Job Title: Privileged Access Management (PAM) Consultant Role Overview: We are seeking a highly experienced Privileged Access Management (PAM) Consultant to lead the assessment and strategic planning of PAM solutions within a complex hosting infrastructure. This role focuses on evaluating existing access control mechanisms, identifying risks associated with over-privileged accounts, and recommending scalable PAM solutions tailored to diverse operating systems and on-premises environments. Key Responsibilities: · Conduct comprehensive assessments of internal infrastructure to identify privileged access risks and gaps. · Analyze current access provisioning models, especially where elevated permissions (e.g., root, Admin access) are broadly granted. · Analyze existing access control models and recommend enhancements using RBAC, ABAC, and least privilege principles. · Design PAM architectures that support secure delegation of access across diverse platforms. · Design and recommend PAM strategies that enforce least privilege, improve auditability, and enhance operational security. · Evaluate and compare PAM solutions (e.g., CyberArk, BeyondTrust, Delinea) based on technical fit, scalability, and integration capabilities. · Document findings in detailed reports including architecture diagrams, risk assessments, and implementation roadmaps. · Collaborate with infrastructure, security, and operations teams to align PAM strategies with business and technical requirements. · Support PoC and pilot deployments to validate solution effectiveness. · Provide technical guidance on session monitoring, credential vaulting, access workflows, and policy enforcement. Requirements Key Skills & Experience: · 10 years of experience in PAM consulting and implementation, with a strong focus on environmental assessment and solution design. · Strong expertise in RBAC and ABAC models, including policy design and enforcement. · Deep understanding of on-premises infrastructure and hosting environments. · Hands-on experience with Windows, Linux, Solaris, and AIX server platforms. · Familiarity with Active Directory, LDAP, SSH key management, and service account governance. · Experience with PAM tools such as CyberArk, BeyondTrust, Delinea, etc · Experience with identity federation, directory services, and authentication.