RemoteLeaf Logo
Log in Sign up

Senior Engineer - Privileged Access Management

1 hour, 57 minutes ago
United States
Full-time
Senior
Security Engineer
DevOps and Infrastructure
Active Directory Agile Bash Elasticsearch HIPAA Linux OAuth OpenID Connect PowerShell Python REST API SAML Scrum SIEM Unix
Apply Now
AHEAD

AHEAD

AHEAD accelerates the impact of technology on clients by engineering customized data, developer, and infrastructure platforms that improve IT operations. By weaving together cloud infrastructure, intelligent operations, and modern applications, we help...

IT Services
1K-5K
$43M raised
View All Jobs 73

Description

  • Lead the architecture, design, onboarding, and standardization of multi-tenant BeyondTrust PAM services for MSP customers.
  • Architect secure privileged access workflows for infrastructure, applications, databases, cloud platforms, and network devices.
  • Implement and maintain BeyondTrust Password Safe capabilities, including account discovery, credential rotation, session management, approvals, and just-in-time access.
  • Implement and tune BeyondTrust Privilege Management for endpoints and servers to enforce least privilege.
  • Design, maintain, and support highly available BeyondTrust infrastructure, including clustering, scaling, upgrades, patching, and disaster recovery.
  • Integrate PAM solutions with identity, MFA/SSO, SIEM, and ITSM platforms such as Active Directory, Entra ID, SAML/OIDC, and ServiceNow.
  • Develop automation and tooling using PowerShell, Python, and REST APIs to streamline onboarding, enforce standards, and generate reporting.
  • Lead customer onboarding efforts, including requirements gathering, risk assessment, playbook creation, and validation of PAM controls.
  • Serve as the escalation point and subject matter expert for PAM incidents, service requests, and complex access issues.
  • Document architectures, standards, runbooks, migration playbooks, and knowledge base content, and mentor team members on PAM best practices.

Requirements

  • Bachelor’s degree or equivalent experience in Information Systems, Computer Science, Cybersecurity, or a related field.
  • 7+ years of related experience in IT operations, infrastructure engineering, or cybersecurity with hands-on privileged access responsibility.
  • 3+ years of direct experience designing, implementing, and operating PAM solutions.
  • BeyondTrust experience strongly preferred; experience with CyberArk or Delinea is a plus.
  • Experience delivering services in a managed services or consulting capacity with direct customer engagement and multi-tenant or multi-customer environments.
  • Experience leading technical initiatives, cross-functional projects, and mentoring junior team members.
  • Experience working in regulated or compliance-driven environments such as SOX, PCI DSS, HIPAA, or ISO 27001.
  • Strong understanding of least privilege, separation of duties, identity and access management, and secure system design.
  • Hands-on scripting and automation experience with tools such as PowerShell, Python, Bash, and REST APIs.
  • Experience with Windows and Linux systems, enterprise IT infrastructure, and authentication/authorization protocols such as Kerberos, NTLM, LDAP, RADIUS, SAML, OAuth2/OIDC, and API keys.
  • Experience working in Scrum/Agile environments and managing multiple concurrent efforts in a fast-paced setting.

Benefits

  • $150,000 to $170,000 annual On-Target Earnings, including base salary and applicable target bonus.
  • Medical, dental, and vision insurance.
  • 401(k) plan.
  • Paid company holidays.
  • Paid time off.
  • Paid parental and caregiver leave.
  • Sponsorship for certifications, credentials, and continued learning.
  • Access to internal training and development opportunities, including cross-department training and a technology lab environment.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

The Missing Link

Saviynt IAM Specialist

The Missing Link 51-250 Internet Software & Services

The Missing Link is seeking a Security Engineer - Saviynt to support large enterprise identity governance initiatives, design and deliver Saviynt-based solutions, and strengthen its growing cyber security practice.

India Full-time Mid Level Security Engineer
Active Directory Azure Cybersecurity JavaScript PowerShell REST API SAP SQL
1 hour, 12 minutes ago
EnableComp

AI Security Architect (REMOTE - United States)

EnableComp 251-1K Insurance

EnableComp is seeking a remote AI Security Architect to secure and govern its AI and machine learning initiatives within its healthcare revenue cycle management environment.

United States Full-time Senior AI Engineer Security Engineer
Azure Cybersecurity HIPAA LLM Machine Learning
1 hour, 27 minutes ago
Dropbox

Senior Infrastructure Security Engineer

Dropbox 1K-5K Internet Software & Services

Dropbox is hiring a Security Engineer to secure its AI and agentic infrastructure while helping protect products and users across cloud and on-prem environments.

Canada Full-time Lead Infrastructure Engineer Security Engineer
$152k-$206k
Bash CI/CD CrowdStrike Go Java Kubernetes Linux LLM Node.js OAuth OpenID Connect OWASP Python Ruby Rust SIEM
1 hour, 27 minutes ago
Fullscript

Staff, Security Engineer

Fullscript 251-1K Health Care Providers & Services

Fullscript is hiring a Staff Security Engineer to lead hands-on security engineering across its healthcare technology platform, shaping secure product development and protecting systems that support practitioners and patients.

United States Canada Full-time Lead Security Engineer
AWS GitHub GitLab GraphQL JavaScript Node.js Penetration Testing Ruby on Rails
1 hour, 57 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers