Job Title: Delinea PAM Engineer
Location – Milford, OH
FTE
Job Description
Must Have Technical/Functional Skills
• Experience: 5+ years of dedicated experience in Identity and Access Management (IAM), with at least 3+ years specifically focused on Delinea (formerly Thycotic).
• Delinea Mastery: Deep technical knowledge of Secret Server (Distributed Engines, Secret Policies) and Privilege Manager (Application Control, Elevation).
• Microsoft Entra ID: Strong experience with Azure PIM, Conditional Access, and Managed Identities.
• Infrastructure Skills: Strong understanding of Windows Server administration, Active Directory, GPOs, and Linux/Unix environments.
• Scripting: Proficiency in PowerShell or Python to automate API calls to Delinea and bulk-import secrets. Proficiency in SQL to generate reports.
Roles & Responsibilities
• Delinea Architecture: Lead the end-to-end implementation and scaling of Delinea Secret Server (On-prem or Cloud) and Delinea Privilege Manager.
• Secret Management: Design and maintain secret heartbeat, remote password changing (RPC), and check-out/check-in workflows for service accounts, local admins, and root accounts.
• Secure Remote Access (SRA): Have a good understanding of VPN-less remote access solutions (e.g., Delinea PRA) to provide secure, audited entry points for internal admins and third-party vendors.
• Azure PIM: General understanding of Azure PIM.
• Endpoint Privilege Management: Configure policies in Delinea Privilege Manager to enforce Least Privilege, allowing users to perform administrative tasks without having full local admin rights.
• Hybrid Integration: Ensure interoperability between Delinea (for on-prem) and Azure PIM (for Cloud Control Plane access), creating a unified identity security posture.
• Integration & Automation: Integrate Delinea with Active Directory (AD/Azure AD), SIEM (Sentinel), and Ticket Systems (ServiceNow) to automate lifecycle management.
• Discovery & Onboarding: Manage automated discovery rules to identify unmanaged accounts across Windows, Linux, and Network devices.
• Session Management: Configure and audit session recording and monitoring (Protocol Handler/Session Proxy) for high-risk administrative sessions.
• Compliance & Audit: Generate high-level reporting for audit requirements and lead remediation efforts for privileged access findings