Senior Privileged Access Management Specialist -IT; Hybrid

Senior Privileged Access Management (PAM) Specialist (Corporate IT) – Locations:
Farmington, CT;
Canton, MA;
Boston, MA;
Raleigh, NC (Hybrid schedule).

• Design, implement, and manage the enterprise PAM solution (e.g., password vaulting, session monitoring, credential rotation, credential relationship, and privileged access integrations with applications).
• Maintain, upgrade, and optimize PAM infrastructure and integrations across on‑prem, cloud, and SaaS environments.
• Ensure secure onboarding and lifecycle management of privileged accounts, service accounts, and application credentials.
• Lead governance of privileged access processes, including periodic access certifications, entitlement reviews, break‑glass monitoring, and elevated‑access lifecycle controls.
• Develop and manage PAM dashboards, KPIs, and reporting to measure control effectiveness, highlight risk trends, and ensure compliance with internal policies and regulatory requirements (SOX, NYDFS, etc.).
• Identify, document, and track PAM‑related issues; drive remediation efforts to closure in partnership with technology and application teams.
• Design and implement automated solutions for privileged access reporting, session monitoring, vaulting operations, and exception management using Power Shell, Python, SQL, or workflow tools.
• Serve as SME for PAM platforms such as Beyond Trust, T MS Entra Privileged Identity Management (PIM), or equivalent technologies.
• Oversee integration of PAM controls with enterprise systems, directories, cloud platforms, and critical applications; support onboarding of new privileged accounts and systems.
• Conduct trend analysis on PAM data to identify anomalies or unusual access patterns and elevate for investigation.
• Provide advanced Tier II–III troubleshooting for privileged access failures, vaulting issues, session monitoring, credential rotation, and privileged access integrations.
• Prioritize urgent PAM‑related requests, high‑risk access elevations, and break‑glass events.
• Maintain and enhance PAM operational documentation, workflows, and knowledge base content.
• Partner with Internal Audit, Cybersecurity, Infrastructure, and Application Owners to ensure privileged access processes meet regulatory and internal control expectations.
• Advise stakeholders on RBAC, least‑privilege design, SoD risk identification, and privileged access architecture.
• Participate in and contribute to security assessments, incident reviews, and access‑related investigations.
• Collaborate on IAM and PAM strategy, policies, and continuous improvement initiatives.
• Contribute to group projects, process redesign efforts, and enterprise PAM roadmap planning.
• Cross‑train team members to maintain operational continuity and uplift team capability.
• Provide informal mentoring to junior IAM/PAM team members.

• Bachelor’s degree in Computer Science, Information Systems or related field.
• 5-7 years of experience in Privileged Access Management, Identity & Access Management, or Information Security.
• Experience supporting PAM in regulated industries (SOX, NYDFS, GLBA).
• Strong understanding of IAM, least privilege, Zero Trust architecture, and credential security.
• Experience with scripting languages (Power Shell, Python, Bash) and API integrations.
• Familiarity with Windows, Linux, networking fundamentals, and cloud platforms (Azure, AWS, GCP).
• Experience supporting audits, compliance assessments, and privileged access risk remediation.
• Familiarity with SailPoint, Identity Governance platforms, and audit/compliance tooling.
• Experience with workflow automation, RPA, or orchestration tools a plus.
• Certifications a plus (e.g., CISSP, CISM).

• Base salary range: $111,000 - $148,000 for U.S. offices.
• For San Francisco, CA;
  Washington DC;
  Massachusetts; and New York City, base salary range: $133,000 - $178,000.

• Comprehensive medical, dental and vision insurance with no waiting period.
• Competitive paid time off programs.
• 401(k) savings and annual contributions of up to 12% of annual salary.
• Mental health support programs, life and disability insurance, paid parental leave and a variety of additional voluntary benefits.

This position will remain posted until a final candidate is selected. Once the role is filled, this job posting will be removed.