Key skills
AzureCloudLinuxPythonServiceNowPowerShellAIIAMActive DirectoryJiraLeadershipStakeholder ManagementMentoringCommunicationCloud SecurityZero Trust
About this role
Role Overview
- Lead the automation‑first design and engineering of PAM solutions
- Play a senior role in CyberArk (or similar) implementation and expansion
- Engineer fully automated onboarding for: privileged user accounts, service and application accounts, credentials, secrets, and keys
- Integrate PAM with SailPoint for automated governance, lifecycle, and access reviews
- Define PAM standards, onboarding patterns, and automation frameworks
- Automate privileged access requests, approvals, and provisioning via ServiceNow
- Build automated PAM and SailPoint reporting for audits and compliance
- Reduce manual PAM operations through scripting and orchestration
- Secure privileged access across: Active Directory environments, Windows and Linux platforms, Azure and cloud services, applications and DevOps pipelines
- Act as senior escalation point for PAM‑related incidents
- Partner with Security Architecture and Audit on control design and evidence automation
- Produce high‑quality architecture diagrams, runbooks, and engineering documentation
- Apply AI‑assisted tooling to enhance troubleshooting and operational insight
Requirements
- Significant, hands‑on experience in Privileged Access Management
- Hands‑on SailPoint experience is mandatory
- Strong experience with CyberArk (PAS, PSM, EPM) or equivalent tools
- Proven ability to engineer and automate PAM at scale
- Strong understanding of privileged access risks and threat vectors
- Advanced experience with Active Directory and hybrid identity environments
- Strong automation and scripting skills (PowerShell, Python, APIs)
- Experience supporting audits using automated evidence and reporting
- Ability to operate as a senior engineer, providing technical leadership
- Experience using ServiceNow and/or Jira to automate privileged access workflows
- Broader knowledge of IAM, IGA, Zero Trust, or identity security domains
- Experience working with DevOps teams, including securing pipelines and secrets
- Bachelor’s degree in Computer Science, Engineering, Mathematics, or related discipline; or equivalent experience
- Relevant certifications (e.g. CyberArk, SailPoint, Microsoft Security, Cloud Security)
- Strong communication and stakeholder management skills
- Customer‑focused mindset, balancing security with business usability
- Demonstrated growth mindset, passionate about continuous learning
- Experience mentoring or guiding other engineers
Tech Stack
- Azure
- Cloud
- Linux
- Python
- ServiceNow
Benefits
- Flexible benefits fund
- Emergency leave days
- Adoption leave
- 28 days annual leave (plus bank holidays)
- Pension
- Life cover
- Private medical insurance
- Parental leave
- Education assistance program