Senior PAM Engineer

Gulf Coast Automation Group•Chicago, IL

7d•$70 - $82•Remote

About The Position

TalentFish is casting a line for a Senior PAM Engineer . This is a 6 month contract to hire REMOTE. The reason this position exists is to support, enhance, and secure the organization's Privileged Access Management (PAM) platforms, ensuring compliant, least-privileged access for workforce users, vendors, and systems across enterprise and cloud environments. This role plays a critical part in protecting high-risk credentials, reducing attack surface, supporting audits, and enabling secure operational access through modern PAM practices.

Requirements

8+ years of experience in Identity and Access Management (IAM), including 5+ years of hands-on Privileged Access Management (PAM) engineering experience
Strong expertise designing, implementing, administering, and supporting PAM solutions for workforce users and third-party vendors in large enterprise environments
Subject matter expert for PAM platform upgrades, migrations, and major re-architecture initiatives
Experience recommending and enforcing PAM security standards and configuration baselines
Proven experience managing Non-Human Identities (NHI), enforcing administrative tiering models (Tier 0/1/2), and implementing platform hardening
Hands-on experience with one or more leading PAM platforms, including CyberArk, Delinea, and/or HashiCorp Vault
Strong understanding of privileged access concepts such as credential vaulting and rotation, privileged session management (PSM), Just-in-Time (JIT), Just-Enough-Access (JEA), and break-glass access
Experience securing privileged access across Windows and Linux servers, databases, APIs, and cloud platforms (AWS, Azure, GCP)
Experience integrating PAM platforms with IAM/SSO solutions such as Okta or Entra ID
Strong scripting and automation skills using PowerShell, Python, Bash, or JavaScript
Knowledge of compliance and security frameworks including SOC 2, ISO 27001, HIPAA, and NIST
Experience supporting audits, access reviews, and compliance activities related to privileged access
Familiarity with logging, monitoring, SIEM integrations, and platform health reporting

Nice To Haves

Vendor-specific PAM certifications (CyberArk, Delinea, HashiCorp)
Experience with Zero Trust security architectures
Experience with cloud-native PAM and secrets management
Healthcare industry experience preferred
Experience integrating PAM with ITSM tools such as ServiceNow
Exposure to Identity Governance and Administration (IGA) tools including SailPoint or Saviynt

Responsibilities

Design, implement, and support enterprise PAM solutions across on-prem and cloud environments
Maintain and enhance PAM platforms to ensure secure, reliable, and compliant privileged access
Develop PAM onboarding playbooks for new systems and applications
Implement credential vaulting, rotation, session monitoring, and emergency access controls
Enforce least-privilege access and administrative tiering models to reduce organizational risk
Perform platform upgrades, migrations, and architecture improvements
Monitor platform health, build KPI dashboards, and troubleshoot access or session issues
Integrate PAM with IAM, SSO, ITSM, logging, and SIEM platforms
Support audits, access reviews, and compliance initiatives
Collaborate with security, infrastructure, cloud, and application teams
Mentor junior engineers and lead PAM design and architecture discussions