About the Job: A managed service PAM engineer plays a key role in the daily operations of the system, ensuring it’s running efficiently and that requests via ticketing systems are completed with SLAs. The candidate requires hands-on experience with Privileged Access Solution and managing its “business as usual” type tasks The role frequently involves investigating and resolving technical problems, so demonstrated troubleshooting skills are required, along with effective organization skills, the ability to multi-task, and efficient time-management skills.
Responsibilities:
- Responsible for implementing part or all the technical solution to the client, in accordance with an agreed technical design. Occasionally responsible for providing a detailed technical design for enterprise solutions.
- Understands a broad spectrum of Privileged Access Management technology to provide part or all detailed technical design which meets customer requirements.
- Develop maintainable, scalable, and secure source code that meets business requirements and team standards.
- Able to communicate and present complex issues with assurance and confidence. Demonstrates the use of consulting skills including questioning, listening, ideas development, rapport, and influencing.
- Able to discuss (within own area of expertise) requirements with a customer, and to challenge and clarify when appropriate. From the requirements, able to develop a high-level design or plan, and then estimate the amount of effort required to deliver. Able to advise the engagement owner about the risks associated with this work package
Requirements:
- Strong hands-on experience in administering and supporting CyberArk and BeyondTrust Password Safe across on-premises and SaaS environments.
- Proven expertise in onboarding and managing a wide range of privileged accounts across Windows, Unix/Linux, databases (Oracle, Sybase, MSSQL, MySQL), cloud platforms (AWS, Azure), web applications, network/security devices, and legacy systems like AS400.
- Skilled in integrating PAM solutions with Active Directory / Azure AD, SIEM tools, ticketing systems (e.g., ServiceNow) and implementing multi-factor authentication.
- Experience configuring Discovery and Scheduled Scans to detect unmanaged assets and accounts.
- Proficient in managing policies, Smart Rules, and workflows for assets, managed systems, and accounts across both platforms.
- Experience in automating account lifecycle management using built-in features like Smart Rules or policy-based automation.
- Capable of performing global configurations, managing platform plugins/connectors, and handling resource broker configurations.
- Experience in performing upgrades, patching, and applying security fixes, including resource broker management and system maintenance best practices.
- Conduct regular health checks and monitoring of PAM infrastructure (web portals, connectors, broker servers) to ensure consistent system availability.
- Familiar with ITIL processes: Incident Management, Problem Management, Configuration Management and Change Management.
- Strong troubleshooting skills with the ability to assess issue severity, provide timely resolutions, and conduct root cause analysis (RCA).
- Proficient in creating and maintaining technical documentation and operational procedures.
- Provide operational support on 8x5 and support 24/7 rotational support if the project demands.
- Mandatory Certification: BeyondTrust Password Safe Administration & CyberArk Defender Engineer.
Add-on (Key Values)
- Knowledge/Experience on Privilege Management for Window/Unix, Privileged Remote access, Remote Support, Secret safe and Identity Security Insights.
- Experience in integrating various DevOps tools like Jenkins, Ansible, Kubernetes, OpenShift, Gitlab, and Terraform.
Note: This job posting is intended for direct applicants only. We request that outside recruiters do not contact us regarding this position.