Senior IAM Engineer PAM (Delinea Secret Server SME)

Job Title: Senior IAM Engineer - PAM (Delinea Secret Server SME)

Location: Lake Forest, IL

Pay Rate: $65-$70/hr

Experience Required: 6-8+ Years

Position Overview

We are seeking a Senior IAM Engineer specializing in Privileged Access Management (PAM) with strong hands-on expertise in the Delinea Suite.

The ideal candidate will act as the Subject Matter Expert (SME) for Delinea Secret Server and Privilege Manager, responsible for designing, implementing, and managing enterprise privileged access solutions. The primary objective of this role is to eliminate standing privileges and secure critical credentials across infrastructure, cloud environments, and DevOps pipelines.

Note: Hands-on technical experience with Delinea Secret Server and Privilege Manager is mandatory and will be validated during client interviews through practical use cases.

Key Responsibilities

Delinea Architecture & Implementation

• Lead the design and implementation of Delinea Secret Server (On-Prem or Cloud) and Delinea Privilege Manager.

• Scale and maintain PAM infrastructure to support enterprise privileged access controls.

Privileged Credential Management

• Design and maintain secret management capabilities including:

  • Secret heartbeat monitoring

  • Remote Password Changing (RPC)

  • Credential check-out / check-in workflows

• Secure service accounts, local administrator accounts, and root credentials.

Secure Remote Access

• Implement VPN-less remote access solutions using tools such as Delinea Privileged Remote Access (PRA).

• Provide secure, audited access for internal administrators and third-party vendors.

Endpoint Privilege Management

• Configure Delinea Privilege Manager policies to enforce the Least Privilege model.

• Enable controlled privilege elevation without granting permanent admin rights.

Hybrid IAM Integration

• Integrate Delinea solutions with:

  • Active Directory / Azure AD (Microsoft Entra ID)

  • Azure PIM for cloud privilege control

  • SIEM platforms (e.g., Microsoft Sentinel)

  • ITSM systems (ServiceNow)

Discovery & Account Onboarding

• Configure automated discovery rules to identify unmanaged privileged accounts across:

  • Windows

  • Linux/Unix

  • Network infrastructure devices

Session Monitoring & Security

• Configure session monitoring and recording using Protocol Handler / Session Proxy.

• Ensure audit trails for privileged administrative activity.

Compliance & Reporting

• Generate audit reports and compliance documentation for privileged access activities.

• Lead remediation initiatives for PAM-related audit findings.

Required Skills & Experience

• 6-8+ years of experience in Identity and Access Management (IAM).

• Minimum 3 years of hands-on experience with Delinea (formerly Thycotic).

• Deep expertise in:

  • Delinea Secret Server (Distributed Engines, Secret Policies)

  • Delinea Privilege Manager (Application Control, Privilege Elevation)

• Strong understanding of Privileged Access Management (PAM) concepts.

• Experience integrating IAM solutions in hybrid infrastructure environments.

Technical Skills

• Microsoft Entra ID / Azure PIM

• Active Directory administration

• Windows Server environments

• Linux/Unix system administration

• Group Policy (GPO)

Automation & Reporting

• Scripting with PowerShell or Python for automation and API integrations.

• SQL proficiency for reporting and analytics.

Core Competencies

Delinea Secret Server | Privileged Access Management | Privilege Manager | Microsoft Entra ID | Azure PIM | Active Directory | PAM Architecture | Credential Security | Least Privilege | Security Compliance