IAM Architect (PAM & Delinea)

Job Role : IAM Architect (PAM AND Delinea)

Location : Lake Forest, IL

Duration : 12+ Months

• Hands on technical skills on Delinea is non-negotiable. The customer will expect to candidate to demonstrate technical skills with use cases when the customer interviews. Most submissions so far, either are analyst and not technical or they do not have technical experience in Delinea. Along with Delinea, the candidate is expected to be a Subject Matter Expert (SME) for Secret Server and Privilege Management.
  Essential Skills:
• Senior IAM Engineer (Privileged Access Management) Focus Delinea Secret Server Privilege Manager Experience 5-8 Years Role Overview We are looking for a Senior PAM Engineer to lead the design, implementation, and management of our Privileged Access Management (PAM) ecosystem.
  Your primary mission is to eliminate standing privileges and secure our most critical credentials using the Delinea suite.
• You will act as the Subject Matter Expert (SME) for Secret Server and Privilege Manager, ensuring that our infrastructure, cloud environments, and DevOps pipelines are secured against credential theft.

Core Responsibilities

• Delinea Architecture Lead the end-to-end implementation and scaling of Delinea Secret Server (On-prem or Cloud) and Delinea Privilege Manager.
• Secret Management Design and maintain secret heartbeat, remote password changing (RPC), and check-outcheck-in workflows for service accounts, local admins, and root accounts.
• Secure Remote Access (SRA) Have a good understanding of VPN-less remote access solutions (e.g., Delinea PRA) to provide secure, audited entry points for internal admins and third-party vendors.
  Azure PIM General understanding of Azure PIM.
• Endpoint Privilege Management Configure policies in Delinea Privilege Manager to enforce Least Privilege, allowing users to perform administrative tasks without having full local admin rights.
• Hybrid Integration Ensure interoperability between Delinea (for on-prem) and Azure PIM (for Cloud Control Plane access), creating a unified identity security posture.
• Integration Automation Integrate Delinea with Active Directory (ADAzure AD), SIEM (Sentinel), and Ticket Systems (ServiceNow) to automate lifecycle management.
• Discovery Onboarding Manage automated discovery rules to identify unmanaged accounts across Windows, Linux, and Network devices.
• Session Management Configure and audit session recording and monitoring (Protocol HandlerSession Proxy) for high-risk administrative sessions.
• Compliance Audit Generate high-level reporting for audit requirements and lead remediation efforts for privileged access findings.

Technical Requirements

• Experience 5 years of dedicated experience in Identity and Access Management (IAM), with at least 3 years specifically focused on Delinea (formerly Thycotic).
• Delinea Mastery Deep technical knowledge of Secret Server (Distributed Engines, Secret Policies) and Privilege Manager (Application Control, Elevation).
• Microsoft Entra ID Strong experience with Azure PIM, Conditional Access, and Managed Identities.
  Infrastructure Skills Strong understanding of Windows Server administration, Active Directory, GPOs, and LinuxUnix environments.
• Scripting Proficiency in PowerShell or Python to automate API calls to Delinea and bulk-import secrets. Proficiency in SQL to generate reports.

Education: At least a bachelor s degree (or equivalent experience) in Computer Science, Software/Electronics Engineering, Information Systems, or a closely related field is required