CrawlJobs Logo

IAM - Privileged Access Management Principal

https://www.hpe.com/ Logo

Hewlett Packard Enterprise

Location Icon

Location:
United States , Houston

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Employment contract

Salary Icon

Salary:

117500.00 - 270000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

Principal PAM Architect to lead the strategy, architecture, design, and implementation of enterprise-wide Privileged Access Management (PAM) solutions. This role is critical in securing privileged access across both on-premises and cloud environments, driving adoption of Zero Trust principles, and ensuring scalable, resilient, and compliant privileged access solutions.

Job Responsibility:

  • Define PAM strategy, roadmap, and reference architectures aligned to enterprise security and compliance requirements
  • Design and implement scalable PAM solutions for large, complex environments across on-prem, hybrid, and multi-cloud infrastructures
  • Incorporate Zero Trust, Just-in-Time (JIT), and Just Enough Access (JEA) models into PAM solutions
  • Lead the enterprise rollout and lifecycle management of CyberArk Privileged Cloud and related modules
  • Implement and manage privileged session monitoring, endpoint privilege management (EPM), and application-to-application password management
  • Drive integration of PAM with identity providers, SIEM/SOAR, ITSM, and DevOps pipelines
  • Establish and enforce policies for privileged access governance, auditing, and regulatory compliance
  • Conduct regular reviews of PAM controls to prevent credential theft, lateral movement, and unauthorized access
  • Act as the PAM subject matter expert (SME), advising executives, architects, and engineering teams on privileged access security
  • Mentor and guide engineering teams on PAM best practices and secure operations

Requirements:

  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience)
  • 8+ years in cybersecurity or IT with demonstrated hands-on PAM specific experience in enterprise-scale environments
  • Proven experience in architecture, design, and implementation of PAM solutions across large, complex enterprises
  • Deep technical expertise with CyberArk (Privileged Cloud and on-prem)
  • Strong knowledge of Zero Trust principles, JIT/JEA access models, and privileged identity lifecycle management
  • Experience integrating PAM with cloud platforms (Azure, AWS, GCP), DevOps pipelines, and enterprise IT ecosystems
  • Experience with secrets management platforms (CyberArk Conjur, HashiCorp Vault, AWS Secrets Manager, etc.)
  • Working knowledge of modern authentication standards (SAML, OIDC, FIDO2, MFA, passwordless)
  • Hands-on expertise with Windows, Linux, Active Directory, and cloud IAM models
  • Good understanding of the privilege access models of Active Directory, Azure/Entra ID, AWS and GCP
  • Cybersecurity certifications (CISSP, CISM, CISA, CyberArk Defender/Sentry/Guardian) highly desirable
  • Strong communication and leadership skills to influence executives and technical teams

Nice to have:

  • Cybersecurity certifications (CISSP, CISM, CISA, CyberArk Defender/Sentry/Guardian)
  • Experience with HashiCorp Vault
  • AWS Secrets Manager
What we offer:
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive benefits suite supporting physical, financial and emotional wellbeing

Additional Information:

Job Posted:
October 08, 2025

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Hewlett Packard Enterprise - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for IAM - Privileged Access Management Principal

