More jobs:
Privileged Access Management; PAM Engineer
Job in
Westbrook, Cumberland County, Maine, 04098, USA
Listed on 2026-03-14
Listing for:
Idexx
Part Time
position Listed on 2026-03-14
Job specializations:
-
IT/Tech
Cybersecurity, Systems Engineer -
Engineering
Cybersecurity, Systems Engineer
Job Description & How to Apply Below
IT accelerates the success of IDEXX employees and customers by providing scalable, secure, and innovative technology solutions. As a global organization supporting critical systems across cloud and onprem environments, we are committed to maturing our identity and security posture—particularly in the area of Privileged Access Management (PAM).
The
** PAM Engineer
** plays a pivotal role in ensuring secure, compliant, and tightly governed privileged access across the enterprise. This role is responsible for planning, implementing, and operating our PAM platform (e.g., Cyber Ark Privilege Cloud), supporting our strategy to reduce risk, strengthen identity governance, and meet audit and regulatory requirements.
This position partners closely with Security, Infrastructure, Cloud Engineering, Application teams, and IAM functions to enforce best practices, monitor privileged activity, and support the operational lifecycle of privileged accounts across servers, endpoints, cloud platforms, network devices, and SaaS environments.
If you are passionate about reducing privileged-access risk and enabling secure operations through automation, governance, and modern PAM tooling, we encourage you to apply.
** In this role, you will be responsible for:
**** Privileged Access Platform Administration
*** Deploy, configure, and maintain the enterprise PAM platform (e.g., Cyber Ark) including credential vaulting, session management, password rotation, and just In time (JIT) access.
* Manage platform components such as vault servers, connectors, session recording infrastructure, credential providers, and privileged session gateways.
* Ensure high availability, performance optimization, and adherence to operational SLAs.
** Privileged Account & Credential Lifecycle Management
*** Onboard and maintain privileged accounts across Windows, Linux, network devices, databases, cloud platforms (Azure, AWS, GCP), and SaaS admin consoles.
* Implement automated password rotation, check-in/checkout workflows, and lifecycle governance for service accounts, application credentials, and secrets.
* Maintain least privilege standards, including enforcement of cloud only admin accounts and removal of unnecessary or stale privileged principals.
** JIT Access, PIM/PAM Integration & Access Elevation
*** Administer justintime elevation policies for cloud roles (e.g., Entra PIM) and integrate them with the enterprise PAM strategy.
* Configure approval workflows, MFA enforcement, activation duration settings, and monitoring for high-risk role activation.
* Ensure alignment between PIM (role elevation) and PAM (credential vaulting/session control) platforms.
** Security, Compliance & Audit Support
*** Maintain controls required for SOX, SOC2, ISO, and internal/external audit reviews of privileged access activity.
* Support regular access reviews for privileged accounts and roles, collaborating with managers and system owners.
* Provide evidence for audits related to privileged access, session logs, credential governance, and administrative workflows.
** Automation, Scripting & Operational Efficiency
*** Develop and maintain automation (e.g., Power Shell, Python, APIs) for onboarding, credential rotation, vault management, and reporting.
* Build integrations between PAM and enterprise systems such as Service Now, SIEM, CMDB, IGA platforms, and cloud identity services.
* Streamline manual processes and reduce ticket volume through automation and mature workflow design.
** Monitoring & Incident Response
*** Monitor for suspicious privileged behavior, anomalous sign-ins, risky activations, or vault activity using SIEM and platform analytics.
* Maintain and periodically validate break glass/emergency access controls across critical systems.
* Serve as an escalation point for privileged access issues or failures impacting operations.
** Cross Functional Collaboration & Governance
*** Partner with infrastructure, application, cloud, and security teams to enforce standards for privileged access governance.
* Assist system owners in identifying what constitutes privileged access and mapping roles, entitlements, and required controls.
* Contribute to PAM roadmap planning, tool evaluations, and ongoing PAM maturity initiatives.
*
* Location:
Driving distance to our Westbrook, Maine HQ. Flexible hybrid on-site of 8 days per month/2 days per week on average, is required.
**** What You Will Need to Succeed:
*** 2 to 5 years of hands-on experience administering enterprise PAM solutions such as Cyber Ark.
* Strong understanding of privileged access concepts including:
* Credential vaulting
* Session monitoring and recording
* JIT elevation & PIM
* Password rotation
* Tiering/Zero Trust/least privilege
* Expertise with Windows/MacOS/Linux administration, Active Directory/Entra , cloud IAM roles (Azure, AWS, GCP), and integration of privileged accounts across these systems.
* ** Scripting & Automation:
** Proficiency in Power Shell, APIs, JSON, and automation frameworks. Experience automating password rotation,…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×