We have an incredible opportunity to join our Group Privileged Access Management Team within Information Security as a Senior PAM Engineer. We'll be hosting a virtual open forum on if you would like to hear more about this role and ask any questions.
Applying for this role is straight forward Scroll down and click on Apply to be considered for this position.
Job Type: Permanent
Location: Hybrid - Edinburgh, Telford or Birmingham office. Expected 1-2 days per week in office, subject to business needs.
Flexible working: All of our roles are open to part-time, job-share and other types of flexibility. 45,000 - £60,000 plus 16% bonus up to 32%, private medical cover, 38 days annual leave, excellent pension, 12x salary life assurance, career breaks, income protection, 3x volunteering days and much more
We're Phoenix Group, we're a long-term savings and retirement business. We offer a range of products across our market-leading brands, Standard Life, SunLife, Phoenix Life and ReAssure. Around 1 in 5 people in the UK has a pension with us. We're a FTSE 100 organisation that is tackling key issues such as transitioning our portfolio to net zero by 2050, and we're not done yet.
As a Senior Privileged Access Management (PAM) Engineer, you'll lead the design, implementation, and optimisation of Phoenix Group's PAM services. You'll be responsible for engineering secure, scalable solutions using CyberArk and related technologies, ensuring privileged accounts are managed in line with Zero Trust principles. You'll work closely with architecture, infrastructure, and application teams to deliver robust controls that protect critical systems and sensitive data.
Design and solutionise PAM architectures using CyberArk and its modules (Vault, PSM, CPM, EPM, SIA).
- Define and maintain onboarding processes for privileged accounts across Windows, Linux, cloud, and SaaS platforms.
- Integrate PAM with identity platforms (Microsoft Entra ID) and SIEM (Sentinel) for centralised monitoring and alerting.
- Work with projects and business units to embed PAM controls into new solutions and services.
Automate PAM workflows using scripts (PowerShell, Python) to improve efficiency and reduce operational risk.
- Establish policies for credential rotation, session recording, and least-privilege access.
- Hands-on expertise across CyberArk modules (Vault, PSM, CPM, EPM, SIA).
- Knowledge of Microsoft Entra ID integration for identity-driven security.
- Strong scripting skills (PowerShell, Python) for automation and operational efficiency.
- Ability to engage with projects and stakeholders to embed PAM controls effectively.
- Awareness of regulatory and compliance standards (e.g., If you require any adjustments to the recruitment process, please let us know so we can help you to be at your best.