Aspect Resources
Culham, Oxfordshire
Job Title: PAM Specialist Location: Culham, Oxfordshire - hybrid working (2-3 days/week on site) Contract Duration : 30/09/2026, possible extension Daily Rate: £55/hr (Umbrella - Maximum) IR35 Status: Inside IR35 Security Clearance: Must be eligible for SC The PAM Specialist will be responsible for the hands-on implementation, configuration, and ongoing management of the organisations BeyondTrust Privileged Access Management platform. Working within the cyber security team, you will deploy and configure Password Safe, Privileged Remote Access, and related BeyondTrust components to secure privileged access across the enterprise. This is a technically focused implementation role requiring deep expertise in BeyondTrust products and privileged access management. You will work closely with infrastructure teams, application owners, and security operations to ensure privileged accounts are properly vaulted, sessions are monitored, and access follows least privilege principles. Key Accountabilities Implement and configure BeyondTrust Password Safe for credential vaulting and management Deploy and manage BeyondTrust Privileged Remote Access for secure vendor and admin access Configure automated password rotation policies for privileged and service accounts Implement privileged session recording, monitoring, and keystroke logging Configure Just-in-Time (JIT) access workflows and approval processes Onboard Windows, Linux/Unix Servers, network devices, and applications to the PAM platform Discover and vault service accounts, application accounts, and shared credentials Configure Smart Rules for automated account discovery and management Implement session Proxy configurations for RDP, SSH, and application access Develop break-glass procedures and emergency access workflows Integrate BeyondTrust with SIEM for security monitoring and alerting Configure BeyondTrust connectors for Active Directory, Entra ID, and target systems Manage platform upgrades, patching, and health monitoring Troubleshoot connector issues, session failures, and platform errors Maintain documentation of PAM configurations, policies, and operational runbooks Support audit and compliance activities with reporting and evidence gathering Essential: Hands-on experience implementing and managing PAM toolkits Experience with Privileged Remote Access configuration and management Strong understanding of credential vaulting, password rotation, and check-in/check-out workflows Experience configuring privileged session recording and monitoring Knowledge of service account discovery and life cycle management Experience onboarding Windows Server, Linux/Unix, and network devices to PAM platforms Understanding of Active Directory privileged account management Experience with SIEM integration for PAM event logging and alerting Working knowledge of security frameworks: ISO 27001, NIST CSF Strong troubleshooting skills for connector and session issues Good documentation skills for technical configurations and runbooks Ability to obtain SC-level national security clearance Desirable: Degree in Information Security, Computer Science, or related STEM field BeyondTrust certifications (Password Safe Administrator, Privileged Remote Access) Experience with BeyondTrust Endpoint Privilege Management Experience with other PAM platforms (CyberArk, Delinea) Scripting skills (PowerShell, Python) for automation Experience with database privileged access (SQL Server, Oracle) Familiarity with ITSM workflows and change control procedures Experience in public sector or critical national infrastructure environments Knowledge of OT/ICS environments and industrial systems access requirements To apply for this role please submit your latest CV or contact Aspect Resources Disability Confident As a member of the disability confident scheme, CLIENT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. Armed Forces Covenant CLIENT is proud to support the Armed Forces Covenant and as such, we guarantee to interview all veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. If you qualify for the above, please notify us. We will be in touch to discuss your suitability and arrange your Guaranteed Interview. Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let me know.
Job Title: PAM Specialist Location: Culham, Oxfordshire - hybrid working (2-3 days/week on site) Contract Duration : 30/09/2026, possible extension Daily Rate: £55/hr (Umbrella - Maximum) IR35 Status: Inside IR35 Security Clearance: Must be eligible for SC The PAM Specialist will be responsible for the hands-on implementation, configuration, and ongoing management of the organisations BeyondTrust Privileged Access Management platform. Working within the cyber security team, you will deploy and configure Password Safe, Privileged Remote Access, and related BeyondTrust components to secure privileged access across the enterprise. This is a technically focused implementation role requiring deep expertise in BeyondTrust products and privileged access management. You will work closely with infrastructure teams, application owners, and security operations to ensure privileged accounts are properly vaulted, sessions are monitored, and access follows least privilege principles. Key Accountabilities Implement and configure BeyondTrust Password Safe for credential vaulting and management Deploy and manage BeyondTrust Privileged Remote Access for secure vendor and admin access Configure automated password rotation policies for privileged and service accounts Implement privileged session recording, monitoring, and keystroke logging Configure Just-in-Time (JIT) access workflows and approval processes Onboard Windows, Linux/Unix Servers, network devices, and applications to the PAM platform Discover and vault service accounts, application accounts, and shared credentials Configure Smart Rules for automated account discovery and management Implement session Proxy configurations for RDP, SSH, and application access Develop break-glass procedures and emergency access workflows Integrate BeyondTrust with SIEM for security monitoring and alerting Configure BeyondTrust connectors for Active Directory, Entra ID, and target systems Manage platform upgrades, patching, and health monitoring Troubleshoot connector issues, session failures, and platform errors Maintain documentation of PAM configurations, policies, and operational runbooks Support audit and compliance activities with reporting and evidence gathering Essential: Hands-on experience implementing and managing PAM toolkits Experience with Privileged Remote Access configuration and management Strong understanding of credential vaulting, password rotation, and check-in/check-out workflows Experience configuring privileged session recording and monitoring Knowledge of service account discovery and life cycle management Experience onboarding Windows Server, Linux/Unix, and network devices to PAM platforms Understanding of Active Directory privileged account management Experience with SIEM integration for PAM event logging and alerting Working knowledge of security frameworks: ISO 27001, NIST CSF Strong troubleshooting skills for connector and session issues Good documentation skills for technical configurations and runbooks Ability to obtain SC-level national security clearance Desirable: Degree in Information Security, Computer Science, or related STEM field BeyondTrust certifications (Password Safe Administrator, Privileged Remote Access) Experience with BeyondTrust Endpoint Privilege Management Experience with other PAM platforms (CyberArk, Delinea) Scripting skills (PowerShell, Python) for automation Experience with database privileged access (SQL Server, Oracle) Familiarity with ITSM workflows and change control procedures Experience in public sector or critical national infrastructure environments Knowledge of OT/ICS environments and industrial systems access requirements To apply for this role please submit your latest CV or contact Aspect Resources Disability Confident As a member of the disability confident scheme, CLIENT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. Armed Forces Covenant CLIENT is proud to support the Armed Forces Covenant and as such, we guarantee to interview all veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. If you qualify for the above, please notify us. We will be in touch to discuss your suitability and arrange your Guaranteed Interview. Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let me know.
