Assess the client’s current production environment, identify operational risks and process gaps, and implement a scalable, business-aligned PAM/identity framework that strengthens control, reduces operational friction, and supports long-term operational resilience.
Work closely with business and technology leaders to drive PAM and identity initiatives that directly support production operations, ensuring access processes are efficient, sustainable, and aligned to the organization’s operating model.
Evaluate existing identity and privileged-access operating models — from access request flows and lifecycle processes to role structures, separation of duties, and certification cycles — identifying where the client’s production operations can be strengthened, streamlined, or matured.
Design and evolve privileged access and identity solutions that not only meet security requirements but also fit seamlessly into the client’s day-to-day operational model, producing actionable architectures and frameworks that elevate production reliability and accountability.
Build automated, self-service, and resilient privileged access and identity capabilities that reduce manual workload, enhance operational consistency, and minimize disruption across production environments.
Implement customizations to address customer business requirements.
Participate in security and application troubleshooting and incident problem resolutions with other infrastructure teams, including storage, messaging, server, and network.
Collaborate with various stakeholders, including IT teams, security teams, and business units, to implement effective and efficient identity and access management solutions.
Provide engineering support for complex and recurring incidents related to IAM platforms and perform root causes analysis in accordance with customer policies and standards.
Responsible for the standards, design, and operation of Sailpoint, BeyondTrust, CyberArk and related environments.
Requirements
Bachelor’s degree in Engineering, Information Technology, Computer Science, or related discipline preferred
5 + years of experience leading PAM and identity improvements in active production environments, with a focus on operational readiness, risk reduction, and scalable process design, required
Experience with cloud environments such as Azure/Entra/AWS/GCP cloud environments a bonus
Microsoft Certified IT Professional (Enterprise Administrator) preferred.
CISSP certification is a plus
Either CyberArk Certified Privilege Cloud (CPC) Delivery Engineer OR CyberArk Certified Delivery Engineer (CDE) preferred
Strong command of IAM/PAM foundations — including SSO, SCIM, OAuth, SAML, encryption, and PKI — and how these controls contribute to secure, dependable production operations.
Practical experience with the Microsoft ecosystem — AD, DNS, Group Policy, O365/Exchange, and Azure/Entra ID — to ensure privileged access and identity controls integrate smoothly into production systems and daily operational activities.
Excellent communication skills, both verbal and written are required.
Solid understanding of how Role Based Access Control (RBAC) works in large, distributed environments.
Solid understanding of cybersecurity principles and best practices.
Excellent problem-solving and analytical skills.
Experience working with PAM systems
Experience with MFA protocols and techniques.
Tech Stack
AWS
Azure
Cloud
Cyber Security
DNS
Google Cloud Platform
Benefits
A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups.
Work/life balance
Professional training resources
Creative problem-solving and the ability to tackle unique, complex projects
Volunteer Opportunities.
"Optiv Chips In" encourages employees to volunteer and engage with their teams and communities.
The ability and technology necessary to productively work remotely/from home.