Senior Privileged Access Management (PAM) Specialist

Senior Privileged Access Management (PAM) Specialist Job Number: 26-00832 Ready for a rewarding opportunity in the Financial Services Industry? ECLARO is looking for a Senior Privileged Access Management (PAM) Specialist for our client in Canton, CT. ECLARO's client is a market-leading insurance company, providing property, casualty, and specialty insurance services within the United States. If you're up to the challenge, then take a chance at this rewarding opportunity! Position Overview: The Senior Privileged Access Management (PAM) Specialist is a key member of the Identity & Access Management organization responsible for overseeing the policies, controls, and technologies governing privileged accounts and elevated access across the enterprise. The role is responsible for engineering, administering and improving the enterprise PAM program. It has accountability for the full lifecycle of privileged identities, implements technical controls to safeguard high-risk accounts, acts as the lead for major PAM platform initiatives, and partners with technology and business teams to ensure secure, compliant access to critical systems. This role serves as a subject matter expert for PAM processes across all technical platforms, supporting regulatory compliance, driving automation initiatives, and ensuring enforcement of least privilege principles. The position requires advanced technical expertise not only in PAM but also Identity and access management, strong analytical skills, and the ability to partner across security, infrastructure, audit, and application teams to maintain a secure and compliant privileged access ecosystem. Responsibilities: Design, implement, and manage the enterprise PAM solution (e.g., password vaulting, session monitoring, credential rotation, credential relationship, and privileged access integrations with applications). Maintain, upgrade, and optimize PAM infrastructure and integrations across on prem, cloud, and SaaS environments. Ensure secure onboarding and lifecycle management of privileged accounts, service accounts, and application credentials. Lead governance of privileged access processes, including periodic access certifications, entitlement reviews, break glass monitoring, and elevated-access lifecycle controls. Develop and manage PAM dashboards, KPIs, and reporting to measure control effectiveness, highlight risk trends, and ensure compliance with internal policies and regulatory requirements (SOX, NYDFS, etc.). Identify, document, and track PAM related issues; drive remediation efforts to closure in partnership with technology and application teams. Design and implement automated solutions for privileged access reporting, session monitoring, vaulting operations, and exception management using PowerShell, Python, SQL, or workflow tools. Serve as SME for PAM platforms such as BeyondTrust, T MS Entra Privileged Identity Management (PIM), or equivalent technologies. Oversee integration of PAM controls with enterprise systems, directories, cloud platforms, and critical applications; support onboarding of new privileged accounts and systems. Conduct trend analysis on PAM data to identify anomalies or unusual access patterns and escalate for investigation. Provide advanced Tier II-III troubleshooting for privileged access failures, vaulting issues, session monitoring, credential rotation, and privileged access integrations. Prioritize urgent PAM related requests, high risk access elevations, and break glass events. Maintain and enhance PAM operational documentation, workflows, and knowledge base content. Partner with Internal Audit, Cybersecurity, Infrastructure, and Application Owners to ensure privileged access processes meet regulatory and internal control expectations. Advise stakeholders on RBAC, least privilege design, SoD risk identification, and privileged access architecture. Participate in and contribute to security assessments, incident reviews, and access related investigations. Collaborate on IAM and PAM strategy, policies, and continuous improvement initiatives. Contribute to group projects, process redesign efforts, and enterprise PAM roadmap planning. Cross train team members to maintain operational continuity and uplift team capability. Provide informal mentoring to junior IAM/PAM team members. Decision-Making Authority / Accountability Level largescale PAM deployments, tool migrations, and modernization initiatives. Provide technical direction, support and mentoring to junior team members, application development and architecture working in a collaborative manner. Participate in architecture reviews and contribute to longterm identity security strategy. Operates with a high level of independence and technical judgment. Makes recommendations on PAM design, control frameworks, and automation opportunities. Escalates systemic risks, policy gaps, and material access control findings. Required Qualifications: Strong expertise with one or more PAM platforms (BeyondTrust, MS Entra PIM). Advanced proficiency in scripting (PowerShell, Python) for automation, reporting, and process streamlining. Deep understanding of privileged access concepts: credential vaulting, session monitoring, least privilege, SoD, break glass, and privilege escalation risks. Strong knowledge of Active Directory, Entra ID, Windows/Linux privilege models, and cloud platform permissions (Azure/AWS). Strong analytical, diagnostic, and problem solving skills under pressure. Strong organizational skills, attention to detail, and ability to manage multiple requests. Excellent written and verbal communication skills Demonstrated engagement across functional teams, to drive initiatives. Ability to work strategically and collaboratively across departments Preferred Qualifications: Bachelor's degree in Computer Science, Information Systems or related field. 5-7 years of experience in Privileged Access Management, Identity & Access Management, or Information Security. Experience supporting PAM in regulated industries (SOX, NYDFS, GLBA). Strong understanding of IAM, least privilege, Zero Trust architecture, and credential security. Experience with scripting languages (PowerShell, Python, Bash) and API integrations. Familiarity with Windows, Linux, networking fundamentals, and cloud platforms (Azure, AWS, GCP). Experience supporting audits, compliance assessments, and privileged access risk remediation. Familiarity with SailPoint, Identity Governance platforms, and audit/compliance tooling. Experience with workflow automation, RPA, or orchestration tools a plus. Certifications a plus (e.g., CISSP, CISM, . If hired, you will enjoy the following ECLARO Benefits: 401k Retirement Savings Plan administered by Merrill Lynch Commuter Check Pretax Commuter Benefits Eligibility to purchase Medical, Dental & Vision Insurance through ECLARO If interested, you may contact: Homer Ballega Homer Ballega LinkedIn Equal Opportunity Employer: ECLARO values diversity and does not discriminate based on Race, Color, Religion, Sex, Sexual Orientation, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status, in compliance with all applicable laws.