Job ID: JOB_ID_869
Role Overview
The Senior Privileged Access Management (PAM) Engineer is a critical leadership position within our Cybersecurity Infrastructure team. As the technical authority for PAM architecture, you will be responsible for the end-to-end design, implementation, and governance of privileged access controls across the entire enterprise ecosystem. This includes managing service accounts, non-human identities, and administrative accounts for both on-premises and cloud-based systems. In an era of increasing cyber threats, your role is to ensure the total elimination of direct privileged access, enforcing the principle of least privilege and enabling secure operational access via robust jump infrastructure. You will work at the intersection of Identity and Access Management (IAM), Network Security, and the Security Operations Center (SOC) to implement strong auditability aligned with Zero Trust principles and stringent regulatory requirements.
Key Responsibilities
- Architect and lead the deployment of enterprise-grade PAM solutions to secure critical infrastructure and sensitive data.
- Design and enforce policies for the management of privileged credentials, including automated rotation, vaulting, and session recording.
- Collaborate with DevOps and Engineering teams to integrate PAM controls into CI/CD pipelines and automated workflows.
- Develop and maintain technical documentation, including architectural diagrams, standard operating procedures (SOPs), and governance frameworks.
- Lead the migration of legacy administrative access methods to modern, secure jump-host and bastion-based architectures.
- Monitor and analyze privileged access logs to identify anomalies and potential security breaches, coordinating with the SOC for incident response.
- Ensure compliance with global regulatory standards such as SOX, HIPAA, and GDPR by maintaining rigorous audit trails and reporting mechanisms.
- Provide subject matter expertise during internal and external audits related to identity and access controls.
- Automate routine PAM tasks using scripting languages like Python or PowerShell to improve operational efficiency and reduce human error.
Technical Requirements
- Minimum of 10 to 12+ years of total experience in Information Technology, with a heavy focus on Cybersecurity and IAM.
- Proven expertise in leading PAM platforms such as CyberArk, BeyondTrust, or Thycotic (Delinea).
- Deep understanding of Identity and Access Management (IAM) protocols, including SAML, OAuth, OpenID Connect, and LDAP.
- Experience with cloud security architectures in AWS, Azure, or GCP, specifically regarding IAM and secret management.
- Strong knowledge of network security, including firewalls, VPNs, and micro-segmentation.
- Proficiency in directory services such as Active Directory and Azure AD.
- Ability to design scalable architectures that support high availability and disaster recovery requirements.
Professional Skills
The ideal candidate will possess exceptional communication skills, capable of translating complex technical security concepts into actionable business insights for executive stakeholders. You must be a self-starter with a proven track record of managing large-scale security projects from inception to completion. Your analytical mindset will allow you to identify systemic risks and develop proactive mitigation strategies. As a lead engineer, you will also mentor junior staff and foster a culture of security-first thinking across the organization. This role requires a high degree of integrity and the ability to handle sensitive information with the utmost confidentiality.
Special Requirements
Dayone Onsite requirement in San Francisco, CA.
Compensation & Location
Salary: $165,000 – $225,000 per year
Location: San Francisco, CA
Recruiter / Company – Contact Information
Recruiter / Employer: Adbakx LLC / Flexon Technologies Inc
Email: ravi@adbakx.com
Recruiter Notice:
To remove this job posting, please send an email from
ravi@adbakx.com with the subject:
DELETE_JOB_ID_869