Job Description:
Security Engineer (PAM/IAM Admin) responsible for implementing and managing PAM/IAM solutions, handling privileged accounts lifecycle, credential vaulting, session monitoring, MFA integration, directory services integration (AD/LDAP/Azure AD), workflow automation, and ensuring compliance.
Job Requirements:
- Minimum of 2 years of experience in Security Engineering with a focus on PAM/IAM.
- Proven hands-on experience in PAM product implementation and administration (e.g., CyberArk, BeyondTrust, Thycotic).
- Strong knowledge of credential vaulting, secrets management, and password/credential rotation practices.
- Experience with privileged session monitoring and recording.
- Solid background in identity lifecycle management (provisioning, deprovisioning, modifications).
- Proficient in directory services integration (Active Directory, LDAP, Azure AD).
- Expertise in multi-factor authentication (MFA) solutions for privileged accounts.
- Skilled in workflow automation and the development of access request workflows.
- Familiarity with identity synchronization, aggregation, and reconciliation processes.
- Strong understanding of security compliance standards and regulations (e.g., NIST, ISO, NCA).
- Ability to work effectively in a team and collaborate across cross-functional groups.
- Excellent problem-solving, documentation, and communication skills (including user training).
- Relevant certifications such as CISSP or CISM are preferred.
Job Responsibilities:
- Design, implement, and manage a comprehensive PAM strategy to protect sensitive organizational data.
- Perform privileged account onboarding and discovery to ensure all privileged accounts are identified and securely managed.
- Administer the credential vault, ensuring secrets management and lifecycle governance.
- Execute scheduled password and credential rotations in line with organizational and regulatory requirements.
- Implement and oversee privileged session monitoring and recording to safeguard against misuse and ensure accountability.
- Lead the integration of PAM/IAM solutions with directory services (Active Directory, LDAP, Azure AD).
- Configure and optimize MFA solutions to strengthen privileged account security.
- Manage identity lifecycle processes, ensuring timely and accurate provisioning, deprovisioning, and modifications.
- Develop and automate access request workflows to streamline secure access management.
- Facilitate identity synchronization, aggregation, and reconciliation across multiple systems.
- Collaborate with security, compliance, and IT teams to align PAM/IAM initiatives with organizational security goals.
- Conduct regular audits and assessments to ensure compliance with security frameworks and regulations.
- Deliver training and support to users on PAM/IAM policies and best practices.
- Stay current with emerging PAM/IAM technologies and evolving threat landscapes to continuously enhance security posture.
PAM/IAM Skills / Functions :
- Privileged Access Management (PAM)
- Privileged account onboarding / discovery
- Credential Vault / Password Vault / Secrets Management
- Password Rotation / Credential Rotation
- Privileged Session Monitoring / Session Recording
- Vault administration and credential lifecycle management
- Integration with directory services (Active Directory, LDAP, Azure AD)
- MFA integration with privileged accounts
- Identity lifecycle management (Provisioning, Deprovisioning, Modification)
- Workflow Automation / Access Request Workflows
- Identity Synchronization / Aggregation / Reconciliation
