beyond trust engineer.

job summary:
As a PAM Platform Engineer on the Identity Access Management team,

you willl be a key technical specialist responsible for designing, implementing, and

maintaining our enterprise-wide Privileged Access Management infrastructure using

BeyondTrust. You lead the rollout of BeyondTrust and support ongoing management

of our privileged access solutions, including password management, endpoint privilege

management, and session management capabilities across our retail technology

ecosystem.

 
 
location: Seattle, Washington
job type: Contract
salary: $85 - 95 per hour
work hours: 9am to 5pm
education: Bachelors
 
responsibilities:
 PAM Platform Leadership: Serve as the primary technical expert for privileged

access management solutions, including architecture, deployment, configuration,

and optimization of password vaults and endpoint privilege management systems

 Enterprise PAM Implementation: Design and execute large-scale PAM

deployments across Windows, macOS, and Linux environments, ensuring

seamless integration with existing infrastructure

 Policy Development & Management: Create and maintain privilege elevation

policies, credential rotation schedules, access request workflows, and

governance rules aligned with security and compliance requirements

 Integration & Automation: Integrate PAM solutions with ITSM platforms, SIEM

tools, vulnerability scanners, directory services, and other security infrastructure

to create comprehensive privileged access workflows

 Troubleshooting & Support: Provide expert-level technical support for PAM

platform issues, performance optimization, privileged account onboarding, and

user access requests

 Security & Compliance: Ensure PAM implementations meet PCI DSS, and

other requirements through proper audit trails, session recording and monitoring,

and privileged account governance

 Documentation & Training: Develop technical documentation, procedures, and

training materials for internal teams and end users

 Continuous Improvement: Monitor platform performance, evaluate new

features, and implement best practices to enhance security posture and

operational efficiency

 
qualifications:
 Knowledge of DevOps practices, CI/CD pipelines, and Infrastructure as Code

(Terraform, Ansible)

 Familiarity with ITSM integration (ServiceNow, Jira) for ticket-driven privileged

access workflows

 Experience with SIEM integration and security monitoring platforms (Splunk,

QRadar, etc.)

 Understanding of zero trust architecture and least privilege access principles

 Experience with secrets management platforms (HashiCorp Vault, AWS

Secrets Manager, Azure Key Vault)

 Previous experience in retail technology environments or large-scale

enterprise deployments

 Industry certifications such as CISSP, CISM, or relevant cloud security

certifications


Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact HRsupport@randstadusa.com.

Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including: medical, prescription, dental, vision, AD&D, and life insurance offerings, short-term disability, and a 401K plan (all benefits are based on eligibility).

This posting is open for thirty (30) days.