CrawlJobs Logo

Delinea PAM Engineer

realign-llc.com Logo

Realign

Location Icon

Location:
United States , Milford

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

140000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

Job Description: Must Have Technical/Functional Skills • Experience: 5+ years of dedicated experience in Identity and Access Management (IAM), with at least 3+ years specifically focused on Delinea (formerly Thycotic). • Delinea Mastery: Deep technical knowledge of Secret Server (Distributed Engines, Secret Policies) and Privilege Manager (Application Control, Elevation). • Microsoft Entra ID: Strong experience with Azure PIM, Conditional Access, and Managed Identities. • Infrastructure Skills: Strong understanding of Windows Server administration, Active Directory, GPOs, and Linux/Unix environments. • Scripting: Proficiency in PowerShell or Python to automate API calls to Delinea and bulk-import secrets. Proficiency in SQL to generate reports. Roles & Responsibilities • Delinea Architecture: Lead the end-to-end implementation and scaling of Delinea Secret Server (On-prem or Cloud) and Delinea Privilege Manager. • Secret Management: Design and maintain secret heartbeat, remote password changing (RPC), and check-out/check-in workflows for service accounts, local admins, and root accounts. • Secure Remote Access (SRA): Have a good understanding of VPN-less remote access solutions (e.g., Delinea PRA) to provide secure, audited entry points for internal admins and third-party vendors. • Azure PIM: General understanding of Azure PIM. • Endpoint Privilege Management: Configure policies in Delinea Privilege Manager to enforce Least Privilege, allowing users to perform administrative tasks without having full local admin rights. • Hybrid Integration: Ensure interoperability between Delinea (for on-prem) and Azure PIM (for Cloud Control Plane access), creating a unified identity security posture. • Integration & Automation: Integrate Delinea with Active Directory (AD/Azure AD), SIEM (Sentinel), and Ticket Systems (ServiceNow) to automate lifecycle management. • Discovery & Onboarding: Manage automated discovery rules to identify unmanaged accounts across Windows, Linux, and Network devices. • Session Management: Configure and audit session recording and monitoring (Protocol Handler/Session Proxy) for high-risk administrative sessions. • Compliance & Audit: Generate high-level reporting for audit requirements and lead remediation efforts for privileged access findings

Job Responsibility:

  • Delinea Architecture: Lead the end-to-end implementation and scaling of Delinea Secret Server (On-prem or Cloud) and Delinea Privilege Manager
  • Secret Management: Design and maintain secret heartbeat, remote password changing (RPC), and check-out/check-in workflows for service accounts, local admins, and root accounts
  • Secure Remote Access (SRA): Have a good understanding of VPN-less remote access solutions (e.g., Delinea PRA) to provide secure, audited entry points for internal admins and third-party vendors
  • Azure PIM: General understanding of Azure PIM
  • Endpoint Privilege Management: Configure policies in Delinea Privilege Manager to enforce Least Privilege, allowing users to perform administrative tasks without having full local admin rights
  • Hybrid Integration: Ensure interoperability between Delinea (for on-prem) and Azure PIM (for Cloud Control Plane access), creating a unified identity security posture
  • Integration & Automation: Integrate Delinea with Active Directory (AD/Azure AD), SIEM (Sentinel), and Ticket Systems (ServiceNow) to automate lifecycle management
  • Discovery & Onboarding: Manage automated discovery rules to identify unmanaged accounts across Windows, Linux, and Network devices
  • Session Management: Configure and audit session recording and monitoring (Protocol Handler/Session Proxy) for high-risk administrative sessions
  • Compliance & Audit: Generate high-level reporting for audit requirements and lead remediation efforts for privileged access findings

Requirements:

  • Experience: 5+ years of dedicated experience in Identity and Access Management (IAM), with at least 3+ years specifically focused on Delinea (formerly Thycotic)
  • Delinea Mastery: Deep technical knowledge of Secret Server (Distributed Engines, Secret Policies) and Privilege Manager (Application Control, Elevation)
  • Microsoft Entra ID: Strong experience with Azure PIM, Conditional Access, and Managed Identities
  • Infrastructure Skills: Strong understanding of Windows Server administration, Active Directory, GPOs, and Linux/Unix environments
  • Scripting: Proficiency in PowerShell or Python to automate API calls to Delinea and bulk-import secrets. Proficiency in SQL to generate reports

Additional Information:

Job Posted:
May 04, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Realign - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Delinea PAM Engineer

