Job Details: Our client is looking for a skilled PAM & Endpoint Security Engineer to design, implement, and manage enterprise endpoint security solutions. The PAM Engineer will play a critical role in reducing endpoint risks by enforcing least privilege policies, controlling application execution, and supporting the organizations identity and privilege access management strategy. The ideal candidate has strong technical expertise in BeyondTrust solutions across all OSs, and a proven background in enterprise security engineering. Responsibilities Design & Implementation: Lead the deployment and configuration of BeyondTrust EPM/PMUL across enterprise endpoints (Windows, macOS, Linux). Develop policies to enforce least privilege, application control, and just-in-time elevation. Integrate BeyondTrust PAM with other enterprise security tools (SIEM, IAM, vulnerability management). Develop policies in Password safe to ensure privileged accounts are secured. Create Automation using APIs for onboarding of assets/users Operations & Support: Maintain, monitor, and troubleshoot PAM infrastructure and endpoint agents. Respond to incidents and service requests related to Analyze logs, alerts, and user behaviors to refine security policies. Policy & Governance: Collaborate with security, compliance, and IT operations teams to align PAM policies with corporate security standards. Contribute to identity & access management (IAM) and privileged access management (PAM) strategies. Document configurations, policies, and standard operating procedures. Continuous Improvement Conduct proof-of-concepts for new PAM features and integrations. Provide recommendations to optimize endpoint security without impacting user productivity. Develop automation scripts (PowerShell, Python, etc.) for reporting and operational efficiency. Required: 35+ years of experience in endpoint security engineering or privileged access management. Hands-on experience with BeyondTrust solutions (design, deployment, policy management). Strong knowledge of Windows and macOS endpoint administration. Familiarity with Active Directory, Group Policy, and enterprise endpoint management tools (SCCM, Intune, Jamf). Solid understanding of principle of least privilege (PoLP) and zero trust security models. Experience with scripting languages (PowerShell, Python, or similar). Preferred Skills: BeyondTrust certifications Experience with BeyondTrust Password Safe, Privileged Remote Access, or other PAM tools. Familiarity with SIEM solutions (Splunk, Sentinel, QRadar) and integration practices. Knowledge of compliance frameworks (SOX, PCI-DSS, HIPAA, ISO 27001). Strong analytical and problem-solving abilities. Excellent communication skills (verbal and written). Ability to work independently and within cross-functional teams. Detail-oriented with strong organizational and documentation skills. Skills: PAM & Endpoint Security Engineer BeyondTrust solutions Active Directory,