Lead PAM Engineer

About

cFocus Software seeks a Lead PAM Engineer to join our program supporting the Federal Communications Commission (FCC).

Qualifications

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience)
• 7+ years of experience in cybersecurity, identity security, or PAM engineering
• Demonstrated experience supporting large-scale, complex enterprise environments
• Experience leading or supporting enterprise cybersecurity engineering programs
• Extensive experience with PAM platforms and identity security tools
• Strong understanding of identity and access management (IAM), authentication, and authorization
• Experience with Active Directory, LDAP, SSO, MFA, and federation technologies
• Knowledge of cybersecurity frameworks (NIST, RMF, FISMA)
• Experience with cloud and hybrid environments (AWS, Azure, M365)
• Familiarity with SIEM, SOAR, and monitoring tools
• Strong scripting skills (PowerShell, Python)
• Experience leading enterprise security engineering initiatives
• Experience implementing Zero Trust Architecture
• Familiarity with audit, compliance, and A&A processes
• Experience with automation and orchestration tools
• Strong leadership, communication, and stakeholder engagement skills

Required Certifications

• Relevant cybersecurity certifications demonstrating expertise in identity and access management and security engineering
• Examples include: CISSP (preferred)
• CompTIA Security+
• Certified Identity and Access Manager (CIAM) or equivalent
• GIAC certifications (e.g., GSEC, GCIA)
• PAM platform-specific certifications (CyberArk, BeyondTrust, etc.)
• Equivalent certifications demonstrating similar competency may be accepted

Duties

• Lead the design, implementation, and administration of PAM solutions (e.g., CyberArk, BeyondTrust, Delinea)
• Develop and enforce privileged access policies, controls, and governance processes
• Manage privileged account lifecycle including provisioning, rotation, monitoring, and decommissioning
• Integrate PAM solutions with enterprise systems (AD, Azure AD, cloud platforms, applications)
• Implement least privilege and Zero Trust access models across enterprise systems
• Monitor and audit privileged sessions, access activities, and credential usage
• Support incident response and forensic investigations involving privileged access
• Identify gaps in identity security posture and recommend improvements
• Collaborate with SOC, IAM, cloud, and infrastructure teams
• Develop documentation, SOPs, and engineering standards for PAM operations
• Provide technical leadership and mentorship to junior engineers.