Priveleged Access Management Engineer

Lighthouse Technology Services is partnering with our client to fill their Privieleged Access Management (PAM) Engineer position! This is a 12+ month contract opportunity with a preference for hybrid on site in Buffalo, NY. This role will be a W2 employee of Lighthouse Technology Services. No C2C or subcontracting arrangements will be considered.What You'll Be Doing:Design & Operate Enterprise PAM SolutionsBuild, implement, and maintain CyberArk-based Privileged Access Management solutions at enterprise scale within a highly regulated financial services environmentManage credential vaulting, privileged session management, access policy enforcement, and audit loggingImplement and oversee credential lifecycle automation and rotation processesLeverage Azure Key Vault for secure storage and management of application secrets, keys, and certificatesIntegrate Security into DevOps PipelinesEmbed PAM and secrets management capabilities directly into DevOps and CI/CD workflowsBuild automation using PowerShell and REST APIs to enable scalable onboarding, credential rotation, and access workflowsPartner with application, cloud, and platform teams to implement security controls in cloud-native architectures without impeding development velocityEnsure Compliance & Security StandardsEnforce least privilege principles and session monitoring across the enterpriseDesign resilient, highly available PAM integrations across hybrid on-premises and Azure cloud environmentsMaintain compliance with internal risk, audit, and regulatory requirementsWhat You'll Need:5+ years of Expert-level, hands-on PAM engineering experience (not advisory/consulting only) in large, regulated enterprise environmentsDeep expertise with CyberArk platforms, including practical implementation and operational experienceProven track record in financial services or similarly regulated industriesStrong background with hybrid infrastructure: Windows, Linux, Active Directory, Entra ID, and Azure servicesAutomation proficiency with PowerShell and REST APIsAbility to operate independently and contribute immediately with minimal ramp-up timeStrong understanding of authentication, authorization, enterprise security architecture, and cloud securityExperience integrating security tools with CI/CD and DevOps platformsFinancial Industry / Regulatory Environment ExperienceExcellent collaboration skills when working with cross-functional technical teamsHighly Preferred Qualifications:CyberArk CDE (Cloud DevOps Extensions) CertificationIf this person has the CDE Certification - they will consider remote candidates with this.Pay Range: $90-100/hrQuestions about any of our jobs? Email us at recruiting@lhtservices.comView all of our open jobs here: jobs.lhtservices.com