IAM Security Engineer

Truveta is the world’s first health provider led data platform with a vision of ...
Location
Location
United States , Seattle; Bellevue
Salary
Salary:
128000.00 - 155000.00 USD / Year
truveta.com Logo
Truveta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree or equivalent in Computer Science, Information Security, or Information Systems
  • 3-5 years of hands-on experience in an Identity and Access Management (IAM) role with a strong focus on Azure environments
  • Strong understanding of Azure Entra ID (Azure Active Directory), including Conditional Access, MFA, Identity Governance, PIM, directory services, and RBAC
  • Experience supporting SSO integrations and identity protocols such as SAML, OAuth 2.0, OpenID Connect, and SCIM provisioning
  • Ability to analyze and improve access models, workflows, and entitlements, applying least privilege and zero-trust principles
  • Proficiency with PowerShell or similar scripting tools to automate IAM tasks
  • Experience monitoring for identity-related threats, anomalous login behavior, and misconfigurations in cloud IAM environments
  • Working knowledge of IT/security governance and compliance frameworks (e.g., SOC 2, ISO 27001, NIST) and experience supporting audits or access reviews
  • Strong troubleshooting and diagnostic skills for identity issues involving authentication, authorization, directory sync, and permissions
  • Excellent written and verbal communication skills, including the ability to work cross-functionally with engineering, IT, and security teams
Job Responsibility
Job Responsibility
  • Identity Lifecycle & Access Management: Manage and improve provisioning, de-provisioning, and modification processes for user accounts and service principals across cloud and enterprise systems
  • Conduct access reviews, entitlement cleanups, and role evaluations to ensure least-privilege access
  • Identify gaps in lifecycle processes and recommend enhancements or workflow automation opportunities
  • Access Requests & Role Governance: Process and validate access requests, ensuring alignment with RBAC models, security policies, and job function requirements
  • Contribute to the development and refinement of RBAC roles, access policies, and approval workflows
  • Partner with stakeholders to analyze access patterns and propose more efficient and secure role structures
  • Application Integration & IAM Enablement: Support onboarding applications into IAM systems, including SSO configuration, SCIM provisioning, OAuth app integration, and secure authentication setup
  • Work with application and engineering teams to ensure proper identity integration and consistent enforcement of IAM standards
  • Assist with evaluating and implementing new IAM tools or capabilities as the organization evolves
  • Security Controls & Identity Governance: Implement and support IAM security controls such as MFA, Conditional Access policies, PIM, and identity governance features
What we offer
What we offer
  • Interesting and meaningful work for every career stage
  • Comprehensive benefits with strong medical, dental and vision insurance plans
  • 401K plan
  • Professional development & training opportunities for continuous learning
  • Work/life autonomy via flexible work hours and flexible paid time off
  • Generous parental leave
  • Regular team activities (virtual and in-person)
  • Additional compensation such as incentive pay and stock options for certain roles.
  • Fulltime
Read More
Arrow Right

Principal IAM Engineer

The IAM Principal Engineer is responsible for driving the development, maintenan...
Location
Location
United States , Mount Laurel
Salary
Salary:
142361.11 - 213541.67 USD / Year
comcastcorporation.com Logo
Comcast
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Over 10 years of experience implementing SailPoint IdentityIQ
  • More than 5 years of experience designing, architecting, implementing, operating, and maintaining Radiant Logic Virtual Directory Service (VDS), including Federated Identity Management (FIM) and Identity Correlation and Synchronization (ICS)
  • Skilled in integrating data sources and applications into VDS, configuring data access views and permissions, and performing identity correlation and synchronization
  • Strong knowledge of LDAP, Active Directory services, Multi-Factor Authentication (MFA), risk-based authentication, and privileged access management
  • Deep understanding of Identity and Access Management (IAM) across authentication, authorization, endpoint security, network security, and policy engines
  • Technical expertise with Microsoft MFA, SailPoint, CyberArk, ForgeRock, Okta, Ping Identity, Active Directory, Azure Active Directory, AWS, Google Cloud Platform, Microsoft Azure, and cross-domain IDM integrations
  • Solid grasp of cloud identity concepts and hands-on experience with Azure AD and other cloud environments
  • 3–5+ years of experience developing workflows, forms, connector configurations, provisioning policies, and rules within SailPoint IdentityIQ
  • Quick learner with the ability to adopt new technologies and collaborate effectively to capture and implement business system requirements
  • Proficient in source control and development tools such as GitHub and Eclipse
Job Responsibility
Job Responsibility
  • Apply your expertise in SailPoint IdentityIQ and Radiant One FID / Global Sync to enhance and expand the capabilities of the enterprise IAM platform
  • Collaborate with Agile teams to design, build, test, and support scalable IAM solutions that meet foundational enterprise needs, including identity federation, directory virtualization, and multi-source synchronization
  • Contribute innovative and efficient configuration and coding solutions in SailPoint IdentityIQ and Radiant One FID environments that differentiate the IAM platform
  • Engineer cost-effective technical solutions leveraging Radiant One FID and Global Sync to address business challenges and streamline identity and access processes
  • Develop both tactical and strategic IAM solutions aligned with evolving business requirements, including federated identity management and synchronized directory services
  • Partner with key stakeholders to gather and validate requirements, ensuring delivered solutions meet expectations across SailPoint IdentityIQ and Radiant One FID systems
  • Participate in project teams to design new system capabilities, including proof-of-concept (POC) implementations for both Radiant One FID and SailPoint IdentityIQ, and presentations that highlight their functionality
  • Deploy and manage Radiant One FID in Kubernetes environments using Helm charts, ensuring scalable, reproducible, and reliable containerized deployments
  • Support the end-to-end testing lifecycle for system changes, including integrations with Radiant One FID / Global Sync, from design through execution
  • Create proactive capacity forecasts to prevent outages and ensure system reliability for SailPoint IdentityIQ and Radiant One FID services
What we offer
What we offer
  • Paid Time off
  • Physical Wellbeing benefits
  • Financial Wellbeing benefits
  • Emotional Wellbeing benefits
  • Life Events + Family Support benefits
  • Fulltime
Read More
Arrow Right

