We are seeking a highly experienced PAM Lead to oversee Privileged Access Management across enterprise environments. The ideal candidate will have a strong IAM background, hands-on experience with privileged access technologies, and expertise in securing modern AI-driven and multi-cloud environments. This role requires both technical mastery and leadership in designing, implementing, and maintaining secure access policies.
Roles and Responsibilities
- Lead the design, implementation, and administration of enterprise PAM solutions, including credential vaulting, session management, and PAM/PAW models.
- Develop and enforce privileged access policies, least-privilege controls, and zero-trust access strategies.
- Integrate agentic AI systems with enterprise identities, enforcing policy-based guardrails and security protocols (MCP, mutual TLS, OAuth2 token exchanges).
- Manage and secure access across multi-cloud environments (AWS, Azure, GCP) and hybrid directory services (Azure AD, EntraID, Okta, AWS AD).
- Collaborate with Security, DevOps, and Cloud teams to secure API gateways, service meshes (Kong, Istio, Apigee), and machine identities (certificates, SPIFFE/SPIRE).
- Automate IAM and PAM operations using Terraform, Ansible, Pulumi, Cloud-init, Python, and Unix/Windows tools.
- Implement and manage authentication technologies including SSO, federation protocols (SAML, OIDC, OAuth2), SCIM, RBAC, ABAC, and JIT provisioning.
- Perform threat modeling, monitor insider threats, and maintain continuous authentication and audit controls.
- Mentor and guide IAM and PAM engineers, driving best practices and project delivery.
- Maintain compliance with regulatory and security standards across all PAM initiatives.
Required Skills & Experience
- Minimum 7+ years as an IAM Engineer with hands-on privileged access management experience.
- Proficiency in PAM technologies such as CyberArk, Azure Key Vault, AWS Secrets, and other enterprise privileged solutions.
- Strong understanding of agentic AI, AI security tools, and OWASP Top 10/NHI risks mitigation.
- Expertise in API security, service mesh, and machine identity management.
- Experience with IAM automation and administration using Terraform, Ansible, Pulumi, Python, and Unix/Windows systems.
- Deep knowledge of authentication, federation, RBAC/ABAC, zero-trust, and JIT provisioning principles.
- Multi-cloud identity governance experience (Azure AD, AWS AD, EntraID, Okta).
- Awareness of open standards, threat modeling, insider threats, and continuous authentication.
- Excellent leadership, project management, collaboration, and communication skills.