Lead Privileged Access Management (PAM) Engineer

Job Description

Job Description

Description:

Hybrid 2 Days Onsite/3 Days Remote in Washington, DC

Our client seeks a Lead Privileged Access Management (PAM) Engineer to design, implement, and operate enterprise PAM solutions across a complex federal hybrid cloud environment. The role manages privileged identities, enforces access controls, and ensures secure access across cloud and on-prem systems. The position requires deep hands-on experience with CyberArk and modern identity platforms, with the ability to integrate PAM into enterprise security architecture and support Zero Trust initiatives.

Due to client requirements, applicants must be willing and able to work on a w2 basis. For our w2 consultants, we offer a great benefits package that includes Medical, Dental, and Vision benefits, 401k with company matching, and life insurance.

Rate: $85.00 to $96.00/hr. w2

• Lead design, implementation, and administration of PAM solutions, primarily CyberArk.
• Manage and optimize privileged account lifecycle management, including onboarding, rotation, monitoring, and deprovisioning.
• Configure and support Microsoft Entra PIM for role-based privileged access.
• Integrate PAM solutions with identity providers and SSO platforms such as Okta and Entra ID.
• Develop and enforce policies for privileged access across enterprise systems.
• Coordinate with cybersecurity, infrastructure, and cloud teams to secure privileged access pathways.
• Support PAM strategy and architecture planning across hybrid environments.
• Implement automation and workflows for privileged access provisioning and approvals.
• Perform monitoring, auditing, and reporting on privileged access activity.
• Support compliance with federal security standards and cybersecurity frameworks.
• Provide technical leadership, mentoring, and guidance to junior engineers and administrators.

• 7+ years of experience in identity, access management, or cybersecurity engineering.
• 3+ years specializing in Privileged Access Management.
• Hands-on experience with CyberArk implementation or administration, Microsoft Entra PIM, and Okta or identity/access management integration.
• Expertise in privileged account lifecycle management and PAM architecture across cloud and on-prem environments.
• Experience integrating PAM with enterprise systems and security tools.
• Strong understanding of IAM, RBAC, and privileged access controls.
• Experience supporting enterprise or federal IT environments.
• Exposure to tools and platforms including AWS, Azure, Microsoft Defender, Microsoft Sentinel, Rapid7 InsightVM, Veracode, Jira, Confluence, Device42, Xacta, Intune, Microsoft Purview, Appian, and Oracle.
• Preferred: Experience with federal agencies or regulated environments (FISMA, NIST), familiarity with Zero Trust, scripting with PowerShell or Python, and certifications such as CyberArk Defender/Sentry, CISSP, CISM, or Microsoft Identity.
• Soft skills: Technical leadership, clear communication with diverse stakeholders, ability to operate in complex environments, and strong problem-solving.

Recruitment Transparency Notice

Eliassen Group values transparency in our recruitment practices. Please be advised that Eliassen Group utilizes artificial intelligence (AI) tools as part of its initial application screening and hiring process. You may receive email and SMS notifications from the Eliassen Virtual Recruiting Team ( View email address on ziprecruiter.com , View phone number on ziprecruiter.com) inviting you to complete a brief voice screening as part of your application process. These tools assist our hiring teams in different ways, including but not limited to, assistance in reviewing application materials to help identify candidates whose qualifications most closely match the requirements of the position. All AI-assisted evaluations and responses are reviewed by human recruiters before any hiring decisions are made. The use of AI in our process is intended to support fairness, efficiency, and consistency, and Eliassen Group takes measures to prevent bias or discrimination in connection with its hiring practices. By proceeding, you acknowledge, agree, and consent to Eliassen Group’s use of these tools, including AI tools, as part of the application and hiring process.

Skills, experience, and other compensable factors will be considered when determining pay rate. The pay range provided in this posting reflects a W2 hourly rate; other employment options may be available that may result in pay outside of the provided range.

· When you work with Eliassen Group, all email communication will come from an Eliassen.com address, never Gmail, Yahoo, etc.

· Eliassen Group will never ask you for personal information (home address, bank account, or check routing number) until you have worked with someone clearly associated with Eliassen Group.

If you have any indication of fraudulent activity, please contact View email address on ziprecruiter.com.

About Eliassen Group:

Eliassen Group is a strategic consulting firm that helps organizations reach further and achieve more through our technology, business advisory, and life sciences solutions. For nearly 40 years, we have combined exceptional people, deep domain expertise, and intelligent capabilities to expand our clients’ capacity and accelerate meaningful outcomes. We are driven by a purpose to positively impact the lives of our employees, clients, consultants, and the communities we serve.

Eliassen is committed to building a diverse and inclusive team from a variety of backgrounds, perspectives, and skills. We are an Equal Opportunity and Affirmative Action Employer and all employment decisions are based on merit, performance, and business needs. Eliassen does not discriminate on the basis of race, color, gender identity or expression, sexual preference or orientation, sex (including pregnancy, childbirth, and related medical conditions), marital status, creed, religion, physical or mental disability, genetic information, military or veteran status, age, ancestry, national origin, citizenship status, prohibited criminal record inquiries of applicants and employees, or any other category protected by federal, state, or local laws.

Don’t miss out on our referral program! If we hire a candidate that you refer us to then you can be eligible for a $1,000 referral check!