Security Engineer II

PagerDuty is seeking an Enterprise Security Engineer to join its global IT Opera...
Location
Location
Canada , Toronto
Salary
Salary:
122000.00 - 185000.00 CAD / Year
https://www.pagerduty.com Logo
PagerDuty
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 3 years of experience in the information security industry, with 2+ years in network security or zero-trust, and 2+ years in security architecture or solution experience
  • Knowledge of Information Security concepts, especially in the areas of security threats, analyzing security logs and driving Incident response
  • Knowledge and practical experience in network security and zero-trust
  • Understanding of the IAM cybersecurity landscape, including identity stores, authentication/authorization, strong authentication, and privileged access management capabilities and methodologies
  • Understanding of security technologies and concepts, including SIEM, MDR/XDR, EDR and vulnerability management
  • Understanding of security best practices and frameworks (e.g., MITRE ATT&CK, NIST Cybersecurity Framework)
  • Knowledge of incident response processes
Job Responsibility
Job Responsibility
  • Partner closely with CISO organization to design and implement enterprise IT security architectures and solutions
  • Tracking the evolution of cutting-edge security technologies, and keeping up to date of the latest security threats and trends
  • Focus on enterprise security and zero-trust technology, serving as the principal technical expert in this area within the Enterprise Security department
  • Monitors security alerts and leads the team in identifying and responding to security threats
  • Monitors systems for vulnerabilities, provides prioritization, and drives remediation efforts
  • Working cross-functionally to triage suspicious activity and drive remediation (performing L2-L3 duties as needed)
  • Analyzing threat intelligence feeds to develop metrics, alerts, and techniques to protect against new and emerging attack vectors
  • Develop metrics, thresholds, alerts, dashboards, and incident response playbooks
  • Drive the design and development of automated security response and maintenance solutions
  • Oversee our workstation vulnerability management & endpoint compliance program
What we offer
What we offer
  • Competitive salary
  • Comprehensive benefits package
  • Flexible work arrangements
  • Company equity
  • ESPP (Employee Stock Purchase Program)
  • Retirement or pension plan
  • Generous paid vacation time
  • Paid holidays and sick leave
  • Dutonian Wellness Days & HibernationDuty - companywide paid days off in addition to PTO
  • Paid parental leave: 22 weeks for pregnant parent, 12 weeks for non-pregnant parent
  • Fulltime
Read More
Arrow Right

