BeyondTrust PAM Engineer

Description :

• Lead migration of BeyondTrust setup from hardware appliances to virtual machines (VMs) end to end.
• Perform upgrades, security patching and post-upgrade stability checks for Appliance, BI, and BIUL components.
• Manage and maintain BeyondTrust PAM (BTPAM) infrastructure, including Smart Rules, onboarding workflows, and role-based access controls.
• Configure and troubleshoot Active Directory Bridge (ADB) and Privileged Management for Unix/Linux (PMUL).
• Define and enforce security policies aligned with compliance standards.
• Register APIs and manage Secret Safe configurations.
• Onboard Windows, Linux, and network devices, including service accounts and password rotation.
• Conduct user access reviews, offboarding, and audit trail analysis.
• Configure custom platforms and database connections within BTPAM.
• Implement monitoring strategies and handle Breakglass scenarios.
• Collaborate with vendor support for issue resolution and case management.
• Ensure effective load balancing and backup retention strategies.
• Work cross-functionally to support secure access and infrastructure resilience.

Required Skills & Knowledge

• 
  Strong understanding of BeyondTrust PAM architecture and operations.
• Experience with Active Directory, DNS, and infrastructure validation tools and Familiarity with ports, protocols, and networking fundamentals relevant to PAM.
• Proven ability to manage user access lifecycle and onboarding workflows.
• Knowledge of audit, monitoring, and password rotation features in BTPAM.
• Experience troubleshooting high-priority (P1) issues and conducting root cause analysis.
• Understanding of Active/Active and Active/Passive architecture concepts.
• Ability to define and implement Smart Rules, onboarding rules, and role-based access controls.
• Troubleshoot RDP/SSH launch issues and connectivity problems.

• Hands on BTPAM experience (5 years)
• Worked on Password safe (Smart rules) & AD Bridging
• PMUL experience