Description
Job Title: Privileged Access Management (PAM) Consultant
Location: UK
Job Type: Contract
Experience Level: Senior
Role Overview:
We are seeking a highly experienced Privileged Access Management (PAM) Consultant to lead the assessment and strategic planning of PAM solutions within a complex hosting infrastructure. This role focuses on evaluating existing access control mechanisms, identifying risks associated with over-privileged accounts, and recommending scalable PAM solutions tailored to diverse operating systems and on-premises environments.
Key Responsibilities:
* Conduct comprehensive assessments of internal infrastructure to identify privileged access risks and gaps.
* Analyze current access provisioning models, especially where elevated permissions (e.g., root, Admin access) are broadly granted.
* Analyze existing access control models and recommend enhancements using RBAC, ABAC, and least privilege principles.
* Design PAM architectures that support secure delegation of access across diverse platforms.
* Design and recommend PAM strategies that enforce least privilege, improve auditability, and enhance operational security.
* Evaluate and compare PAM solutions (e.g., CyberArk, BeyondTrust, Delinea) based on technical fit, scalability, and integration capabilities.
* Document findings in detailed reports including architecture diagrams, risk assessments, and implementation roadmaps.
* Collaborate with infrastructure, security, and operations teams to align PAM strategies with business and technical requirements.
* Support PoC and pilot deployments to validate solution effectiveness.
* Provide technical guidance on session monitoring, credential vaulting, access workflows, and policy enforcement.
Key Skills & Experience:
* Experience in PAM consulting and implementation, with a strong focus on environmental assessment and solution design.
* Strong expertise in RBAC and ABAC models, including policy design and enforcement.
* Deep understanding of on-premises infrastructure and hosting environments.
* Hands-on experience with Windows, Linux, Solaris, and AIX server platforms.
* Familiarity with Active Directory, LDAP, SSH key management, and service account governance.
* Experience with PAM tools such as CyberArk, BeyondTrust, Delinea, etc
* Experience with identity federation, directory services, and authentication protocols (e.g., Kerberos, SAML, OAuth)
* Strong analytical skills to assess complex environments and recommend tailored solutions.
* Excellent documentation and presentation skills for technical and executive audiences.
Preferred Qualifications:
* Certifications in PAM technologies (e.g., CyberArk Defender/Sentry, BeyondTrust Certified).
* Experience with scripting (PowerShell, Bash, Python) for automation and discovery.
* Knowledge of compliance frameworks such as ISO 27001, SOC 2, PCI-DSS, or NIST.
We are an equal opportunities employer and welcome applications from all suitably qualified persons. SC required, or lapsed SC or SC can be provided if eligible
#J-18808-Ljbffr