PIM/PAM Engineer

Capgemini Government Solutions (CGS) LLC is seeking a PIM/PAM Engineer to support mission?critical government clients. The ideal candidate will collaborate with a high?performing team, engage with a broad range of stakeholders, and play a key role in expanding CGS capabilities while continuing to grow their technical and consulting expertise.

The PIM/PAM Engineer is responsible forthe architecture, design, implementation, and administration of enterprise-level Privileged Identity Management (PIM) and Privileged Access Management (PAM) solutions. Thisrole ensures the secure management of privileged identities within the framework by maintaining a hardened appliance posture and enforcing the Principle of Least Privilege across the enterprise. The ideal candidate is a technical specialist who understands that identity is the new perimeter. You will act as the primary administrator for our PAM vaulting solutions, working closely with Infrastructure, DevOps, and Security Operations teams to integrate vaulting into every layer of our tech stack.

Key Responsibilities :

• Design, deploy, configure, andmaintainrobust PIM/PAM solutions across enterprise, cloud, and hybrid environments.

• Manage the lifecycle of privileged accounts, including automated vaulting, password rotation, privileged session management, and just-in-time (JIT) access.

• Integrate PIM/PAM tools with broader identity ecosystems (IdPs, IGA, SIEM, and ticketing systems like ServiceNow) using APIs and custom scripting.

• Define, implement, and enforce least-privilege access policies, role-based access control (RBAC), and attribute-based access control (ABAC).

• Conduct regular discovery audits toidentifyunmanaged privileged accounts, service accounts, and secrets, bringing them under centralized management.

• Provide tier-3 technical support for complex identity infrastructure issues, system upgrades, patches, and disaster recovery drills.

• Support continuous monitoring and audit readiness by generating compliance reports and ensuring adherence to federal and DoD security frameworks.

• Deep understanding of session recording, credential vaulting,secretsmanagement, and delegation of authority.

• Strong foundational knowledge of Windows Active Directory, Linux/Unix administration, Group Policy Objects (GPOs), and basic networking protocols.

• Proficiencyin scripting languages (e.g., PowerShell, Python, Bash) for automation and API integrations.

Required Qualifications:

• Ability to obtain and maintain a DoD Secret Clearance. U.S. Citizenship is required.
• Bachelor?s degree in computer science, Information Technology, Cybersecurity, or a related technical field is required.

• 6+ofprogressiveIT experiencerequiredwith 2-3+ years of dedicated experience in Identity and Access Management (IAM), with a strong focus on PIM/PAM engineeringhighly-desired.

• CompTIA Security+ CE (Current) is highly desired, must be able to obtain within 3 months of hire.

About Capgemini

Capgemini is a global leader in partnering with companies to transform and manage their business by harnessing the power of technology. The Group is guided everyday by its purpose of unleashing human energy through technology for an inclusive and sustainable future. It is a responsible and diverse organization of over 360,000 team members in more than 50 countries. With its strong 55-year heritage and deep industry expertise, Capgemini is trusted by its clients to address the entire breadth of their business needs, from strategy and design to operations, fueled by the fast evolving and innovative world of cloud, data, AI, connectivity, software, digital engineering and platforms. The Group reported in 2022 global revenues of ?22 billion.

Get The Future You Want | ;/p>

Disclaimer

All qualified applicants will be considered for employment based on their skills, and merit.

Please be aware that Capgemini may capture your image (video or screenshot) during the interview process and that image may be used for verification, including during the hiring and onboarding process.

Applicants for employment in the US must have valid work authorization that does not now and/or will not in the future require sponsorship of a visa for employment authorization in the US by Capgemini.

Capgemini discloses salary range information in compliance with state and local pay transparency obligations. The disclosed range represents the lowest to highest salary we, in good faith, believe we would pay for this role at the time of this posting, although we may ultimately pay more or less than the disclosed range, and the range may be modified in the future. The disclosed range takes into account the wide range of factors that are considered in making compensation decisions including, but not limited to, geographic location, relevant education, qualifications, certifications, experience, skills, seniority, performance, sales or revenue-based metrics, and business or organizational needs. At Capgemini, it is not typical for an individual to be hired at or near the top of the range for their role. The base salary range for the tagged location is $110k - $135k.

This role may be eligible for other compensation including variable compensation, bonus, or commission. Full time regular employees are eligible for paid time off, medical/dental/vision insurance, 401(k), and any other benefits to eligible employees.

Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, or any other form of compensation that are allocable to a particular employee remains in the Company's sole discretion unless and until paid and may be modified at the Company?s sole discretion, consistent with the law.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the notice from the Department of Labor.