Job Type: Full Time

Job Category: IT

Job Description

Role: PAM Lead

Location: Irvine, CA (Onsite)

FTE Only

Job Description

• Minimum 7+ years as an IAM Engineer with hands-on experience in privileged access technologies, with recent experience in agentic AI and securing OWASP to 10 NHI risks. Strong DM, CyberArk, Azure Key Vault, AWS Secrets and other privileged solution areas are a plus.
• Understanding of agentic AI systems, including binding AI agents to enterprise identities, least privilege enforcement, policy-based guardrails, Model Context Protocol (MCP), mutual TLS, OAuth2 token exchanges, and AI security tools.
• Familiarity with API gateways, service meshes (Kong, Istio, Apigee), and machine identity management (certificates, workload IDs, SPIFFE/SPIRE).
• Experience with IAM automation and administration using Terraform, Ansible, Cloud-init, Pulumi, Python, and Unix/Windows systems.
• Strong proficiency in authentication technologies: SSO, federation protocols (SAML, OIDC, OAuth2), API authentication, SCIM, RBAC, ABAC, JIT provisioning, and zero-trust principles.
• Expertise in privileged access management, including credential vaulting, session management, and PAM/PAW models.
• Skilled in directory services and multi-cloud identity governance (Azure AD, AWS AD, EntraID, Okta) and cloud IAM across AWS, Azure, and GCP.
• Awareness of open standards, threat modeling, insider threats, and continuous authentication.
• Strong organization, project delivery, communication, collaboration, and leadership skills. 

Required Skills