PAM Lead Engineer

The position is described below. If you want to apply click the Apply button at the top or bottom of this page. Youll be required to create an account or sign in to an existing one.

If you have a disability and need assistance with the application you can request a reasonable accommodation. Send an email to Accessibility (accommodation requests only; other inquiries wont receive a response).

Regular or Temporary:

Language Fluency: English (Required)

Work Shift:

Please review the following job description:

KEY RESPONSIBILITIES

Following is a summary of the essential functions for this job. Other duties may be performed both major and minor which are not mentioned below. Specific activities may change from time to time.

• Develop and implement strategies policies and controls to reduce privileged access and streamline the management of privileged entitlements including hardening PAM policies to ensure robust controls for critical applications supporting a least privilege model. Track reduction in privileged account incidents and regularly report on improvements in access review completion times to demonstrate measurable progress.
• Assess privileged access risks and recommend solutions in partnership with IT security and business teams incorporating Zero Trust framework principles and enforcing least privilege access policies to minimize risk and ensure robust protection of critical assets. Measure compliance rates against audit requirements and report on mitigation effectiveness to ensure accountability.
• Lead roadmap development and continuous improvement of PAM frameworks. Design implement and manage PAM solutions to safeguard critical systems and data with regular tracking and reporting on the adoption and effectiveness of new PAM features and controls.
• Lead integration of PAM tools with IAM platforms and relevant enterprise applications measuring successful integration milestones and tracking reductions in access-related incidents post-implementation.
• In partnership with IT define and implement Just-in-Time (JIT) and Role-Based Access Control (RBAC) models related to privileged access and entitlements leveraging IAM automation framework. Monitor and report on the reduction of unnecessary entitlements.
• Act as a Subject Matter Expert (SME) and technical lead for PAM initiatives. Provide expert guidance training and support for technical teams and end users regarding privileged access and evaluate the effectiveness of training programs through feedback and improvement in compliance metrics.
• Align PAM architecture and processes with regulatory frameworks (CFIUS SOX HIPAA GDPR PCI). Perform regular access reviews of privileged accounts permissions and entitlements across environments. Measure and report on access review completion rates and compliance with Cyber policies and audit requirements.
• Monitor audit and report on privileged account activities for compliance and anomaly detection. Define and implement proactive and/or automated controls when possible and regularly share metrics on detection rates and remediation times.
• Respond to and investigate privileged account security incidents drive root cause analysis and remediation and track incident response times and reductions in repeat incidents to demonstrate ongoing improvement.
• Develop/enhance document and enforce privileged account operational lifecycle policies standards and procedures measuring adherence rates and reporting on policy update frequency to ensure continual alignment with organizational needs.
• Stay informed on emerging PAM trends threats and technologies; implement improvements accordingly and communicate the impact of these enhancements via quarterly progress reports.
• Mentor and lead PAM engineers in project and daily operations monitoring skill development and project success rates to ensure effective team growth and operational excellence.
• Continue to maintain a comprehensive approach to privileged access management by regularly reviewing and updating responsibilities to reflect changes in technology regulations and organizational needs and report annually on these updates and their impact on PAM program effectiveness.

EDUCATION AND EXPERIENCE

The requirements listed below are representative of the knowledge skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Bachelors degree in Computer Science Information Security or a related field or equivalent experience is required.
• 5 years of experience in identity and access management with a strong emphasis on privileged access and PAM solutions is required.

CERTIFICATIONS LICENSES REGISTRATIONS

• Relevant certifications (CISSP CISM vendor-specific PAM) preferred.

FUNCTIONAL SKILLS

• Expertise with PAM tools (e.g. CyberArk Azure PIM (APIM)) and IAM platform integration.
• Solid foundation in authentication authorization and access control concepts.
• Demonstrated experience leading process re-engineering initiatives for PAM operations implementing automation solutions and driving data-driven risk remediation across enterprise environments.
• Advanced scripting/automation experience for PAM operations using PowerShell Python or similar tools such as Ansible or Bash.
• Ability to identify and assess privileged access and entitlement risks and to define and implement effective mitigation strategies.
• Experience with regulatory standards (SOX PCI-DSS HIPAA) and compliance requirements.
• Strong analytical problem-solving and communication skills.
• Knowledge of securing privileged access in cloud and hybrid/multi-cloud environments.
• Demonstrated leadership in managing cross-functional teams and successful delivery of cloud security projects (e.g. overseeing cloud migration initiatives coordinating with stakeholders across IT and business units or implementing security automation in multi-cloud environments).
• Ability to operate effectively in a dynamic fast-paced environment.
• May require on-call availability and participation in incident response outside regular hours.
• Works closely with IT Security Infrastructure and Application teams to ensure privileged access security and compliance across the organization.

General Description of Available Benefits for Eligible Employees of CRC Group: At CRC Group were committed to supporting every aspect of teammates well-being physical emotional financial social and professional. Our best-in-class benefits program is designed to care for the whole you offering a wide range of coverage and support. Eligible full-time teammates enjoy access to medical dental vision life disability and AD&D insurance; tax-advantaged savings accounts; and a 401(k) plan with company match. CRC Group also offers generous paid time off programs including company holidays vacation and sick days new parent leave and more. Eligible positions may also qualify for restricted stock unitsand/or a deferred compensation plan.

CRC Group supports a diverse workforce and is an Equal Opportunity Employer that does not discriminate against individuals on the basis of race gender color religion citizenship or national origin age sexual orientation gender identity disability veteran status or other classification protected by law. CRC Group is a Drug Free Workplace.

EEO is the LawPay Transparency Nondiscrimination Provision E-Verify