AD Technical Lead

Seeking a highly skilled Tech Lead – Active Directory & Entra ID Services respon...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
cigres.com Logo
Cigres
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10–12 years of relevant experience in Active Directory and Entra ID management
  • At least 2–3 years in a leadership role
  • Deep understanding of Windows Server infrastructure, DNS, PKI, and IAM principles
  • Strong PowerShell scripting and automation experience
  • Demonstrated experience in customer-facing service delivery and technical leadership
  • Excellent communication, stakeholder management, and reporting skills
  • Strong problem-solving and analytical mindset with the ability to manage critical incidents under pressure
  • Engineering Graduate or Equivalent
Job Responsibility
Job Responsibility
  • Lead L2/L3 support for Active Directory and Entra ID environments
  • Own and drive technical delivery, ensuring SLAs, KPIs, and compliance targets are met
  • Act as a primary technical and operational escalation point for identity and directory-related incidents
  • Coordinate and manage incident, problem, and change management processes for AD/Entra services
  • Participate in reviews with stakeholders and provide actionable insights
  • Prepare and deliver service performance reports, and management updates
  • Drive continuous improvement, automation, and standardization across the environment
  • Collaborate with project teams to support new implementations, migrations, and transformations
  • Maintain strong customer relationships, ensuring satisfaction and proactive communication
  • Manage day-to-day operations of the team, including workload allocation and task prioritization
  • Fulltime
Read More
Arrow Right

Principal IGA Engineer - IAM

We are looking for a highly motivated, self-starting individual that can dynamic...
Location
Location
United States , Johnston; Plano; Iselin; Dallas; Boston
Salary
Salary:
140000.00 - 170000.00 USD / Year
citizensbank.com Logo
Citizens Bank
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong systems engineering skills with an emphasis on IGA / IDM, BPM, workflow and process engineering, cloud deployments and migrations (AWS / Azure), business rules
  • 7 or more years’ experience of advanced knowledge in Active Directory, Entra ID / Azure AD, SailPoint, Savyint, ForgeRock IDM, Okta IGA, Omada, or other leading IGA tools
  • Both Java and JavaScript development knowledge required
  • Knowledge of CI/CD pipeline for code publishing
  • Strong Bash / shell scripting
  • API integration and ability write bespoke / from-scratch APIs in Spring Boot or Node.js
  • Strong foundation in Linux and Windows Systems management
  • Strong knowledge of RDBMS use and integration, especially PostgreSQL
  • Ability to troubleshoot complex problems, debug code, resolve issues in a timely manner
  • Intermediate to advanced knowledge of PowerShell 5.1+ (7.x+ experience preferred)
Job Responsibility
Job Responsibility
  • Facilitating the establishment and implementation of standards, processes, and documentation that guide the design of technology solutions including architecting and implementing solutions around privileged access management
  • Identifying opportunities for system process automation including technologies required
  • documenting and presenting ideas to management
  • Identity Governance Administration (IGA) – Technologies and Methodologies with the ability to build out IGA environments from scratch a huge plus
What we offer
What we offer
  • comprehensive medical, dental and vision coverage
  • retirement benefits
  • maternity/paternity leave
  • flexible work arrangements
  • education reimbursement
  • wellness programs
  • competitive pay
  • opportunity to earn an annual discretionary bonus
  • Fulltime
Read More
Arrow Right

Principal Consultant, Zero Trust Advisory, Proactive Services (Unit 42)

