Lead PAM Engineer – Senior
MKS2 Technologies, LLC, an award-winning high growth small business, creates innovative and customer-centric technology solutions in the areas of Cyber Security, Instructional Design and Training, Software Engineering and IT Support Services to improve the security and well-being of our clients. Our commitment to excellence and our “Mission First” orientation has resulted in steady growth and an expanding client base across government agencies. We have employees nationwide and for the past three consecutive years were named one of the fastest growing Veteran-owned companies in the nation. Please take a moment to browse through our website and learn more about what it means to serve with MKS2.
Lead PAM Engineer – Senior
Location: National Capital Region (Washington, DC) – Hybrid/Onsite
Clearance: Must be able to pass background check (U.S. work authorization required)
Salary: $120,000-$150,000
Position Overview
We are seeking a Senior Lead PAM Engineer to design, implement, and manage enterprise Privileged Access Management (PAM) solutions across hybrid environments. This role is responsible for securing privileged identities, enforcing least-privilege access, and ensuring compliance with enterprise cybersecurity and identity governance requirements.
Key Responsibilities
Lead planning, implementation, and support of PAM platforms across enterprise environments
Onboard and manage:
Privileged accounts
Vaults and safes
Credential rotation policies
Connection components
Configure and support:
Privileged session monitoring
Audit logging and reporting
Access reviews and governance processes
Break-glass procedures
Integrate PAM platforms with:
Active Directory / Entra ID
SIEM and logging systems
Identity governance tools
Endpoint and cloud environments
Design PAM architecture and develop:
High-level and low-level design documentation
Implementation plans
SOPs and operational runbooks
Troubleshoot access, authentication, policy, and integration issues
Collaborate with SOC, NOC, and compliance teams to ensure security alignment
Support Zero Trust and least-privilege access strategies
Required Qualifications
8+ years of experience in:
Cybersecurity engineering
Identity & Access Management (IAM)
Privileged Access Management (PAM)
Enterprise security or infrastructure security
5+ years of hands-on experience with:
PAM / IAM platforms
Privileged credential lifecycle management
Access control implementation
Experience supporting environments across:
On-premise
Cloud
Hybrid architectures
Technical Expertise
PAM / IAM Platforms:
CyberArk
Microsoft Entra ID / Entra PIM
SailPoint
Okta
BeyondTrust
Delinea
Identity & Access Technologies:
Active Directory / LDAP
SAML, OAuth
MFA, RBAC
PKI / PIV/CAC
Core Capabilities:
Privileged account onboarding and vaulting
Credential rotation and lifecycle management
Session monitoring and auditing
Access governance and reviews
Frameworks & Methodologies
Knowledge of:
NIST frameworks
Zero Trust architecture
ICAM / FICAM principles
Identity governance and compliance
Education
Bachelor’s degree in Cybersecurity, IT, Computer Science, Engineering, or related field (or equivalent experience)
Certifications (Preferred/Required)
CISSP, PMP, or equivalent cybersecurity certifications
PAM/IAM platform certifications (CyberArk, Microsoft Identity, Okta, SailPoint, etc.)
Additional Qualifications
Experience designing enterprise PAM architecture
Strong documentation and communication skills
Ability to train stakeholders and present to leadership
Experience working in regulated or federal environments preferred
Ideal Candidate Profile
Hands-on PAM engineer with architecture-level experience
Strong background in identity security and access governance
Experienced in enterprise-scale deployments and integrations
Comfortable leading technical initiatives and mentoring teams
Detail-oriented with strong troubleshooting and analytical skills
Diversity creates a healthier atmosphere: MKS2 Technologies is proud to be an Equal Employment Opportunity / Affirmative Action employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.