Identity Governance and Privileged User Engineer

Join the IAM team to manage privileged access and identity governance. Work with...
Location
Location
Switzerland , Bioggio
Salary
Salary:
Not provided
avaloq.com Logo
Avaloq
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Degree in IT or a related field
  • 2–3 years of experience in PAM/IGA roles
  • Hands-on experience with One Identity Safeguard or similar tools (e.g., CyberArk, BeyondTrust, Delinea)
  • Strong Windows and Linux engineering skills
  • Solid knowledge of AD, Azure AD/Entra ID, LDAP, and authentication protocols
  • Proficiency in Terraform, Ansible, and PowerShell
  • SQL knowledge preferred
  • Strong documentation skills and a compliance-focused mindset
  • Fluent in English
Job Responsibility
Job Responsibility
  • Operate and maintain One Identity Safeguard
  • Manage credential policies, password rotation, and integrations
  • Onboard systems and accounts into PAM
  • Monitor platform health and troubleshoot issues
  • Support JML processes with One Identity Manager
  • Maintain workflows, mappings, and job server operations
  • Integrate new applications and validate access assignments
  • Maintain SOPs, runbooks, and audit-compliant records
  • Manage IAM components on Windows/Linux
  • Perform patching, hardening, and monitoring
What we offer
What we offer
  • Annual bonus
  • Flexible working
  • Instant recognition scheme
  • Access to Udemy for professional and personal learning
  • Fulltime
Read More
Arrow Right

Senior System Security and Information Assurance Engineer

The Senior PAM Engineer will play a critical role within Line of Effort 2, respo...
Location
Location
United States , Tampa
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD Top Secret clearance with SCI eligibility
  • Master’s degree (MA/MS) in Cybersecurity, Information Technology, Computer Science, Engineering, or related field
  • 10+ years of professional experience in cybersecurity, systems engineering, or information assurance
  • Meets Cyber Engineer – Senior labor category requirements, including independent execution of all functional duties and support to mission-critical program elements
  • DoD 8570 IAT Level II certification or higher (e.g., Security+ CE, CCNA Security)
  • Deep expertise in Privileged Access Management (PAM) architectures and Zero Standing Privilege concepts
  • Hands-on experience implementing Just-In-Time (JIT) access workflows
  • Experience integrating PAM solutions with Active Directory, SIEM platforms (Splunk), and Identity Governance (IGA) tools
  • Experience producing technical documentation to support RMF and ATO processes (LLDs, SSPs, SOPs)
  • Ability to lead or oversee the efforts of less senior staff as required by program needs
Job Responsibility
Job Responsibility
  • Lead the installation, configuration, and technical implementation of an enterprise Privileged Access Management (PAM) solution (Delinea-focused) across multiple network enclaves
  • Discover, inventory, and onboard privileged user, administrator, and service accounts into a secure credential vault
  • Design and enforce policies for Just-In-Time (JIT) access, session monitoring, and session recording to achieve zero standing privileges
  • Develop scripts and API-based integrations between the PAM solution, Splunk SIEM, and Identity Governance (IGA) platforms
  • Support RMF accreditation activities by developing Low-Level Design (LLD) documents, System Security Plans (SSPs), and Standard Operating Procedures (SOPs)
  • Support Authority to Operate (ATO) efforts through security control implementation and technical validation
  • Lead enterprise rollout of PAM policies from pilot groups to full operational enforcement
  • Collaborate with Zero Trust architects, identity teams, and cyber engineers to ensure alignment with enterprise security architecture
Read More
Arrow Right

ICAM Identity Engineer

We are seeking an ICAM Identity Engineer to provide hands-on technical expertise...
Location
Location
United States , Tampa
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active TS/SCI Clearance
  • Demonstrated, hands-on expertise with at least one core ICAM platform (Microsoft Entra ID, enterprise PAM such as Delinea, or enterprise IGA such as SailPoint)
  • Strong understanding of identity security principles: least privilege, MFA, JIT/JEA, RBAC/ABAC
  • Experience with Active Directory administration and Group Policy management
  • Ability to design, implement, and troubleshoot complex enterprise security policies
  • DoD 8140 compliance at IAT Level II
Job Responsibility
Job Responsibility
  • Design and implement Microsoft Entra ID Conditional Access policies aligned with Zero Trust principles for Azure and AWS
  • Configure and maintain CAC/PKI-based Certificate Authentication and legacy ADFS environments
  • Manage Ping Federate as an enterprise federation gateway
  • onboard applications for SSO using SAML and OIDC
  • enforce phishing-resistant MFA
  • Onboard privileged user, service, and application accounts into Delinea
  • Implement policies for credential rotation, session recording, and privileged session monitoring
  • Develop and maintain Just-in-Time (JIT) and Just-Enough-Administration (JEA) workflows to reduce standing privileges
  • Configure SailPoint to automate Joiner-Mover-Leaver processes
  • Build and maintain enterprise access catalogs and automated approval workflows
Read More
Arrow Right

Senior Delinea IAM/PAM Technical Consultant

Our client, a large professional services firm, is looking to hire a Senior Deli...
Location
Location
United States
Salary
Salary:
Not provided
clearbridgetech.com Logo
ClearBridge Technology Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Delinea Secret Server & Delinea Platform implementation
  • PAM architecture
  • AD/Entra SSO
  • RBAC
  • Distributed engines, discovery/policies, migration, integrations, enterprise troubleshooting, documentation, and workshops
Job Responsibility
Job Responsibility
  • Lead the architecture, design, deployment, and migration enablement of Delinea Secret Server across multiple geographies (UAT/Non-Production, APAC, Europe, and US)
  • Partner with internal IT and stakeholders to assess existing configurations, conduct design workshops, configure Delinea Secret Server (Premium/Platinum), support customer-led migration from Hitachi PAM, and drive Production Readiness Review (PRR) preparation and delivery
  • Perform Architecture, Design, and Workshops, leading discovery and detailed design activities to define target-state architecture for Delinea Secret Server aligned to regional needs and security standards
  • Perform UAT / Non-Production Deployment & Validation, reviewing and assessing a UAT environment to determine current configuration and readiness
  • Deploy and configure Delinea Secret Server (Premium/Platinum) and Delinea Platform components aligned to the selected target architecture
  • Work on Migration Enablement (Hitachi to Delinea) and provide advisory and hands-on assistance for customer-led migration of userbase and secrets from Hitachi to Delinea Secret Server
  • Fulltime
Read More
Arrow Right
New

Pam Engineer

Whitehall Resources are currently looking for a PAM Engineer based in Berkshire ...
Location
Location
United Kingdom , Berkshire
Salary
Salary:
Not provided
whitehallresources.com Logo
Whitehall Resources Ltd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Relevant certifications (e.g., CyberArk Defender, CISSP, CISM)
  • Experience in cloud environments (AWS, Azure, GCP) and hybrid infrastructures
  • Knowledge of DevSecOps practices and CI/CD pipeline integration
  • Experience in PAM engineering or cybersecurity roles
  • Proficiency with PAM tools such as CyberArk, BeyondTrust, or Delinea
  • Strong understanding of Active Directory, LDAP, and authentication protocols
  • Experience with scripting (PowerShell, Python) for automation and reporting
  • Familiarity with compliance frameworks (ISO 27001, NIST, GDPR)
  • Excellent problem-solving, communication, and documentation skills
Job Responsibility
Job Responsibility
  • Design, deploy, and manage PAM solutions (e.g., CyberArk, BeyondTrust, Delinea)
  • Implement least privilege access models and enforce secure credential management
  • Monitor and audit privileged access activities across systems and applications
  • Integrate PAM tools with SIEM, IAM, and other security platforms
  • Develop and maintain policies, procedures, and documentation for PAM operations
  • Conduct regular access reviews, privilege audits, and risk assessments
  • Collaborate with IT, DevOps, and Security teams to ensure seamless PAM integration
  • Provide technical support and troubleshooting for PAM-related issues
  • Stay current with industry trends, threats, and best practices in access management
  • Fulltime
Read More
Arrow Right

Pam engineer

Whitehall Resources are currently looking for a PAM Engineer – SC Cleared.
Location
Location
United Kingdom , Berkshire
Salary
Salary:
Not provided
whitehallresources.com Logo
Whitehall Resources Ltd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Relevant certifications (e.g., CyberArk Defender, CISSP, CISM)
  • Experience in cloud environments (AWS, Azure, GCP) and hybrid infrastructures
  • Knowledge of DevSecOps practices and CI/CD pipeline integration
  • Experience in PAM engineering or cybersecurity roles
  • Proficiency with PAM tools such as CyberArk, BeyondTrust, or Delinea
  • Strong understanding of Active Directory, LDAP, and authentication protocols
  • Experience with scripting (PowerShell, Python) for automation and reporting
  • Familiarity with compliance frameworks (ISO 27001, NIST, GDPR)
  • Excellent problem-solving, communication, and documentation skills
  • Must not have been outside of the UK for more than 6 Months in the last 5 years
Job Responsibility
Job Responsibility
  • Design, deploy, and manage PAM solutions (e.g., CyberArk, BeyondTrust, Delinea)
  • Implement least privilege access models and enforce secure credential management
  • Monitor and audit privileged access activities across systems and applications
  • Integrate PAM tools with SIEM, IAM, and other security platforms
  • Develop and maintain policies, procedures, and documentation for PAM operations
  • Conduct regular access reviews, privilege audits, and risk assessments
  • Collaborate with IT, DevOps, and Security teams to ensure seamless PAM integration
  • Provide technical support and troubleshooting for PAM-related issues
  • Stay current with industry trends, threats, and best practices in access management
Read More
Arrow Right

ICAM Identity Engineer

We are seeking an ICAM Identity Engineer to provide hands-on implementation and ...
Location
Location
United States , Tampa
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD Top Secret clearance with SCI eligibility
  • DoD 8140 compliant (IAT Level II or higher)
  • Hands-on experience with at least one core identity platform: Microsoft Entra ID, Enterprise PAM (e.g., Delinea), Enterprise IGA (e.g., SailPoint)
  • Strong understanding of identity security principles (least privilege, MFA, RBAC/ABAC, JIT/JEA)
  • Experience administering Active Directory and enterprise identity policies
  • Ability to implement and troubleshoot complex access control and security configurations
  • Labor Category Alignment: Journeyman: 3–10 years of experience
  • BA/BS or MA/MS
  • Senior: 10+ years of experience
  • MA/MS
Job Responsibility
Job Responsibility
  • Implement and maintain Microsoft Entra ID Conditional Access policies and CAC/PKI authentication
  • Manage federation and SSO integrations using Ping Federate (SAML, OIDC, MFA)
  • Onboard and manage privileged accounts within an enterprise PAM solution (e.g., Delinea)
  • Configure credential rotation, session monitoring, and Just-In-Time / Just-Enough-Administration workflows
  • Implement SailPoint IGA workflows for Joiner-Mover-Leaver lifecycle automation and access certification
  • Administer Active Directory using delegated administration tools (e.g., Active Roles)
  • Manage Linux identity and authorization policies using Red Hat IdM (HBAC, sudo)
  • Troubleshoot identity, authentication, and access control issues across enterprise environments
Read More
Arrow Right

Identity and Access Management Engineer

We are seeking an Identity and Access Management Engineer to design and protect ...
Location
Location
United States , San Jose
Salary
Salary:
133400.00 - 200000.00 USD / Year
archer.com Logo
Archer Aviation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5 plus years of experience in Identity and Access Management or related roles, with a minimum of 2 years in a senior or architect-level capacity
  • Hands-on design and implementation experience with enterprise Identity Providers such as Okta, Azure AD (Active Directory), or Ping Identity
  • Deep technical understanding of authentication protocols and standards, including OIDC, SAML, OAuth 2.0, and LDAP
  • Extensive experience designing and operating Privileged Access Management (PAM) solutions, preferably Delinea, including credential vaulting, session recording, and approval workflows
  • Working knowledge of RBAC (Role-Based Access Control) design and implementation, with the ability to map complex organizational hierarchies to access policies
  • Experience implementing and managing Multi-Factor Authentication (MFA) technologies such as FIDO2, Okta Verify, Duo Security, YubiKey, and PKI-based authentication
  • Strong understanding of NIST SP 800-171 and CMMC Level 2 requirements, specifically as they relate to access control, audit logging, and identity governance
  • Proficiency in scripting and automation using PowerShell, Python, or Bash to automate identity workflows, audit processes, and integrations
  • Excellent communication skills to translate complex identity architecture and compliance requirements to both technical teams and executive leadership
Job Responsibility
Job Responsibility
  • Design and implement Zero Trust Architecture (ZTA) across Archer's enterprise network, eliminating implicit trust and enforcing continuous verification of user identity and device posture before granting access
  • Architect and maintain Okta as the authoritative Identity Provider (IdP) for Archer, managing Single Sign-On (SSO), Multi-Factor Authentication (MFA), and user lifecycle management across all enterprise applications and SaaS platforms
  • Design and implement Privileged Access Management (PAM) using Delinea, including credential vaulting, privileged session management, and automated credential rotation for administrative and service accounts
  • Implement Identity Governance and Administration (IGA) controls to enforce role-based access control (RBAC), segregation of duties, periodic access reviews, and just-in-time (JIT) access provisioning
  • Build and maintain federated identity standards (OIDC, SAML, SCIM) to enable secure integration between Archer's identity platform and third-party applications, cloud providers, and vendor systems
  • Conduct access control audits and design remediation strategies to ensure compliance with NIST SP 800-171 Access Control (AC) requirements, CMMC Level 2 practices, and SOX ITGC expectations for financial systems
  • Implement automated audit logging and session recording for all authentication and privileged access events, ensuring that individual users' actions can be uniquely traced for compliance investigations and forensic analysis
  • Secure third-party and contractor access by implementing time-limited, role-restricted access provisioning and automated de-provisioning upon project completion or relationship termination
  • Stay current with emerging identity threats, attack vectors, and security best practices, including insider threats, account takeover (ATO), and lateral movement techniques
  • Provide technical guidance and training to IT, application, and security teams on identity best practices and policy enforcement
  • Fulltime
Read More
Arrow Right