Job Title: Sr. Privileged Access Management (PAM) Platform Engineer
Duration: 6 months (Potential of conversion to FTE)
Location: Seattle, WA (Hybrid)

Description:

• PAM Platform Leadership: Serve as the primary technical expert for privileged access management solutions, including architecture, deployment, configuration, and optimization of password vaults and endpoint privilege management systems
• Enterprise PAM Implementation: Design and execute large-scale PAM deployments across Windows, macOS, and Linux environments, ensuring seamless integration with existing infrastructure
• Policy Development & Management: Create and maintain privilege elevation policies, credential rotation schedules, access request workflows, and governance rules aligned with security and compliance requirements
• Integration & Automation: Integrate PAM solutions with ITSM platforms, SIEM tools, vulnerability scanners, directory services, and other security infrastructure to create comprehensive privileged access workflows
• Troubleshooting & Support: Provide expert-level technical support for PAM platform issues, performance optimization, privileged account onboarding, and user access requests
• Security & Compliance: Ensure PAM implementations meet PCI DSS, and other requirements through proper audit trails, session recording and monitoring, and privileged account governance
• Documentation & Training: Develop technical documentation, procedures, and training materials for internal teams and end users
• Continuous Improvement: Monitor platform performance, evaluate new features, and implement best practices to enhance security posture and operational efficiency

Required Experience:

• 4-6+ years of hands-on experience implementing and managing enterprise PAM platforms such as CyberArk, BeyondTrust, Delinea (Thycotic) in large-scale environments
• Vendor certifications in one or more major PAM platforms (CyberArk Certified Delivery Engineer, BeyondTrust Certified Implementation Engineer, Delinea certified professional, etc.) preferred
• Deep expertise in privileged account discovery, credential management, password rotation, session management, and access request workflows using enterprise PAM solutions
• Strong understanding of Windows Server administration, Active Directory, Group Policy, and PowerShell scripting
• Experience with Linux/Unix system administration and shell scripting for cross-platform PAM deployments
• Knowledge of networking fundamentals including protocols, ports, certificates, load balancing, and security hardening
• Experience with cloud platforms (AWS, Azure) and containerization technologies (Docker, Kubernetes)
• Understanding of identity and access protocols (SAML, OIDC, OAuth, SCIM, LDAP) and their integration with PAM solutions

Technical Skills:

• PAM Platforms: Experience with major vendors (CyberArk Privileged Access Security, BeyondTrust Password Safe/EPM, Delinea Secret Server/Privilege Manager, Ping Identity PingOne Protect)
• Operating Systems: Windows Server (2016/2019/2022), Windows 10/11, macOS, RHEL, Ubuntu, SUSE
• Databases: SQL Server, MySQL, PostgreSQL, Oracle for PAM backend configuration
• Virtualization: VMware vSphere, Hyper-V, cloud-based virtual machines
• Scripting: PowerShell, Bash, Python for automation and integration tasks
• Security Tools: Integration experience with vulnerability scanners, endpoint detection tools, and identity governance platforms

Preferred Qualifications:

• Experience with multiple PAM vendors and platform migration/integration projects
• Knowledge of DevOps practices, CI/CD pipelines, and Infrastructure as Code (Terraform, Ansible)
• Familiarity with ITSM integration (ServiceNow, Jira) for ticket-driven privileged access workflows
• Experience with SIEM integration and security monitoring platforms (Splunk, QRadar, etc.)
• Understanding of zero trust architecture and least privilege access principles
• Experience with secrets management platforms (HashiCorp Vault, AWS Secrets Manager, Azure Key Vault)
• Previous experience in retail technology environments or large-scale enterprise deployments
• Industry certifications such as CISSP, CISM, or relevant cloud security certifications

 
 
At SPECTRAFORCE, we are committed to maintaining a workplace that ensures fair compensation and wage transparency in adherence with all applicable state and local laws. This position’s starting pay is: $ 83.79/hr.