Privileged Access Management Engineer

Privileged Access Management Engineer

Posted on February 7, 2026
Visp
English
Temporary
Posted on February 7, 2026

About this role

Role Overview

We are seeking an experienced Privileged Access Management (PAM) Subject Matter Expert (SME) to lead the design, implementation, and operational maturity of PAM capabilities across a complex enterprise environment.

This role is responsible for establishing and enforcing robust security controls for privileged identities, ensuring compliance with regulatory and security standards, and embedding PAM as a core enterprise security capability.

The PAM Engineer will act as a technical authority, owning PAM architecture, policies, onboarding standards, and operational governance. The role works closely with Cyber Security, Infrastructure, Identity & Access Management (IAM), and Application teams to drive adoption, standardization, and continuous improvement.

Key Responsibilities

Strategy & Architecture

  • Define and maintain the PAM architecture aligned with enterprise security strategy and Zero Trust principles.

  • Develop and maintain PAM roadmaps, standards, and design patterns.

  • Ensure effective integration of PAM solutions with IAM, SIEM, directory services, and cloud platforms.

  • Own PAM tiering models and enforce Tier 0 protections.

Engineering & Implementation

  • Lead PAM deployments and technical onboarding of:

    • Domain and directory accounts

    • Service accounts

    • Local administrator accounts

    • Application and DevOps identities

  • Design and configure:

    • Credential vaulting and automated rotation

    • Session brokering and session recording

    • Just-in-Time (JIT) privileged access

    • Secrets management

  • Provide technical leadership for PAM upgrades, migrations, and platform consolidation initiatives.

Governance, Risk & Compliance

  • Define and maintain PAM policies, procedures, and control frameworks.

  • Ensure alignment with relevant security and regulatory standards (e.g. ISO 27001, NIST, CIS Controls, GMP / GxP where applicable).

  • Support audits, internal control testing, and regulatory inspections.

  • Own risk assessments related to privileged access and drive remediation plans.

Operations & Continuous Improvement

  • Establish PAM operational models, including runbooks and standard operating procedures (SOPs).

  • Define service KPIs and performance metrics.

  • Lead incident response activities related to privileged access compromise.

  • Drive automation, standardization, and self-service onboarding capabilities.

Stakeholder Engagement

  • Act as a trusted technical advisor to IT Security leadership and programme sponsors.

  • Collaborate with application owners and infrastructure teams to securely onboard systems.

  • Provide training, coaching, and knowledge transfer to operational teams.

  • Support vendor management activities and product evaluations.

Essential Skills & Experience

Technical Expertise

  • Strong hands-on expertise with at least one enterprise PAM platform, such as:

    • CyberArk

    • Delinea

    • BeyondTrust

    • One Identity

    • HashiCorp Vault

  • Deep understanding of Active Directory / Entra ID integration.

  • Experience managing privileged access across Windows, Linux, and Unix environments.

  • Solid understanding of networking, certificates, and identity-related security controls.

  • Experience integrating PAM with SIEM platforms and implementing alerting.

Professional Experience

  • Proven experience as a PAM Engineer, Architect, or SME in a large or complex enterprise environment.

  • Experience designing and implementing Tier 0 / Tier 1 identity security controls.

  • Experience working in regulated environments (e.g. finance, healthcare, life sciences, manufacturing).

  • Demonstrated ability to lead technical designs and influence senior stakeholders.

Soft Skills

  • Strong communication and stakeholder management skills.

  • Ability to translate technical security controls into business risk language.

  • Structured, analytical problem-solving approach.

  • Comfortable operating independently and leading workstreams end-to-end.

Desirable Qualifications

  • Security certifications such as:

    • CISSP, CISM, CCSP

    • Vendor-specific certifications (e.g. CyberArk Defender, Delinea Specialist)

Want more jobs like this?Get IT & technology jobs in Visp delivered straight to your inbox.
By signing up, you agree that we may process your information in accordance with our privacy policy.
More jobs from this employer

Similar jobs

SAP Technology Consultant
Senior Lead, Innovation Concept Design
Solution Architect - Zug
Microsoft Business Lead
Java / Full Stack Developer (all genders) - Bern
Browse more jobs
Useful Links

LATEST CAREER NEWS & ARTICLES

What is the median wage in Switzerland?What is the median wage in Switzerland?
Employees in Switzerland feel exhausted and often work overtimeEmployees in Switzerland feel exhausted and often work overtime
Take control of your career with the SMART frameworkTake control of your career with the SMART framework
Which sectors saw the biggest wage increase in 2025 in Switzerland?Which sectors saw the biggest wage increase in 2025 in Switzerland?
You might be interested in
Career coachesSwiss CV guideCover lettersWorking in Switzerland
For expats of all colours, shapes and sizes
Explore
About us
More IamExpat
Privacy
Never miss a thing!Sign up for expat events, news & offers, delivered once a week.
Keep me updated with exclusive offers from partner companies
By signing up, you agree that we may process your information in accordance with our privacy policy
© 2026 IamExpat Media B.V.
Apply for this position