Cybersecurity Engineer - Privileged Access Management

Overview

We are seeking a Cybersecurity Engineer to support a fast-paced organization within the health insurance industry. This fully remote, contract role focuses on developing and managing next-generation Privileged Access Management (PAM) systems and assets that support the enterprise and its portfolio companies. The ideal candidate brings hands-on technical experience, foundational knowledge of PAM concepts, and the ability to operate in an agile, highly regulated environment.

Key Responsibilities

• Research, evaluate, validate, and recommend technical security solutions while assisting with build, test, and implementation across the enterprise and its subsidiaries.
• Coordinate with product vendors and service providers supporting security technologies and operational processes.
• Manage system and application environments, including configuration, policy management, and ongoing operational activities for assigned security solutions.
• Monitor, report on, and enhance the performance and effectiveness of assigned security platforms.
• Provide incident response and problem management for security technologies, including troubleshooting hardware and software issues, resolving alerts, and performing remediation to restore operations.
• Own follow-up and completion of security work requests, collaborating with IT partners to ensure timely resolution and appropriate approvals.
• Support escalations, known issues, and out-of-cycle requests across multiple security solutions.
• Develop and maintain operational documentation such as procedures, engineering diagrams, and knowledgebase articles.
• Collect, analyze, and present security metrics and operational data to peers, leadership, and business stakeholders.
• Assist with migrations, upgrades, and decommissioning of complex security capabilities while assessing risk and impact.
• Collaborate with cross-functional teams to deliver security initiatives across the organization.
• Support continuous testing, validation, and gap analysis to strengthen security posture.
• Align solutions with established security reference architectures and published standards.
• Assist with disaster recovery planning, design, implementation, and testing for security technologies.
• Support remediation efforts resulting from threat assessments, vulnerability scans, or audits.
• Provide training and knowledge sharing on security tools, processes, and operational procedures.

Required Qualifications

• Ability to work independently with a strong willingness to seek guidance when needed.
• Solid understanding of security concepts and controls across network, application, and operating systems.
• Experience troubleshooting security issues, including vulnerability and patch management.
• Strong technical, analytical, documentation, and administrative skills.
• Proven problem-solving abilities with a proactive and ownership-driven mindset.
• Excellent interpersonal and written communication skills.
• Ability to adapt quickly and learn new technologies in a dynamic environment.
• Team-oriented approach with an understanding of enterprise-level objectives and collaboration.

Required Experience

• 4+ years of related professional experience
• 2+ years of cybersecurity experience
• 2+ years of IT infrastructure experience

Education

• Bachelor’s degree in a related field or equivalent relevant work experience

Certifications

• Systems Security Certified Practitioner (SSCP) required
• Contractors must possess a relevant cybersecurity or technical certification. If not currently held, a relevant certification must be obtained within 6 months of hire (as defined by the hiring manager).

Preferred Qualifications

• Experience with Privileged Access Management tools such as CyberArk, BeyondTrust, Delinea, or similar platforms.
• Experience with Azure privileged and non-privileged access management.
• Scripting or development experience (Python, PowerShell, JavaScript, Java, or similar) strongly preferred.
• Working knowledge of IAM, IAG, and IDM toolsets.