PAM Specialist

PAM Specialist - £592 PD (Inside IR35) – 6 Month Contract – Hybrid 2/3 Days in Oxford – BPSS Required Overview

We are seeking an experienced Privileged Access Management (PAM) Specialist to join a major UK government research organisation on a long‑term programme of work. This is a hands‑on technical role focused on designing, implementing, and managing enterprise‑grade PAM solutions to secure privileged access across complex infrastructure.

You will play a key role in strengthening identity security, ensuring robust credential protection, and supporting the organisation’s wider cyber security strategy.

• Implement, configure, and manage enterprise PAM toolkits.
• Configure and support Privileged Remote Access solutions.
• Manage credential vaulting, automated password rotation, and check‑in/check‑out workflows.
• Configure and maintain session monitoring and recording.
• Support discovery, onboarding, and lifecycle management for service accounts.
• Onboard Windows, Linux/Unix, and network devices into PAM platforms.
• Manage privileged account controls within Active Directory.
• Integrate PAM solutions with SIEM tools for event ingestion, correlation, and alerting.
• Troubleshoot connector, policy, and session issues.
• Produce high‑quality technical documentation and runbooks.

• Proven hands‑on experience deploying and managing PAM solutions.
• Strong knowledge of Privileged Remote Access technologies.
• Expertise in credential vaulting and password lifecycle automation.
• Experience configuring privileged session recording/monitoring.
• Familiarity with service account discovery and automated governance.
• Experience onboarding multi‑platform systems (Windows/Linux/network devices).
• Understanding of AD privileged identity management.
• Experience with SIEM integrations for PAM audit logging.
• Working knowledge of ISO 27001 and NIST CSF.
• Strong troubleshooting and analytical skills.
• Eligible for SC clearance.
• Degree in Cyber Security, Computer Science, or related field.
• Certifications in Beyond Trust (Password Safe, Privileged Remote Access).
• Experience with Beyond Trust EPM, Cyber Ark, or Delinea.
• Scripting skills in Power Shell or Python.
• Experience securing privileged access to databases (SQL Server, Oracle).
• Familiarity with ITSM/change control processes.
• Previous work within public sector or critical national infrastructure.
• Understanding of OT/ICS environments.