Senior Security Engineer - PAM

Senior Security Engineer - PAM - Contract - Orlando, FL/Hybrid - $70.00 - $100.00/hr

The final salary or hourly wage, as applicable, paid to each candidate/applicant for this position is ultimately dependent on a variety of factors, including, but not limited to, the candidate's/applicant's qualifications, skills, and level of experience as well as the geographical location of the position.

Applicants must be legally authorized to work in the United States. Sponsorship not available.

Our client is seeking a Senior Security Engineer - PAM in Orlando, FL

Role Description

Design, implement, and maintain PAM solutions including privileged account vaulting, session management, just-in-time access, and secrets management.
Administer and operate PAM platforms (e.g., CyberArk, CA PAM) across on-premises and cloud environments, ensuring high availability and security policy enforcement.
Develop and maintain automation for PAM onboarding, account provisioning, rotation, and reconciliation using PowerShell, Python, REST APIs, and Terraform.
Collaborate with IT, Cloud, DevOps, and application teams to integrate PAM controls into CI/CD pipelines, cloud platforms, and third-party systems.
Define and enforce privileged account policies aligned with TWDC security standards, regulatory requirements, and industry best practices.
Lead PAM-related risk assessments, access reviews, and audit response activities.
Troubleshoot complex PAM platform issues, driving root cause analysis and permanent remediation.
Mentor junior engineers and contribute to team documentation, runbooks, and architectural standards.
Identify opportunities to reduce the privileged access attack surface through improved tooling, automation, and process improvements.
Support knowledge sharing across the PAM team by leading technical discussions, reviewing peers' work, and contributing to team learning initiatives

Skills & Requirements

Minimum of 5+ years of experience in cybersecurity or identity and access management, with at least 3 years focused on Privileged Access Management.
Hands-on experience administering PAM platforms such as CyberArk (EPV, PSM, PVWA, CPM, CCP) or CA PAM (Broadcom Privileged Access Manager).
Proficiency in scripting and automation with PowerShell and/or Python for PAM workflows.
Experience integrating PAM solutions with directories (Active Directory, LDAP) and cloud platforms (AWS, Azure, Google Cloud Platform).
Strong understanding of PAM concepts: credential vaulting, session recording, just-in-time access, least privilege, secrets management, and SSH key management.
Demonstrated experience supporting compliance and audit processes (SOX, PCI-DSS, or similar frameworks).
Ability to work effectively across cross-functional teams in a large environment.
BA/BS Degree Comp Sci/IS or related field
Experience with DevOps secrets management tools such as HashiCorp Vault, AWS Secrets Manager, or Azure Key Vault.
Familiarity with Infrastructure as Code (Terraform) for PAM platform deployment and configuration.
Experience with SIEM integrations and PAM telemetry for privileged session monitoring.
Knowledge of Zero Trust architecture principles as applied to privileged access.
Experience with service account lifecycle management and non-human identity (NHI) programs.
Relevant certifications such as: CyberArk Defender/Sentry, CompTIA Security+, CISSP, or equivalent are highly desirable.
Master's degree in Information Technology, Information Security, Computer Science, or Business related field or equivalent validated work experience

Benefits/Other Compensation

This position is a contract/temporary role where Hays offers you the opportunity to enroll in full medical benefits, dental benefits, vision benefits, 401K and Life Insurance ($20,000 benefit).

Why Hays?

You will be working with a professional recruiter who has intimate knowledge of the industry and market trends. Your Hays recruiter will lead you through a thorough screening process in order to understand your skills, experience, needs, and drivers. You will also get support on resume writing, interview tips, and career planning, so when there's a position you really want, you're fully prepared to get it.

Nervous about an upcoming interview? Unsure how to write a new resume?

Visit the Hays Career Advice section to learn top tips to help you stand out from the crowd when job hunting.

Hays is committed to building a thriving culture of diversity that embraces people with different backgrounds, perspectives, and experiences. We believe that the more inclusive we are, the better we serve our candidates, clients, and employees. We are an equal employment opportunity employer, and we comply with all applicable laws prohibiting discrimination based on race, color, creed, sex (including pregnancy, sexual orientation, or gender identity), age, national origin or ancestry, physical or mental disability, veteran status, marital status, genetic information, HIV-positive status, as well as any other characteristic protected by federal, state, or local law. One of Hays' guiding principles is 'do the right thing'.
We also believe that actions speak louder than words.
In that regard, we train our staff on ensuring inclusivity throughout the entire recruitment process and counsel our clients on these principles. If you have any questions about Hays or any of our processes, please contact us.

In accordance with applicable federal, state, and local law protecting qualified individuals with known disabilities, Hays will attempt to reasonably accommodate those individuals unless doing so would create an undue hardship on the company. Any qualified applicant or consultant with a disability who requires an accommodation in order to perform the essential functions of the job should call or text .

Drug testing may be required; please contact a recruiter for more information.

#LI-DNI