What are the responsibilities and job description for the PAM Engineer position at Calance?
- Work Type: Contract
- Job Title: PAM Engineer-AI Automation
- Duration: 6-12 Month
- Onsite: Yes, hybrid ( 3 days onsite)
- Location: New York, NY; Alpharetta, GA; Montreal, CAN
- Work Authorization: Must be able to work in USA or Canada: No sponsorship
- Must Have: PAM fundamentals and modern AI architecture.
Required Skills and Experience
- Strong hands-on experience as a PAM Engineer, IAM Engineer, Security Engineer, AI Platform Engineer, or similar technical role.
- Experience with enterprise PAM platforms such as CyberArk, BeyondTrust, Delinea, One Identity, or similar technologies.
- Strong understanding of privileged access, service accounts, non-human identities, least privilege, JIT access, RBAC, access workflows, and session control.
- Proven experience building or supporting production AI, LLM, automation, or platform engineering solutions.
- Deep knowledge of LLM concepts, including model selection, prompt engineering, grounding techniques, hallucination mitigation, drift monitoring, and evaluation.
- Experience with agent frameworks, orchestration patterns, tool-using agents, multi-agent workflows, and agent lifecycle management.
- Solid background in cloud-native architecture, APIs, distributed systems, data pipelines, and modern MLOps/LLMOps practices.
- Ability to integrate AI solutions with enterprise platforms, security controls, identity systems, monitoring tools, and compliance processes.
- Strong understanding of secure software development, access control design, logging, observability, and production support.
- Experience working in large, complex, regulated enterprise environments, preferably financial services.
Preferred Qualifications
- Experience implementing AI governance and control frameworks, including model controls, guardrails, evaluation, monitoring, and auditability.
- Knowledge of NIST AI RMF, ISO AI governance concepts, OWASP Top 10 for LLM/Agentic Applications, MITRE ATLAS, or similar frameworks.
- Familiarity with identity, authorization, and access models for AI agents, service accounts, machine identities, and non-human identities.
- Experience designing secure AI systems for regulated industries, including financial services, banking, insurance, or capital markets.
- Experience with hybrid cloud environments and enterprise-scale deployment patterns.
- Experience remediating hardcoded credentials, unmanaged service accounts, excessive privileges, and privileged access risks.
- Experience supporting audit, risk, compliance, and regulatory control testing.
Ideal Candidate Profile
- A security-minded engineer who understands both PAM fundamentals and modern AI architecture.
- Comfortable working hands-on while also providing technical leadership and architectural direction.
- Able to design AI-enabled automation that is secure, explainable, auditable, and appropriate for a regulated enterprise.
- Strong communicator who can partner across cybersecurity, IAM, AI engineering, infrastructure, application, cloud, risk, and audit teams.
- Practical, production-focused, and able to balance innovation with governance, reliability, and control.