Privileged Access Management (PAM) Engineer (Journeyman)

Athenix Special Missions is seeking a Privileged Access Management (PAM) Engineer Journeyman in MacDill Air Force Base (Tampa), Florida!

Athenix Special Missions is a world leader in designing, building, and developing realistic training exercises for Special Operations, conventional forces, and partner nations. Our experience ranges from planning individual team training events to executing 2,000-person joint exercises.

Our mission-tailored solutions include tactical and strategic training events and exercises and often integrate live forces with virtual and constructive training domains. By bringing together the right combination of subject-matter expertise, domain insight, and advanced technology, we help improve mission readiness, increase situational awareness, and enhance performance.

ASM Quality Policy: To meet or exceed our customers' expectations for quality, delivery, and service through continual improvement, striving to meet our objectives, and committing to meeting all legal and statutory requirements

Must be a U.S. Citizen

Location: MacDill AFB, Florida

Clearance Requirement: Must have an Active DoD TS/SCI Clearance

We are seeking a PAM Engineer to join our team executing Wave 2 of the USSOCOM Zero Trust Integration effort. This role is critical to Line of Effort 2, focusing on the deployment and operationalization of an enterprise-wide Privileged Access Management (PAM) solution to secure the NIPR, SIPR, and Top-Secret network enclaves. The ideal candidate will be responsible for vaulting privileged credentials, enforcing Just-In-Time (JIT) access, and integrating the PAM architecture with the broader Zero Trust ecosystem.

Key Responsibilities

• PAM Solution Deployment: Lead the installation, configuration, and technical implementation of the enterprise PAM solution (Delinea focus) across multiple network enclaves.
• Credential Vaulting: Discover, inventory, and onboard all known privileged user, administrator, and service accounts into the secure PAM vault.
• Policy Enforcement: Design and configure policies for Just-In-Time (JIT) access, session recording, and privileged session monitoring to ensure zero standing privileges.
• Infrastructure Integration: Develop scripts and API integrations to connect the PAM solution with the existing Splunk SIEM for centralized logging and the Identity Governance (IGA) platform for lifecycle management.
• Security Compliance: Support the RMF accreditation process by developing Low-Level Design (LLD) documents, System Security Plans (SSP), and Standard Operating Procedures (SOPs) to achieve Authority to Operate (ATO).
• Enterprise Rollout: Manage the expansion of PAM policies from initial pilot groups to full enterprise enforcement for all privileged users.

Requirements

Required:

• DoD 8570 Compliance: Must hold an IAT Level II certification (e.g., Security+ CE, CCNA Security) or higher.
• Specific Certifications: Delinea Certified Administrator is highly preferred/required.

Technical Skills:

• Deep expertise in Privileged Access Management (PAM) architectures and "Zero Standing Privileges" concepts
• Experience implementing Just-In-Time (JIT) access workflows
• Proficiency in integrating PAM tools with Active Directory, SIEM (Splunk), and IGA tools.

Labor Category Description

Function: Applies a set of disciplines for planning, analyzing, engineering, and designing information systems, including specialized engineering of security solutions.

Responsibilities:

• Develops analytical and computational techniques and methodology for problem solutions.
• Performs enterprise-wide strategic systems planning, business information planning, and business analysis.
• Analyze and recommendation of security/privacy products and services.
• Assessment of security/privacy policies and procedures.
• Applies process improvement practices to reengineer methodologies and principles and business process modernization projects.
• Applies reverse engineering and re-engineering disciplines to develop migration strategic and planning documents.

Journeyman

• Education: BA/BS or MA/MS
• Years Exp: 3-10
• A Journeyman labor category has 3 to 10 years of experience and a BA/BS or MA/MS degree. A Journeyman labor category typically performs all functional duties independently.

Senior

• Education: MA/MS
• Years: 10+
• A Senior labor category has over 10 years of experience and a MA/MS degree. A Senior labor category typically works on high-visibility or mission critical aspects of a given program and performs all functional duties independently. A Senior labor category may oversee the efforts of less senior staff and/or be responsible for the efforts of all staff assigned to a specific job.

Equal Opportunity Employer, including disability and protected veteran status