PAM Engineer (USSOCOM - Zero Trust)

About The Position

Requirements

• BA/BS or MA/MS
• 3-10 years of relevant experience
• Deep expertise in Privileged Access Management (PAM) architectures and "Zero Standing Privileges" concepts.
• Experience implementing Just-In-Time (JIT) access workflows.
• Proficiency in integrating PAM tools with Active Directory, SIEM (Splunk), and IGA tools.
• Must hold an IAT Level II certification (e.g., Security+ CE, CCNA Security) or higher
• Active TS/SCI Clearance
• Must be a U.S. citizen

Nice To Haves

• Nice to have but not required

Responsibilities

• Lead the installation, configuration, and technical implementation of the enterprise PAM solution (Delinea focus) across multiple network enclaves.
• Discover, inventory, and onboard all known privileged user, administrator, and service accounts into the secure PAM vault.
• Design and configure policies for Just-In-Time (JIT) access, session recording, and privileged session monitoring to ensure zero standing privileges.
• Develop scripts and API integrations to connect the PAM solution with the existing Splunk SIEM for centralized logging and the Identity Governance (IGA) platform for lifecycle management.
• Support the RMF accreditation process by developing Low-Level Design (LLD) documents, System Security Plans (SSP), and Standard Operating Procedures (SOPs) to achieve Authority to Operate (ATO).
• Manage the expansion of PAM policies from initial pilot groups to full enterprise enforcement for all privileged users.

Benefits

• paid time off
• healthcare benefits
• supplemental benefits
• 401k including an employer match
• discount perks
• rewards
• education reimbursement for certifications, degrees, or professional development
• funds for activities – virtual and in-person
• happy hours
• holiday events
• fitness & wellness events
• annual celebrations
• charity galas/events