PAM Engineer

About The Position

Requirements

• DoD 8570 Compliance: Must hold an IAT Level II certification (e.g., Security+ CE, CCNA Security) or higher.
• Specific Certifications: Delinea Certified Administrator is highly preferred/required.
• Technical Skills: Deep expertise in Privileged Access Management (PAM) architectures and "Zero Standing Privileges" concepts.
• Experience implementing Just-In-Time (JIT) access workflows.
• Proficiency in integrating PAM tools with Active Directory, SIEM (Splunk), and IGA tools.
• Education: BA/BS or MA/MS
• Years Exp: 3-10
• TO BE CONSIDERED YOU MUST HAVE AN ACTIVE TOP SECRET CLEARANCE WITH SCI ELIGIBILITY.

Responsibilities

• PAM Solution Deployment: Lead the installation, configuration, and technical implementation of the enterprise PAM solution (Delinea focus) across multiple network enclaves.
• Credential Vaulting: Discover, inventory, and onboard all known privileged user, administrator, and service accounts into the secure PAM vault.
• Policy Enforcement: Design and configure policies for Just-In-Time (JIT) access, session recording, and privileged session monitoring to ensure zero standing privileges.
• Infrastructure Integration: Develop scripts and API integrations to connect the PAM solution with the existing Splunk SIEM for centralized logging and the Identity Governance (IGA) platform for lifecycle management.
• Security Compliance: Support the RMF accreditation process by developing Low-Level Design (LLD) documents, System Security Plans (SSP), and Standard Operating Procedures (SOPs) to achieve Authority to Operate (ATO).
• Enterprise Rollout: Manage the expansion of PAM policies from initial pilot groups to full enterprise enforcement for all privileged users.

Benefits

• Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement.