CrawlJobs Logo

IAM - Privileged Access Management Principal

https://www.hpe.com/ Logo

Hewlett Packard Enterprise

Location Icon

Location:
United States , Houston

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Employment contract

Salary Icon

Salary:

117500.00 - 270000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

Principal PAM Architect to lead the strategy, architecture, design, and implementation of enterprise-wide Privileged Access Management (PAM) solutions. This role is critical in securing privileged access across both on-premises and cloud environments, driving adoption of Zero Trust principles, and ensuring scalable, resilient, and compliant privileged access solutions.

Job Responsibility:

  • Define PAM strategy, roadmap, and reference architectures aligned to enterprise security and compliance requirements
  • Design and implement scalable PAM solutions for large, complex environments across on-prem, hybrid, and multi-cloud infrastructures
  • Incorporate Zero Trust, Just-in-Time (JIT), and Just Enough Access (JEA) models into PAM solutions
  • Lead the enterprise rollout and lifecycle management of CyberArk Privileged Cloud and related modules
  • Implement and manage privileged session monitoring, endpoint privilege management (EPM), and application-to-application password management
  • Drive integration of PAM with identity providers, SIEM/SOAR, ITSM, and DevOps pipelines
  • Establish and enforce policies for privileged access governance, auditing, and regulatory compliance
  • Conduct regular reviews of PAM controls to prevent credential theft, lateral movement, and unauthorized access
  • Act as the PAM subject matter expert (SME), advising executives, architects, and engineering teams on privileged access security
  • Mentor and guide engineering teams on PAM best practices and secure operations

Requirements:

  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience)
  • 8+ years in cybersecurity or IT with demonstrated hands-on PAM specific experience in enterprise-scale environments
  • Proven experience in architecture, design, and implementation of PAM solutions across large, complex enterprises
  • Deep technical expertise with CyberArk (Privileged Cloud and on-prem)
  • Strong knowledge of Zero Trust principles, JIT/JEA access models, and privileged identity lifecycle management
  • Experience integrating PAM with cloud platforms (Azure, AWS, GCP), DevOps pipelines, and enterprise IT ecosystems
  • Experience with secrets management platforms (CyberArk Conjur, HashiCorp Vault, AWS Secrets Manager, etc.)
  • Working knowledge of modern authentication standards (SAML, OIDC, FIDO2, MFA, passwordless)
  • Hands-on expertise with Windows, Linux, Active Directory, and cloud IAM models
  • Good understanding of the privilege access models of Active Directory, Azure/Entra ID, AWS and GCP
  • Cybersecurity certifications (CISSP, CISM, CISA, CyberArk Defender/Sentry/Guardian) highly desirable
  • Strong communication and leadership skills to influence executives and technical teams

Nice to have:

  • Cybersecurity certifications (CISSP, CISM, CISA, CyberArk Defender/Sentry/Guardian)
  • Experience with HashiCorp Vault
  • AWS Secrets Manager
What we offer:
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive benefits suite supporting physical, financial and emotional wellbeing

Additional Information:

Job Posted:
October 08, 2025

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Hewlett Packard Enterprise - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon
PREMIUM
More languages and countries
+ Unlock 31694 hidden job offers
Languages
English Čeština Deutsch Ελληνικά Español Français +15
Countries
United States United Kingdom India Canada Australia +
See plans
Plans from $2.99 / month

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for IAM - Privileged Access Management Principal

Principal IAM Engineer

The IAM Principal Engineer is responsible for driving the development, maintenan...
Location
Location
United States , Mount Laurel
Salary
Salary:
142361.11 - 213541.67 USD / Year
comcastcorporation.com Logo
Comcast
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Over 10 years of experience implementing SailPoint IdentityIQ
  • More than 5 years of experience designing, architecting, implementing, operating, and maintaining Radiant Logic Virtual Directory Service (VDS), including Federated Identity Management (FIM) and Identity Correlation and Synchronization (ICS)
  • Skilled in integrating data sources and applications into VDS, configuring data access views and permissions, and performing identity correlation and synchronization
  • Strong knowledge of LDAP, Active Directory services, Multi-Factor Authentication (MFA), risk-based authentication, and privileged access management
  • Deep understanding of Identity and Access Management (IAM) across authentication, authorization, endpoint security, network security, and policy engines
  • Technical expertise with Microsoft MFA, SailPoint, CyberArk, ForgeRock, Okta, Ping Identity, Active Directory, Azure Active Directory, AWS, Google Cloud Platform, Microsoft Azure, and cross-domain IDM integrations
  • Solid grasp of cloud identity concepts and hands-on experience with Azure AD and other cloud environments
  • 3–5+ years of experience developing workflows, forms, connector configurations, provisioning policies, and rules within SailPoint IdentityIQ
  • Quick learner with the ability to adopt new technologies and collaborate effectively to capture and implement business system requirements
  • Proficient in source control and development tools such as GitHub and Eclipse
Job Responsibility
Job Responsibility
  • Apply your expertise in SailPoint IdentityIQ and Radiant One FID / Global Sync to enhance and expand the capabilities of the enterprise IAM platform
  • Collaborate with Agile teams to design, build, test, and support scalable IAM solutions that meet foundational enterprise needs, including identity federation, directory virtualization, and multi-source synchronization
  • Contribute innovative and efficient configuration and coding solutions in SailPoint IdentityIQ and Radiant One FID environments that differentiate the IAM platform
  • Engineer cost-effective technical solutions leveraging Radiant One FID and Global Sync to address business challenges and streamline identity and access processes
  • Develop both tactical and strategic IAM solutions aligned with evolving business requirements, including federated identity management and synchronized directory services
  • Partner with key stakeholders to gather and validate requirements, ensuring delivered solutions meet expectations across SailPoint IdentityIQ and Radiant One FID systems
  • Participate in project teams to design new system capabilities, including proof-of-concept (POC) implementations for both Radiant One FID and SailPoint IdentityIQ, and presentations that highlight their functionality
  • Deploy and manage Radiant One FID in Kubernetes environments using Helm charts, ensuring scalable, reproducible, and reliable containerized deployments
  • Support the end-to-end testing lifecycle for system changes, including integrations with Radiant One FID / Global Sync, from design through execution
  • Create proactive capacity forecasts to prevent outages and ensure system reliability for SailPoint IdentityIQ and Radiant One FID services
What we offer
What we offer
  • Paid Time off
  • Physical Wellbeing benefits
  • Financial Wellbeing benefits
  • Emotional Wellbeing benefits
  • Life Events + Family Support benefits
  • Fulltime
Read More
Arrow Right

Identity Fabric Principal

In Cyclad we work with top international IT companies in order to boost their po...
Location
Location
Poland , Warsaw
Salary
Salary:
Not provided
cyclad.pl Logo
Cyclad Sp. z o.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 10 years of professional experience after education, including at least 8 years in a similar role
  • English proficiency at B2 level
  • Strong experience working in enterprise IAM and hybrid identity environments
  • Excellent understanding of OAuth 2.0, OpenID Connect, and SAML authentication standards
  • Practical experience implementing and troubleshooting authentication flows such as Auth Code + PKCE, Device Code, Client Credentials, and OBO
  • Strong knowledge of token and session lifecycle management, including refresh tokens, validation, and security mitigations
  • Experience designing claims strategies, identity normalization, and least-privilege access models
  • Strong understanding of API permissions and consent governance models
  • Practical experience with Microsoft Entra ID tenant configuration, operational governance, and authentication posture management
  • Experience designing and managing Conditional Access and Identity Protection policies, including MFA enforcement and phased rollouts
Job Responsibility
Job Responsibility
  • Defining and maintaining modern authentication standards for applications and APIs using OAuth2, OpenID Connect, and SAML
  • Supporting project teams in implementing and troubleshooting authentication flows, including Auth Code + PKCE, Device Code, Client Credentials, and On-Behalf-Of (OBO)
  • Reviewing and hardening token and session configurations, including refresh behavior, session controls, and mitigation of authentication threats
  • Designing and standardizing claims and attributes strategies for scalable integrations across multiple identity providers
  • Defining API access models and permission strategies, including scopes vs roles, delegated vs application permissions, and consent governance
  • Configuring and operating federation integrations (IdP/SP), metadata management, rollover planning, and troubleshooting SSO issues
  • Designing and implementing risk-based access controls and step-up authentication patterns using Conditional Access and MFA
  • Delivering Microsoft Entra ID tenant configurations and operational governance improvements
  • Designing external identity onboarding patterns using Entra External ID (CIAM/B2B/B2C)
  • Building, tuning, and safely rolling out Conditional Access and Identity Protection policies
What we offer
What we offer
  • Private medical care with dental care (covering 70% of costs)
  • Family package option possible
  • Multisport card (also for an accompanying person)
  • Life insurance
  • Fulltime
Read More
Arrow Right

Security Engineer II

PagerDuty is seeking an Enterprise Security Engineer to join its global IT Opera...
Location
Location
Canada , Toronto
Salary
Salary:
122000.00 - 185000.00 CAD / Year
https://www.pagerduty.com Logo
PagerDuty
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 3 years of experience in the information security industry, with 2+ years in network security or zero-trust, and 2+ years in security architecture or solution experience
  • Knowledge of Information Security concepts, especially in the areas of security threats, analyzing security logs and driving Incident response
  • Knowledge and practical experience in network security and zero-trust
  • Understanding of the IAM cybersecurity landscape, including identity stores, authentication/authorization, strong authentication, and privileged access management capabilities and methodologies
  • Understanding of security technologies and concepts, including SIEM, MDR/XDR, EDR and vulnerability management
  • Understanding of security best practices and frameworks (e.g., MITRE ATT&CK, NIST Cybersecurity Framework)
  • Knowledge of incident response processes
Job Responsibility
Job Responsibility
  • Partner closely with CISO organization to design and implement enterprise IT security architectures and solutions
  • Tracking the evolution of cutting-edge security technologies, and keeping up to date of the latest security threats and trends
  • Focus on enterprise security and zero-trust technology, serving as the principal technical expert in this area within the Enterprise Security department
  • Monitors security alerts and leads the team in identifying and responding to security threats
  • Monitors systems for vulnerabilities, provides prioritization, and drives remediation efforts
  • Working cross-functionally to triage suspicious activity and drive remediation (performing L2-L3 duties as needed)
  • Analyzing threat intelligence feeds to develop metrics, alerts, and techniques to protect against new and emerging attack vectors
  • Develop metrics, thresholds, alerts, dashboards, and incident response playbooks
  • Drive the design and development of automated security response and maintenance solutions
  • Oversee our workstation vulnerability management & endpoint compliance program
What we offer
What we offer
  • Competitive salary
  • Comprehensive benefits package
  • Flexible work arrangements
  • Company equity
  • ESPP (Employee Stock Purchase Program)
  • Retirement or pension plan
  • Generous paid vacation time
  • Paid holidays and sick leave
  • Dutonian Wellness Days & HibernationDuty - companywide paid days off in addition to PTO
  • Paid parental leave: 22 weeks for pregnant parent, 12 weeks for non-pregnant parent
  • Fulltime
Read More
Arrow Right

AD Technical Lead

Seeking a highly skilled Tech Lead – Active Directory & Entra ID Services respon...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
cigres.com Logo
Cigres
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10–12 years of relevant experience in Active Directory and Entra ID management
  • At least 2–3 years in a leadership role
  • Deep understanding of Windows Server infrastructure, DNS, PKI, and IAM principles
  • Strong PowerShell scripting and automation experience
  • Demonstrated experience in customer-facing service delivery and technical leadership
  • Excellent communication, stakeholder management, and reporting skills
  • Strong problem-solving and analytical mindset with the ability to manage critical incidents under pressure
  • Engineering Graduate or Equivalent
Job Responsibility
Job Responsibility
  • Lead L2/L3 support for Active Directory and Entra ID environments
  • Own and drive technical delivery, ensuring SLAs, KPIs, and compliance targets are met
  • Act as a primary technical and operational escalation point for identity and directory-related incidents
  • Coordinate and manage incident, problem, and change management processes for AD/Entra services
  • Participate in reviews with stakeholders and provide actionable insights
  • Prepare and deliver service performance reports, and management updates
  • Drive continuous improvement, automation, and standardization across the environment
  • Collaborate with project teams to support new implementations, migrations, and transformations
  • Maintain strong customer relationships, ensuring satisfaction and proactive communication
  • Manage day-to-day operations of the team, including workload allocation and task prioritization
  • Fulltime
Read More
Arrow Right

Principal Consultant, Zero Trust Advisory, Proactive Services (Unit 42)

In this client-facing role, the Principal Consultant will lead complex Zero Trus...
Location
Location
Canada , Toronto
Salary
Salary:
151000.00 - 208000.00 USD / Year
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years leading high-stakes cybersecurity advisory and risk management engagements for enterprise clients
  • Former professional services and consulting experience required
  • 3+ years of consulting experience architecting and deploying Zero Trust, SASE, or Identity-centric security models for large, multinational organizations
  • Strong track record in strengthening existing and developing net-new client relationships
  • Lead enterprise Zero Trust advisory engagements, translating business risk into actionable architectures aligned with NIST SP 800-207, NIST NCCoE Zero Trust use cases, and CISA Zero Trust Maturity Model
  • Design and deliver end-to-end Zero Trust architectures across IAM, network, endpoint, cloud, application, and security operations domains for large, complex enterprises
  • Perform enterprise security and architecture assessments to identify gaps, dependencies, and maturity levels, producing clear roadmaps toward an optimized Zero Trust posture
  • Serve as a trusted advisor to C-suite executives, board members, and senior leadership, while also engaging deeply with engineers, architects, and security operations teams
  • Create high-quality client-ready deliverables including reference architectures, target-state designs, migration roadmaps, executive presentations, and technical runbooks
  • Demonstrate solution architecture leadership, maintaining technical vision from strategy through detailed design and implementation
Job Responsibility
Job Responsibility
  • Drive high-value, billable Zero Trust transformation engagements that convert complex security challenges into resilient architectural outcomes
  • Simultaneously deliver elite advisory services to our clients and assist in scaling Unit 42’s Zero Trust practice through technical innovation and business development
  • Assess enterprise architectures to expose hidden zones of implicit trust and high-risk lateral movement paths
  • Analyze enterprise telemetry and policy logs to identify visibility gaps across identity, device, and network layers
  • Execute Zero Trust risk assessments grounded in best practices such as NIST SP 800-207, the CISA ZT Maturity Model, and MITRE ATT&CK to quantify architectural vulnerabilities
  • Devise strategic security transformation recommendations and solutions, to include Unit 42 services and Palo Alto Networks technology, to assist customers in reducing risks
  • Design risk-based control sets that prioritize identity-centric protection and least-privilege access
  • Audit the technical integration of SASE, Identity, EDR/XDR, and Cloud Security to ensure they function as a unified, automated fabric rather than a collection of disconnected silos
  • Develop ZT Roadmaps that provide clients with a realistic, phased path to retiring legacy perimeter defenses
  • Scope new opportunities with prospective clients, including drafting statements of work and responding to Requests for Proposals (RFPs)
What we offer
What we offer
  • restricted stock units
  • bonus
  • employee benefits
  • Fulltime
Read More
Arrow Right
New

Senior Lecturer/Associate Professor in Literacy

As a Senior Lecturer / Associate Professor in Literacy, you will play a key role...
Location
Location
Australia , Albury-Wodonga, Bathurst, Port Macquarie, Wagga Wagga
Salary
Salary:
Not provided
csu.edu.au Logo
Charles Sturt University
Expiration Date
June 08, 2026
Flip Icon
Requirements
Requirements
  • A doctoral qualification relevant to literacy or education, with a recognised teaching qualification
  • A strong record of high-quality teaching and student-centred learning
  • An established or emerging research profile aligned to literacy, curriculum or pedagogy
  • The ability to build productive partnerships and contribute to academic leadership
Job Responsibility
Job Responsibility
  • Lead impactful literacy teaching and research
  • Teach across online and on-campus environments
  • Shape future teachers and education practice
  • Contribute to curriculum innovation
  • Build strong relationships with students and partners
  • Provide academic leadership in literacy education
  • Contribute to the School's research profile
  • Supervise higher degree research students
  • Actively engage with professional, community and government stakeholders
  • At Associate Professor level: significant academic leadership, research impact, and contribution to the broader discipline at national/international level
What we offer
What we offer
  • 17% superannuation
  • Fulltime
Read More
Arrow Right
New

Program Manager - Controls and Avionics Solutions

This position is based in Endicott, New York. New York and on-site work will be ...
Location
Location
United States , Endicott
Salary
Salary:
120874.00 - 205486.00 USD / Year
baesystems.com Logo
Baesystems
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in engineering, engineering or manufacturing management, or other discipline
  • Demonstrated ability for building strong customer/ stakeholder relationships
  • Strong communication, negotiation, and presentation skills
  • Ability to interpret data and make data-driven decisions
  • Highly adaptable with strong initiative
  • Demonstrated ability to lead and motivate cross-functional teams
  • Knowledge of the global aviation market and regulatory requirements and/ or military aviation market
Job Responsibility
Job Responsibility
  • Maintaining strong customer relationships and leading a multidisciplinary team to execute complex development programs within schedule and budget
  • Leadership and management oversight of a project team assuring that project’s financials, schedule, and technical objectives are met and that the highest level of customer satisfaction is achieved while meeting all contractual commitments
  • Work effectively and collaboratively with Engineering, Operations, and all Program Office functional leadership to assure deliveries continue to exceed customer commitments and achievement of financial commitments to the company
  • Manages, coordinates, plans, organizes, controls, integrates, and executes projects within the Military Aircraft Systems portfolio
  • Participates in the support of new business and in the development of proposals
What we offer
What we offer
  • Health insurance
  • Dental insurance
  • Vision insurance
  • Health savings accounts
  • 401(k) savings plan
  • Disability coverage
  • Life and accident insurance
  • Employee assistance program
  • Legal plan
  • Discounts on home, auto, and pet insurance
  • Fulltime
Read More
Arrow Right
New

Finance Business Partner (Research)

Full Time, Fixed Term (12 months). Level 7 - $101,421 to $110,819 p.a. (plus 17%...
Location
Location
Australia , Wagga Wagga
Salary
Salary:
101421.00 - 110819.00 AUD / Year
csu.edu.au Logo
Charles Sturt University
Expiration Date
June 02, 2026
Flip Icon
Requirements
Requirements
  • A degree in Accounting or Finance (professional accounting body membership is desirable)
  • Experience in project budgeting, forecasting and financial analysis
  • Background in management accounting or business partnering within complex environments
  • exposure to government funding or higher education is advantageous
  • Excellent stakeholder engagement skills, with the ability to work effectively with academics and researchers
  • Familiarity with business intelligence systems and dashboard reporting
Job Responsibility
Job Responsibility
  • Partner with academics to deliver strategic financial insights that enable research success
  • Directly influence world-class projects and decisions shaping the future of education and innovation
  • Lead initiatives that enhance financial governance, deliver accurate and timely reporting, and support key projects such as cost-pricing systems and research budgeting
  • Help build financial capability across the University, fostering collaboration and continuous improvement
What we offer
What we offer
  • Flexibility with a 35-hour work week
  • Access to hybrid work arrangements
  • 17% superannuation
  • Fulltime
Read More
Arrow Right