Job Overview

Responsible for designing, implementing, and managing Privileged Access Management (PAM) solutions to secure, monitor, and control privileged accounts and sessions across the organization. The role ensures least-privilege enforcement, credential lifecycle management, secure access to critical systems, and alignment with regulatory and organizational security frameworks.

Key Responsibilities

• Design, deploy, and maintain PAM architectures and components (vaults, session brokers, credential rotation, connectors)

• Administer and configure enterprise PAM platforms (e.g., CyberArk, Beyond Trust, Thycotic, or equivalent)

• Implement and enforce least-privilege access models, role-based access controls (RBAC), and just-in-time (JIT) access workflows

• Manage privileged credential lifecycle: onboarding, rotation, vaulting, and decommissioning

• Monitor privileged sessions, capture recordings, and perform periodic reviews and audits of privileged activity

• Integrate PAM with identity providers, SIEM, ITSM, and endpoint solutions to enable centralized logging, alerting, and incident response

• Develop and maintain ITPs, runbooks, standard operating procedures, and implementation/migration plans for PAM-related activities

• Conduct vulnerability assessments, perform risk analysis for privileged access, and recommend compensating controls

• Support security compliance and audit requests by providing evidence, reports, and remediation activities aligned with NCA ECC/CCC, PDPL, or equivalent frameworks

• Provide technical guidance, training, and knowledge transfer to operations, SOC, and application teams on PAM best practices

• Investigate privileged access incidents and collaborate with incident response to contain and remediate breaches involving privileged credentials

Required Skills and Qualifications

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, Computer Engineering, or a related field

• Minimum 4-8 years of hands-on experience implementing or administrating PAM or related privileged account controls

• Hands-on experience with commercial PAM products (CyberArk, BeyondTrust, Thycotic/Delinea, Centrify) or open-source equivalents

• Strong understanding of identity and access management concepts including RBAC, MFA, SSO, JIT, and delegation patterns

• Experience integrating PAM with Active Directory/LDAP, SSO providers, SIEM, ITSM, and orchestration tools

• Familiarity with logging, monitoring, and analytics for privileged sessions; ability to produce audit-ready reports

• Knowledge of relevant regulatory frameworks and standards (NCA ECC/CCC, PDPL, ISO 27001, NIST) and ability to map PAM controls to compliance requirements

• Strong scripting and automation skills (PowerShell, Python, REST APIs) to support integrations and operational tasks

• Excellent documentation, communication, and stakeholder coordination skills

• Professional certifications such as CyberArk Trustee/Administrator, CISSP, CISM, or equivalent are desirable

Additional Skills :

• 1. Hands-on experience with BeyondTrust PAM

  2. Strong knowledge of Active Directory & Identity Management

  3. Experience with SIEM integration

  4. Knowledge of Privileged Access Management concepts

  5. Troubleshooting & incident handling

  6. Experience with APIs and system integrations

  7. Understanding of security policies & compliance

  8. Ability to manage servers and user access securely

Preferred Qualifications

• Experience working within energy, utilities, or critical infrastructure environments and familiarity with OT/ICS considerations

• Familiarity with cloud PAM concepts and SaaS/Cloud connector implementations on AWS, Azure, or GCP

• Experience supporting large-scale PAM rollouts, migrations, and change management activities

Behavioral Competencies

• Collaborative and customer-focused with the ability to work across technical and non-technical teams

• Analytical thinker with strong problem-solving and troubleshooting capabilities

• Detail-oriented, organized, and committed to maintaining high-quality documentation

• Ability to manage multiple priorities and work effectively in fast-paced environments

Location & Reporting

Position reports to the Information Security Manager and will collaborate closely with IT operations, SOC, identity teams, and business application owners. Location and onsite expectations will be specified during the hiring process.