Job Description
The PAM Engineer will be responsible for technical deployment, rollout, maintenance, and support for the end-to-end Privileged Access Management (PAM) systems (BeyondTrust Solutions – Password Safe-PS, Endpoint Privileged Management EPM – PM Window, PM Mac, Unix Linux-PMUL, AD Bridge or Identity Security Insight- ISI, Privileged Remote Access-PRA)
· Responsible for the BeyondTrust delivery and operations, including strategic direction, establishing technical standards, overseeing staffing, performance, career growth, and serve as escalation for complex PAM issues
· Provides technical support across IAM applications to define, implement and enhance current and new IAM software, hardware requirements, delivering and supporting PAM solutions, and processes
· Provide support with respect to implementation, and concurrent delivery of two or more Privileged platforms (i.e., PAM) such as BeyondTrust, Delinea, Microsoft Entra ID, Privileged Identity Manager
· Assist with onboarding and managing privileged accounts across servers, databases, network devices, cloud platforms, and applications
· Assist with implementing password vaulting, credential rotation, secrets management, service accounts and non-human identities, reducing shared and hard-coded credentials
Rate will range between $65-$85/hr depending on skills and experience
· Assist with various privileged access management policy tasks which include creating policies for application elevated access, policy enforcement errors, failed elevations and rule conflicts, reviews logs for policy bypass attempts, review/adjust flex group policies for appropriateness, review/adjust PMUL configurations to allow users access to appropriate systems, review discovery logs, and correct discovery issues
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Required Skills & Experience
Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, Engineering, or related field
· 8–10 years IAM / Security engineering experience, including 8+ years hands-on with BeyondTrust (BT) PAM solutions (i.e., Password Safe (PS), Privileged Remote Access (PRA), Endpoint Privilege Management (EPM) and other PAM platforms (e.g., Delinea, CyberArk, Azure PIM)
· Proven leadership in designing, deploying, and operating BeyondTrust PAM solutions, including privileged discovery, onboarding, vaulting, rotation, Just-in-time (JIT) access, least privilege, and session monitoring
· Deep experience securing privileged access across Windows, Mac, End Points, Linux/Unix, AD, Databases, Network Devices, and Cloud platforms (AWS, Azure, GCP)
· Strong integration experience with IAM/IGA (SailPoint, Entra ID), ITSM (ServiceNow), SIEM (Splunk, CrowdStrike), and MFA solutions
· Advance discovery/current-state assessment of BT environment and leading implementation of actions plan
· Expertise in developing and maintaining detailed system documentation and change records while collaborating with other teams to resolve complex technical issues and promoting continuous improvement.
· Advanced administration, monitoring, and maintenance of the BeyondTrust PAM platform, including complex configuration, upgrades, patching, and troubleshooting
· Experience overseeing technical cyber activities such as account provisioning, access reviews, credential management, log analysis, and incident response within BeyondTrust
· Advanced Active Directory expertise (domains, trusts, replication, GPOs) and identities migrations post-merger/acquisition
· Ability to lead and mentor PAM engineers, define architecture and standards, build runbooks, drive adoption, and remediate environments (get-well plans), Experience leading audit engagements related to PAM controls
· Strong automation and scripting skills (PowerShell, Python, JavaScript, Bash, SQL, etc.) and experience with Zero Trust architectures
· 4–6 years AWS experience (EC2, Lambda); certifications a plus (CISSP, CISM, CRISC, CISA) and BeyondTrust certifications or formal training (Password Safe, PRA, or EPM).
· Experience deploying BeyondTrust PAM in large, global, or M&A-driven environments.
· Strong communication skills, executive presence, documentation, and ability to operate in fast-paced environments
· Strong attention to detail, analytical, decision-making, effective documentation, and process review skills
· Demonstrates strategic thinking in application of security technologies and interoperability
Nice to Have Skills & Experience
Lead experience
Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.