Weitere Details
PAM Engineer m/f/w (DE)
[17103]
PAM, CyberArk, windows, linux
We are looking for an experienced PAM Subject Matter Expert to lead the design, implementation, and ongoing maturity of privileged access capabilities across the organisation. This role ensures strong security controls for privileged identities, drives compliance, and embeds PAM as a core enterprise security function. Project title: PAM Engineer m/f/w Type of employment: Payroll Industry: IT Skills: PAM,CyberArk,windows ,linux Project start: 02/03/2026 Project duration: 31/08/2026 Location: REMOTE Tasks: ·Define and maintain PAM architecture aligned with Zero Trust principles. ·Develop PAM standards, roadmaps, and design patterns. ·Ensure integration with IAM, SIEM, directory services, and cloud platforms. ·Own and enforce PAM tiering models, including Tier 0 protections. ·Lead onboarding of domain, service, local admin, application, and DevOps accounts. ·Design and configure credential vaulting, rotation, session management, JIT access, and secrets management. ·Provide technical leadership for PAM upgrades, migrations, and platform consolidation. ·Develop PAM policies, procedures, and control frameworks. ·Ensure alignment with ISO 27001, NIST, CIS, and regulated industry requirements. ·Support audits, risk assessments, and remediation activities. ·Establish operational processes, runbooks, and KPIs. ·Manage incidents involving privileged access. ·Drive automation and self-service onboarding. ·Advise IT Security leadership and programme stakeholders. ·Collaborate with infrastructure and application teams. ·Provide training and knowledge transfer. ·Support vendor management and product evaluations. Qualifications: ·Deep expertise with enterprise PAM platforms (CyberArk, Delinea, BeyondTrust, One Identity, HashiCorp Vault). ·Strong Active Directory / Entra ID knowledge. ·Experience with Windows, Linux, and Unix privileged access. ·Background in large enterprise environments and regulated industries. ·Strong communication, problem-solving, and stakeholder management skills.
- Define and maintain PAM architecture aligned with Zero Trust principles.
- Develop PAM standards, roadmaps, and design patterns.
- Ensure integration with IAM, SIEM, directory services, and cloud platforms.
- Own and enforce PAM tiering models, including Tier 0 protections.
- Lead onboarding of domain, service, local admin, application, and DevOps accounts.
- Design and configure credential vaulting, rotation, session management, JIT access, and secrets management.
- Provide technical leadership for PAM upgrades, migrations, and platform consolidation.
- Develop PAM policies, procedures, and control frameworks.
- Ensure alignment with ISO 27001, NIST, CIS, and regulated industry requirements.
- Support audits, risk assessments, and remediation activities.
- Establish operational processes, runbooks, and KPIs.
- Manage incidents involving privileged access.
- Drive automation and self-service onboarding.
- Advise IT Security leadership and programme stakeholders.
- Collaborate with infrastructure and application teams.
- Provide training and knowledge transfer.
- Support vendor management and product evaluations.
- Deep expertise with enterprise PAM platforms (CyberArk, Delinea, BeyondTrust, One Identity, HashiCorp Vault).
- Strong Active Directory / Entra ID knowledge.
- Experience with Windows, Linux, and Unix privileged access.
- Background in large enterprise environments and regulated industries.
- Strong communication, problem-solving, and stakeholder management skills.
Tünde Verebélyi