Senior Engineer – Privileged Access Management

Job not on LinkedIn

🔥 24 minutes ago

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Thinkahead Consultant Psychologist Pty Ltd

WebsiteLinkedInAll Job Openings

1 - 10 employees

Thinkahead is a privately owned psychology firm working across both the clinical field of private practice as well as corporate consulting space.

📋 Description

• Lead architecture and design of multi-tenant BeyondTrust PAM services for MSP customers, including onboarding of new tenants and standardization of service offerings. • Architect secure privileged access workflows for infrastructure, applications, databases, cloud platforms, and network devices, aligned to least-privilege principles and regulatory requirements. • Implement and maintain BeyondTrust Password Safe and related components, including: • Discovery and onboarding of privileged accounts and systems • Password rotation policies and check-in/check-out workflows • Session brokering, recording, and real-time monitoring • Approval workflows and just-in-time (JIT) access • Implement and maintain BeyondTrust Privilege Management for endpoints and servers (Windows and Linux/Unix), including policy design, deployment, and tuning to minimize user/admin friction while enforcing least privilege. • Design and maintain highly available and secure BeyondTrust infrastructure, including clustering, scaling, upgrades, patching, and disaster recovery strategies across customer environments. • Integrate PAM with identity and security platforms, including: • Active Directory / Entra ID / LDAP and other directories for authentication and group-based access • MFA/SSO platforms using SAML/OIDC/OAuth2 • SIEM and logging platforms for monitoring and alerting on privileged activity • ServiceNow and other ITSM tools for request, approval, and ticket correlation workflows • Develop and maintain automation and tooling (e.g., PowerShell, Python, REST APIs) to: • Accelerate onboarding and lifecycle management of privileged accounts and systems • Enforce configuration standards and policies at scale • Generate reports and dashboards for compliance and operational KPIs • Lead end-to-end customer onboarding to the PAM service, including: • Requirements gathering, use case definition, and risk assessment • Designing onboarding playbooks and standard reference architectures • Coordinating with internal and customer teams to implement and validate PAM controls • Define and maintain standardized PAM policies and baselines across customer environments, including credential management, access approval patterns, session monitoring, and privileged elevation rules. • Conduct security and risk assessments of existing privileged access practices, recommend remediation plans, and track execution to closure. • Serve as subject matter expert and escalation point for PAM-related incidents and service requests, including troubleshooting BeyondTrust platform issues and complex access problems. • Collaborate with security, infrastructure, network, and application teams (internal and customer) to ensure PAM controls are aligned with broader security architecture and operational requirements. • Develop and maintain comprehensive documentation, including: • Platform architectures and configuration standards • Customer-specific runbooks and operational procedures • Onboarding and migration playbooks • Knowledge base articles and FAQs for internal and customer use • Provide mentoring and guidance to team members on PAM concepts, BeyondTrust best practices, and secure operations in a managed services context. • Communicate with customers and internal stakeholders with transparency, providing regular status updates, risk/issue visibility, and technical recommendations. • Complete training and certification as assigned to further skills and knowledge, including PAM and BeyondTrust-specific certifications where applicable. • *Other job duties as assigned

🎯 Requirements

• Minimum Required – A college degree or equivalent in Information Systems, Computer Science, Cybersecurity, or a related field. Unique education, specialized experience, skills, knowledge, training, or certification may be substituted for formal education. • Minimum of 7 years of related experience in IT operations, infrastructure engineering, or cybersecurity, with significant hands-on responsibility for privileged access controls in enterprise environments. • 3+ years of direct experience designing, implementing, and operating PAM solutions (BeyondTrust strongly preferred; experience with platforms such as CyberArk or Delinea is a plus). • Experience delivering services in a managed services or consulting capacity, including direct customer engagement and multi-tenant or multi-customer environments. • Demonstrated experience leading technical initiatives, driving cross-functional projects, and mentoring junior team members. • Experience working with regulated or compliance-driven environments (e.g., SOX, PCI DSS, HIPAA, ISO 27001) and supporting audit and evidence collection for privileged access controls.

🏖️ Benefits

• Medical, Dental, and Vision Insurance • 401(k) • Paid company holidays • Paid time off • Paid parental and caregiver leave • Plus more! See benefits https://www.aheadbenefits.com/ for additional details.