Cayuse Holdings

Lead BeyondTrust Consultant

Location US-
ID 2025-2933
Category
Information Technology
Position Type
Independent Contractor
Remote
Yes
Clearance Required
None

Overview

Job Title: Lead BeyondTrust Consultant
Location: Remote
Type: Corp to Corp/1099
Start Date: ASAP

Pay Rate:  $70 - 75 per hour

Contract Length:  6 months - Potentially Renewable

 

We are seeking a highly skilled BeyondTrust Expert & Lead Consultant to join our team on a remote, 6-month contract to lead the successful implementation, optimization, and ongoing management of BeyondTrust solutions. The ideal candidate will possess in-depth expertise in BeyondTrust’s privileged access management (PAM) and endpoint security products and have experience leading enterprise-level deployments in complex environments. This role requires both strategic vision and hands-on technical acumen to deliver robust security solutions and drive operational excellence.

 

As the primary subject matter expert (SME) for BeyondTrust within the organization, you will provide guidance on best practices, architect effective solutions, and collaborate with diverse stakeholders to secure critical infrastructure and user access.

Responsibilities

  1. BeyondTrust Expertise and Solution Leadership
  • Serve as the subject matter expert (SME) for the design, implementation, and management of BeyondTrust’s Privileged Access Management (PAM) and related security tools.
  • Lead the end-to-end deployment of BeyondTrust solutions, including BeyondTrust Password Safe, Privilege Management for Endpoints, Remote Support, and other PAM modules.
  • Evaluate business and technical requirements to design scalable, secure, and compliant PAM architectures tailored to enterprise environments.
  • Conduct health checks of existing BeyondTrust implementations and deliver actionable recommendations for improvements.
  1. Governance and Best Practices
  • Establish PAM policies, processes, and governance frameworks aligned with industry best practices and regulatory compliance requirements (e.g., NIST, ISO 27001, SOX).
  • Develop and maintain privilege escalation frameworks, access control models, and auditing/logging mechanisms to strengthen security posture.
  • Define and enforce least privilege access policies and secure workflows across enterprise endpoints, applications, and infrastructure.
  1. Stakeholder Collaboration and Enablement
  • Act as a trusted advisor to stakeholders, providing insights into BeyondTrust capabilities and ensuring alignment with organizational security objectives.
  • Collaborate with IT/Security, IAM, DevOps, and compliance teams to integrate BeyondTrust solutions into broader security ecosystems, including SIEM, ITSM, AD/IAM, and ticketing systems.
  • Design and deliver targeted training sessions to end-users and administrators, creating a champions network to foster sustainable adoption.
  1. Operational Excellence and Incident Resolution
  • Oversee day-to-day operations of BeyondTrust solutions, ensuring uptime, functionality, and adherence to performance SLAs.
  • Provide advanced troubleshooting and incident response support for privileged access issues, performance challenges, and vulnerabilities.
  • Optimize auditing and reporting capabilities within BeyondTrust tools to deliver actionable insights for compliance and threat remediation.
  1. Advanced Integrations and Automation
  • Integrate BeyondTrust with other enterprise security solutions, including Active Directory (AD), Identity Governance and Administration (IGA) platforms, and Security Operations Center (SOC) processes.
  • Develop and deploy automation scripts and API-based solutions to streamline operations, reduce manual overhead, and enhance scalability.
  • Lead efforts to embed PAM functionalities into DevSecOps workflows and cloud environments, ensuring seamless support of hybrid architectures.

Qualifications

Required Qualifications

  • Proven expertise in deploying, managing, and optimizing BeyondTrust products, including Password Safe, Privilege Management for Endpoints, and Remote Support.
  • Minimum of 5+ years of experience with Privileged Access Management (PAM) solutions in enterprise-scale environments.
  • Strong understanding of IAM frameworks (e.g., Active Directory, LDAP) and integration of PAM solutions with enterprise security ecosystems.
  • Technical proficiency with enterprise operating systems (Windows, Linux, Unix) and cloud platforms (AWS, Azure, Google Cloud).
  • Hands-on experience with automation and scripting (e.g., PowerShell, Python) and leveraging APIs for tool integrations.
  • Strong knowledge of security best practices (e.g., least privilege, role-based access control, credential vaulting, session recording).
  • Familiarity with regulatory and audit compliance requirements such as NIST, ISO 27001, SOX, HIPAA, or GDPR.
  • Excellent troubleshooting and problem-solving skills in sensitive or complex security environments.

Preferred Qualifications

  • Experience integrating BeyondTrust solutions into ITSM (e.g., ServiceNow, Remedy) or SIEM (e.g., Splunk, Sentinel) environments.
  • Practical knowledge of DevSecOps workflows and embedding PAM tools into CI/CD pipelines.
  • Certification in BeyondTrust or relevant areas (e.g., BeyondTrust Certified Engineer, CISSP, CISM, CEH).
  • Exposure to complementary IAM ecosystems such as SailPoint, CyberArk, or Okta.

 

Other Duties: Please note this job description is not designed to cover or contain a comprehensive list of activities, duties or responsibilities that are required of the employee for this job.  Duties, responsibilities, and activities may change at any time with or without notice.

 

Cayuse is an Equal Opportunity Employer.  All employment decisions are based on merit, qualifications, skills, and abilities. All qualified applicants will receive consideration for employment in accordance with any applicable federal, state, or local law.

Pay Range

USD $70.00 - USD $75.00 /Hr.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.