About the Role:
We are seeking an experienced Privileged Access Management (PAM) Engineer to join CrowdStrike's Identity and Access Management team. This role will focus on implementing, maintaining, and optimizing our PAM infrastructure, primarily working with Delinea Secret Server and 1Password Enterprise. The position is crucial in protecting our organization's most sensitive credentials and ensuring secure privileged access across our global infrastructure.
What You'll Do:
PAM Platform Management-
Design, implement, and maintain Delinea Secret Server infrastructure
Manage and optimize 1Password Enterprise deployment for secure credential management
Develop and maintain PAM policies and procedures
Configure and maintain privileged session monitoring and recording
Implement automated password rotation and credential management workflows
System Integration-
Integrate PAM solutions with existing infrastructure (Active Directory, Azure AD)
Configure API integrations for automated secret management
Implement DevOps secrets management workflows
Deploy and maintain PAM agents and connectors
Design and implement disaster recovery solutions for PAM infrastructure
Operational Support-
Manage privileged account lifecycle processes
Troubleshoot PAM-related issues and incidents
Provide technical guidance for PAM implementations
Maintain system documentation and runbooks
Participate in 24/7 on-call rotation
Security and Compliance-
Implement PAM security controls and best practices
Support audit requirements and compliance initiatives
Monitor privileged access usage and anomalies (SIEM/LogScale)
Conduct regular access reviews for privileged accounts
Maintain audit trails for privileged access activities
What You'll Need:
5+ years of experience in IAM/PAM operations
3+ years hands-on experience with Delinea Secret Server
2+ years experience with enterprise password managers (1Password preferred)
2+ years experience with Veza or similar application
Strong understanding of privileged access security concepts and best practices
Experience with Active Directory and Azure AD
Scripting skills (PowerShell, Python, Bash)
Knowledge of REST APIs and automation frameworks
Excellent problem-solving and communication skills
Bonus Points:
Experience with cloud platforms (AWS, Azure, GCP)
Security certifications (CISSP, CIAM, Security+)
Full-stack Python/Golang development experience
Experience with SIEM/Log Analysis tools (LogScale, Splunk)
Knowledge of Graph relationship databases (Neo4j)
Familiarity with Veza, SailPoint IdentityNow
Experience with federal sector requirements
Microsoft Azure certifications
Experience with Atlassian stack (Jira & Confluence)
This role offers the opportunity to work with cutting-edge identity and access management technologies while contributing to CrowdStrike's mission of stopping breaches through innovative security solutions.
