NO C2C / NO 1099
W2 ONLY (Direct Hire through Vendor)
LOCAL NYC / Tri-State candidates only
Candidate must work onsite first month without exception
We are seeking an experienced Privileged Access Management (PAM) Engineer to strengthen enterprise identity security across Active Directory, Entra ID, Linux, and multi-cloud environments (Azure, AWS, Google Cloud Platform) . This role focuses on vaulting, endpoint privilege management, identity hygiene, and zero-trust security architecture .
You will design and enforce least-privilege access, eliminate standing admin rights, and integrate PAM controls across hybrid and cloud platforms.
Key Responsibilities:Privileged Identity Security
Administer enterprise PAM vaulting platforms across AD, Entra ID, Linux, Azure, AWS, and Google Cloud Platform
Implement credential rotation and vaulting for admins, service accounts, and cloud root accounts
Enforce Just-In-Time (JIT), approval-based privileged access
Endpoint Privilege Management
Implement least-privilege controls for Windows, Linux, and macOS
Replace standing admin access with controlled privilege elevation
Apply application control to reduce ransomware and malware risks
Identity Hygiene & Hardening
Clean up unauthorized local admin accounts
Monitor stale identities, excessive permissions, and privileged roles
Implement ITDR (Identity Threat Detection & Response) practices
Security Architecture
Support Zero Trust initiatives
Align PAM controls with NIST and enterprise security standards
Drive MFA, passwordless authentication, and SSO adoption
Cloud Identity & IAM
Manage Azure AD (Entra ID), AWS IAM, and Google Cloud Platform IAM privileged roles
Integrate cloud identities with PAM vaulting and session monitoring
Governance & Documentation
Maintain runbooks, diagrams, and operational documentation
Support audit, compliance, and risk teams with reporting
10+ years in IAM / PAM / Security Engineering
Hands-on experience with AD, Entra ID, Linux
Strong PAM vaulting & endpoint privilege management expertise
Experience with MFA, SSO, Kerberos, certificate-based auth
Knowledge of Zero Trust, NIST, ITDR, CIS controls
Scripting: PowerShell / Python / Bash / Terraform
Excellent documentation and communication skills
Multi-cloud PAM experience (Azure, AWS, Google Cloud Platform)
Entra ID PIM & Conditional Access
CI/CD or ITSM integration with PAM tools
Certifications (CyberArk, CISSP, CISM, CCSP, Azure/AWS Security)
If you enjoy locking down privileged access , reducing attack surface, and driving enterprise-grade identity security - this is your seat at the table.
For applications and inquiries, contact: hirings@openkyber.com
...Maine Service Employees Association SEIU Local 1989 Union Field Representative Based in Augusta, ME Salary Range: $62,900 $84,400 Annually Summary: Maine Service Employees Association, SEIU Local 1989, is seeking to hire an experienced Union Representative...
...Responsibilities: - Support the development and scoping of the risk assessment plan. - Identify, assess, and document applicable security controls. - Collaborate with stakeholders to collect data and evidence. - Perform detailed analysis of access control...
...Are you ready to lead marketing that makes a measurable impact? Chick-fil-A Austell is seeking a Restaurant Marketing Supervisor who will design and execute strategies that grow sales, strengthen community ties, and elevate the guest experience. Were not just a quick...
...Job Summary: We are looking for a proactive HR Recruiter to support our manufacturing operations by sourcing, screening, and hiring qualified talent. This role will work closely with hiring managers, HR business partners, and external partners meet staffing needs and...
...Ninepin Hospitality Group is seeking a creative and results-driven Marketing Manager to elevate our brand presence for the Brass, Tusk Bar,... ...marketing or brand management, ideally within hospitality or restaurants. ~ Bachelor's degree in Marketing, Communications, or...