Privileged Access Management; PAM Consultant

Description

Job Title :
Privileged Access Management (PAM) Consultant

Location : UK

Job Type :
Contract

Experience Level :
Senior

We are seeking a highly experienced Privileged Access Management (PAM) Consultant to lead the assessment and strategic planning of PAM solutions within a complex hosting infrastructure. This role focuses on evaluating existing access control mechanisms, identifying risks associated with over-privileged accounts, and recommending scalable PAM solutions tailored to diverse operating systems and on-premises environments.

• Conduct comprehensive assessments of internal infrastructure to identify privileged access risks and gaps.
• Analyze current access provisioning models, especially where elevated permissions (root, Admin access) are broadly granted.
• Analyze existing access control models and recommend enhancements using RBAC, ABAC, and least privilege principles.
• Design PAM architectures that support secure delegation of access across diverse platforms.
• Design and recommend PAM strategies that enforce least privilege, improve auditability, and enhance operational security.
• Evaluate and compare PAM solutions (Cyber Ark, Beyond Trust, Delinea) based on technical fit, scalability, and integration capabilities.
• Document findings in detailed reports including architecture diagrams, risk assessments, and implementation roadmaps.
• Collaborate with infrastructure, security, and operations teams to align PAM strategies with business and technical requirements.
• Support PoC and pilot deployments to validate solution effectiveness.
• Provide technical guidance on session monitoring, credential vaulting, access workflows, and policy enforcement.

• Experience in PAM consulting and implementation, with a strong focus on environmental assessment and solution design.
• Strong expertise in RBAC and ABAC models, including policy design and enforcement.
• Deep understanding of on-premises infrastructure and hosting environments.
• Hands‑on experience with Windows, Linux, Solaris, and AIX server platforms.
• Familiarity with Active Directory, LDAP, SSH key management, and service account governance.
• Experience with PAM tools such as Cyber Ark, Beyond Trust, Delinea, etc.
• Experience with identity federation, directory services, and authentication protocols (Kerberos, SAML, OAuth).
• Strong analytical skills to assess complex environments and recommend tailored solutions.
• Excellent documentation and presentation skills for technical and executive audiences.

• Certifications in PAM technologies (Cyber Ark Defender / Sentry, Beyond Trust Certified).
• Experience with scripting (Power Shell, Bash, Python) for automation and discovery.
• Knowledge of compliance frameworks such as ISO 27001, SOC 2, PCI‑DSS, or NIST.

• Privileged Access Management
• PAM
• Security
• design
• implementation
• environmental assessment
• solutions design

SC required, or lapsed SC or SC can be provided if eligible

Trading as TEKsystems. Allegis Group Limited, Maxis 2, Western Road, Bracknell, RG12 1RT
, United Kingdom. No. 2876353. Allegis Group Limited operates as an Employment Business and Employment Agency as set out in the Conduct of Employment Agencies and Employment Businesses Regulations 2003. TEKsystems is a company within the Allegis Group network of companies (collectively referred to as "Allegis Group"). Aerotek, Aston Carter, EASi, Talentis Solutions, TEKsystems, Stamford Consultants and The Stamford Group are Allegis Group brands.