In this client-facing role, the Principal Consultant will lead complex Zero Trus...
Location
Location
Canada , Toronto
Salary
Salary:
151000.00 - 208000.00 USD / Year
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years leading high-stakes cybersecurity advisory and risk management engagements for enterprise clients
  • Former professional services and consulting experience required
  • 3+ years of consulting experience architecting and deploying Zero Trust, SASE, or Identity-centric security models for large, multinational organizations
  • Strong track record in strengthening existing and developing net-new client relationships
  • Lead enterprise Zero Trust advisory engagements, translating business risk into actionable architectures aligned with NIST SP 800-207, NIST NCCoE Zero Trust use cases, and CISA Zero Trust Maturity Model
  • Design and deliver end-to-end Zero Trust architectures across IAM, network, endpoint, cloud, application, and security operations domains for large, complex enterprises
  • Perform enterprise security and architecture assessments to identify gaps, dependencies, and maturity levels, producing clear roadmaps toward an optimized Zero Trust posture
  • Serve as a trusted advisor to C-suite executives, board members, and senior leadership, while also engaging deeply with engineers, architects, and security operations teams
  • Create high-quality client-ready deliverables including reference architectures, target-state designs, migration roadmaps, executive presentations, and technical runbooks
  • Demonstrate solution architecture leadership, maintaining technical vision from strategy through detailed design and implementation
Job Responsibility
Job Responsibility
  • Drive high-value, billable Zero Trust transformation engagements that convert complex security challenges into resilient architectural outcomes
  • Simultaneously deliver elite advisory services to our clients and assist in scaling Unit 42’s Zero Trust practice through technical innovation and business development
  • Assess enterprise architectures to expose hidden zones of implicit trust and high-risk lateral movement paths
  • Analyze enterprise telemetry and policy logs to identify visibility gaps across identity, device, and network layers
  • Execute Zero Trust risk assessments grounded in best practices such as NIST SP 800-207, the CISA ZT Maturity Model, and MITRE ATT&CK to quantify architectural vulnerabilities
  • Devise strategic security transformation recommendations and solutions, to include Unit 42 services and Palo Alto Networks technology, to assist customers in reducing risks
  • Design risk-based control sets that prioritize identity-centric protection and least-privilege access
  • Audit the technical integration of SASE, Identity, EDR/XDR, and Cloud Security to ensure they function as a unified, automated fabric rather than a collection of disconnected silos
  • Develop ZT Roadmaps that provide clients with a realistic, phased path to retiring legacy perimeter defenses
  • Scope new opportunities with prospective clients, including drafting statements of work and responding to Requests for Proposals (RFPs)
What we offer
What we offer
  • restricted stock units
  • bonus
  • employee benefits
  • Fulltime
Read More
Arrow Right
New

Inventory analyst

Randstad Inhouse, Pharma Specialty is looking for an Inventory Analyst on behalf...
Location
Location
Italy , Pomezia
Salary
Salary:
34000.00 - 40000.00 EUR / Year
https://www.randstad.com Logo
Randstad
Expiration Date
April 25, 2026
Flip Icon
Requirements
Requirements
  • Master’s Degree in Economics, Engineering, or equivalent field
  • Strong analytical skills with the ability to interpret and clearly communicate complex data
  • Excellent written and verbal communication skills in English
  • Proficiency in Microsoft Office tools and familiarity with ERP systems (Microsoft Excel, JDE, SAP, Access)
Job Responsibility
Job Responsibility
  • Support daily cycle count processes and ensure timely execution
  • Perform ad hoc analysis to support commercial needs
  • Collaborate with Local and EMEA Supply Chain teams to maintain high performance and avoid business disruptions
  • Manage critical activities such as outstanding orders and customer requests
  • Build and maintain effective relationships with cross-functional teams
Read More
Arrow Right
New

SEN Teacher

This is your chance to join a truly inspirational specialist provision devoted t...
Location
Location
United Kingdom , Tadworth
Salary
Salary:
31988.00 - 47322.00 GBP / Year
https://www.randstad.com Logo
Randstad
Expiration Date
March 10, 2026
Flip Icon
Requirements
Requirements
  • Teaching qualification and QTS
  • GSCE Maths and English
  • The ability to work with learners that have various learning difficulties
  • A willingness to learn and build relationships with learners
  • Flexibility in their approach to education
Job Responsibility
Job Responsibility
  • Teach KS1 & 2 learners
  • Work closely with the team to support and teach classes of 3-7 pupils
  • Help to engage the children in their education
  • Deliver thought provoking and child led lessons
What we offer
What we offer
  • Fully funded training and qualifications
  • On site parking
  • Extensive grounds
  • Free hot lunch from the on site cafeteria
  • Team days and events
  • Supportive management
  • Brilliant career progression opportunities
  • A unique teaching approach
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy