PAM Engineer (2 Openings)
Location: Hybrid, 3 days a week in New York City, or Montreal, or Alpharetta, GA
Duration: 6+ Months
Required Skills and Experience
Strong hands-on experience as a PAM Engineer, IAM Engineer, Security Engineer, AI Platform Engineer, or similar technical role.
Experience with enterprise PAM platforms such as CyberArk, BeyondTrust, Delinea, One Identity, or similar technologies.
Strong understanding of privileged access, service accounts, non-human identities, least privilege, JIT access, RBAC, access workflows, and session control.
Proven experience building or supporting production AI, LLM, automation, or platform engineering solutions.
Deep knowledge of LLM concepts, including model selection, prompt engineering, grounding techniques, hallucination mitigation, drift monitoring, and evaluation.
Experience with agent frameworks, orchestration patterns, tool-using agents, multi-agent workflows, and agent lifecycle management.
Solid background in cloud-native architecture, APIs, distributed systems, data pipelines, and modern MLOps/LLMOps practices.
Ability to integrate AI solutions with enterprise platforms, security controls, identity systems, monitoring tools, and compliance processes.
Strong understanding of secure software development, access control design, logging, observability, and production support.
Experience working in large, complex, regulated enterprise environments, preferably financial services.
Preferred Qualifications
Experience implementing AI governance and control frameworks, including model controls, guardrails, evaluation, monitoring, and auditability.
Knowledge of NIST AI RMF, ISO AI governance concepts, OWASP Top 10 for LLM/Agentic Applications, MITRE ATLAS, or similar frameworks.
Familiarity with identity, authorization, and access models for AI agents, service accounts, machine identities, and non-human identities.
Experience designing secure AI systems for regulated industries, including financial services, banking, insurance, or capital markets.
Experience with hybrid cloud environments and enterprise-scale deployment patterns.
Experience remediating hardcoded credentials, unmanaged service accounts, excessive privileges, and privileged access risks.
Experience supporting audit, risk, compliance, and regulatory control testing.
Ideal Candidate Profile
A security-minded engineer who understands both PAM fundamentals and modern AI architecture.
Comfortable working hands-on while also providing technical leadership and architectural direction.
Able to design AI-enabled automation that is secure, explainable, auditable, and appropriate for a regulated enterprise.
Strong communicator who can partner across cybersecurity, IAM, AI engineering, infrastructure, application, cloud, risk, and audit teams.
Practical, production-focused, and able to balance innovation with governance, reliability, and control.