Skip Navigation

Sr. Privileged Access Management (PAM) Engineer
Chicago, IL

Back To Job Board

Direct Hire

$135,000 - $150,000 / yr

Sr. Privileged Access Management (PAM) Engineer

What will your day look like?
You will be responsible for contributing to the planning, evaluation, architecture and support of the Privileged Access Management (PAM) solution and its associated processes. The incumbent will serve as the Technical Product Owner for the PAM and provide subject matter expertise in a variety of technical and non-technical settings. The Senior PAM Engineer will also be responsible for identifying, evaluating and participating in decision making around new and emerging PAM technologies and should be able to support other areas of Information Security as needed. Resources to do the job require extensive PAM knowledge. General direction is received from the Director/Manager, Identity and Access Management.


Do you see yourself doing this?

  • Key contributor to the strategy, design, and management of the enterprise IAM program.

  • Establish strategy, architecture, designs and drive the execution of PAM technologies

  • Identify the tools and techniques to translate needs and future goals into a plan that will enable secure and effective solutions
  • Develop and execute overall project plan and timelines for key deliverables. Define access control, user entitlements, and user access policy management
  • Translate high level requirements into detailed technical designs, and lead design session
  • Build a strong PAM foundation. Design PAM processes to enforce least privilege in a transparent way and identify opportunities for improvements
  • Work across functions to improve IAM solutions to enhance compliance requirements and best practices
  • Develop documentation to support ongoing PAM solution operations, maintenance and specific problem resolution
  • Apply expertise in the installation and configuration of the PAM platform, including conducting routine solution maintenance, monitoring the health of the platform, and conducting daily proactive monitoring
  • Proactively identify and resolve challenges and issues that may impair the team’s ability to meet strategic, business, and technical goals
  • Establish session isolation and controls for privileged identities including Privileged Access Workstations
  • Work closely with technology and business stakeholders across organization

Adhere to and ensure compliance of all business transactions with policy and process of the Bank Secrecy Act. Ensures compliance with all applicable state and federal laws, company procedures and policies. Maintains integrity and ethics in all actions and conversations with or regarding  members and their accounts; complies with Privacy Act directives.

Adhere to and ensure compliance of all business transactions with policy and process of the Bank Secrecy Act.  Ensures compliance with all applicable state and federal laws, company procedures and policies. Maintains integrity and ethics in all actions and conversations with or regarding members and their accounts; complies with Privacy Act directives.


What makes you a great fit?

You’ll be a great fit if in addition to the completion of a High School Degree or equivalent required; Bachelor’s Degree preferred or years of equivalent work experience required, and you have:

  • 8+ years’ experience designing, implementing and managing Privileged Access Management (PAM) solutions, such as CyberArk and Thycotic
  • Extensive experience with PAM administration, configuration, implementation and design
  • Deep understanding of Disaster Recovery and Business Continuity configurations. Ability to design concepts of technical product components, such as vaults, safes, session managers, key managers, credential providers
  • Experience with privileged access controls in Unix, Windows, Linux and Oracle platforms
  • Proficient with scripting in JavaScript, Python, PowerShell and / or one or more additional scripting languages
  • Experience in performing Privileged Access Reviews, Compliance Reporting, Access Control Processes and other associated tasks with Privileged User Management
  • Experience with broader IAM ecosystem of directories, identity management, and access management controls
  • A high level of technical ability for diagnosis, troubleshooting and problem analysis with the ability to clearly communicate the results of problem analysis to business stakeholders
  • Skilled in Active Directory concepts, including users, computers, groups, policies
  • Understanding of Role Based Access Control, SOD and Access Certification
  • Experience with Linux and Windows Operating Systems
  • Solid understanding of database architecture and concepts
  • Knowledge of agile processes and workflows
  • Knowledge of SailPoint IdentityIQ (Compliance Manager, Lifecycle Manager, Password Manager, ServiceNow Integration Modules. PAM Integration Module)
  • Experience with Access Management Products (Okta/Ping/ForgeRock etc.). Understanding of protocols, services, and traffic flows for authentication
  • Experience with Cloud technologies (Google Cloud Platform, Azure or AWS)
  • Understanding of cloud computing architecture, technical design and implementations, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS) delivery models
  • Ability and willingness to develop creative solutions to business problems and work well within a team environment
  • Must have good communication and collaboration skills
  • Solid diagnostic, testing, and problem-solving skills
  • Good organizational and time management skills
  • Must be team-oriented and able to collaborate across many participating teams
  • Cybersecurity certifications such as CISA, CISSP (optional)

When you’re happy, we’re happy!

As a thank you for joining our team, you’ll benefit from:

  • Competitive medical, dental, and free vision benefits
  • Competitive compensation plan
  • Contributions towards gym memberships
  • Generous PTO and banking holidays off 



Back To Job Board

Submit Your Resume

"*" indicates required fields

First Name*
Last Name*
Max. file size: 20 MB.
Drop your resume and other files here or upload here
This field is for validation purposes and should be left unchanged.