelines, and Infrastructure as Code (Terraform, Ansible) Familiarity with
ITSM integration
(ServiceNow, Jira) for ticket-driven privileged access workflows Experience with
SIEM integration
and security monitoring platforms (Splunk, QRadar, etc.) Understanding of
zero trust architecture
and least privilege access principles Experience with
secrets management
platforms (HashiCorp Vault, AWS Secrets Manager, Azure Key Vault) Previous experience in
retail technology environments
or large-scale enterprise deployments Industry certifications such as
CISSP, CISM, or relevant cloud security certifications