Privileged Access Management Engineer

About The Position

Requirements

• Basic administration skills for Windows Server and Linux systems.
• Exposure to AWS, Azure, or GCP services related to compute, identity, and access management.
• Scripting experience using PowerShell, Python, or Bash.
• Minimum 5-7 years related work experience.
• Experience with information security, system administration, cloud engineering, network administration or IT preferred.
• A team player and quick learner with a heavy emphasis on communication skills.
• Understanding of the Follow the Sun Model and how companies operate on the global scale.

Nice To Haves

• Foundational understanding of IAM concepts and privileged access principles.
• Familiarity with vaulting/secrets management solutions (CyberArk, AWS Secrets Manager, Azure Key Vault).
• Experience with Terraform or other Infrastructure-as-Code tools.
• Familiarity with CyberArk Enterprise Password Vault (EPV), EPM, PSM and WPM.
• Hands-on experience with log analysis, security monitoring, or SIEM tools.

Responsibilities

• Implement and manage the privileged access lifecycle for Windows and Linux servers.
• Onboard, classify, and manage privileged accounts, including local admin, service accounts, and break-glass identities.
• Configure credential rotation policies and enforce strong authentication standards.
• Deploy and maintain Just-in-Time (JIT) and Just-Enough Access (JEA) models.
• Integrate PAM with cloud-native identity frameworks such as AWS IAM Roles, Azure Managed Identities, and GCP Service Accounts.
• Operate and administer CyberArk components (Safes, CPM, PSM/PSMP) and cloud-native secret stores.
• Automate PAM tasks using PowerShell, Python, or Bash.
• Use Infrastructure-as-Code (Terraform preferred) to define and deploy PAM integrations and policies.
• Work with the business to be able to accomplish Privilege Access Operations standard workflows as well as efficiently resolve complex incidents through creative problem solving.
• Work with enterprise stakeholders to understand business requirements and IT standards that influence how PAM solutions/services should operate.
• Be action oriented; taking on new opportunities and tough challenges with a sense of urgency, high-energy and enthusiasm.
• Identifies and recommends opportunities for continuous improvement.
• Supports the implementation of changes to department policies and procedures to meet changing business needs and to achieve department objectives.
• Ability to mentor and provide oversight to analysts on the Privileged Access Management Team.

Benefits

• Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection.
• We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.