Inclusion without Exception

Tata Consultancy Services (TCS) is an equal opportunity employer, and embraces diversity in race, nationality, ethnicity, gender, age, physical ability, neurodiversity, and sexual orientation, to create a workforce that reflects the societies we operate in. Our continued commitment to Culture and Diversity is reflected in our people stories across our workforce and implemented through equitable workplace policies and processes.

Tata Consultancy Services (BSE: 532540, NSE: TCS) is the technology partner of choice for industry-leading organizations worldwide. Since its inception in 1968, TCS has upheld the highest standards of innovation, engineering excellence and customer service. It has set an aspiration to become the world's largest AI-led technology services company and is enabling its clients to transform themselves across the full AI stack, from infrastructure to intelligence.

Rooted in the heritage of the Tata Group, TCS is focused on creating long term value for its clients, its investors, its employees, and the community at large. With a highly skilled workforce spread across 56 countries and 194 service delivery centers across the world, the company has been recognized as a top employer in six continents. With the ability to rapidly apply and scale new technologies, the company has built long term partnerships with its clients. Many of these relationships have endured into decades and navigated every technology cycle, from mainframes in the 1970s to artificial intelligence today.

Job Description:-

Role Overview

The Privileged Access Engineer (PAM) with AI Capabilities is responsible for securing privileged access across enterprise systems by implementing advanced PAM solutions while leveraging Artificial Intelligence (AI) and Machine Learning (ML) to enhance threat detection, automation, and decision-making. This role blends cybersecurity engineering with AI-driven analytics to proactively identify risks, automate privileged access controls, and enable adaptive security frameworks.

Key Responsibilities:-

1. PAM Engineering & Implementation Design, implement, and manage PAM solutions: CyberArk, BeyondTrust, Delinea, HashiCorp Vault Configure: Privileged account onboarding and lifecycle management Password vaulting, rotation, and credential management Privileged Session Management (PSM) Implement Just-In-Time (JIT) and Just-Enough-Access (JEA) models
2. AI-Driven Security & Automation Develop and integrate AI/ML models to: Detect anomalous privileged access behavior Identify insider threats and suspicious activity Predict and prevent access misuse Use AI for: Behavioral analytics (UEBA – User & Entity Behavior Analytics) Risk-based authentication and access decisions Implement intelligent automation for: Privileged account onboarding/offboarding Access approvals and policy enforcement
3. Advanced Monitoring & Threat Detection Leverage AI-enabled SIEM tools (e.g., Splunk, Microsoft Sentinel) for: Real-time monitoring of privileged sessions Automated alert prioritization Implement: Session recording and playback AI-driven anomaly detection and alert tuning Support incident response and forensic investigations
4. Integration & Data Engineering Integrate PAM with: IAM systems (Entra ID, Okta, SailPoint) Security tools (SIEM, SOAR, EDR/XDR) Cloud platforms (AWS, Azure, GCP) Work with: APIs, REST services, JSON Data pipelines for feeding security analytics platforms Build AI-ready datasets from logs and access activity
5. Governance, Risk & Compliance Enforce: Least privilege access Zero Trust principles Support compliance with: SOX, GDPR, PCI-DSS, ISO 27001 Generate AI-assisted compliance reports and audit insights Contribute to policy definition and governance frameworks
6. Automation & DevSecOps Develop scripts and automation workflows using: Python, PowerShell, Bash Integrate PAM into: CI/CD pipelines (DevSecOps) Implement AI-assisted remediation workflows using SOAR tools
7. Collaboration & Innovation Partner with: Security operations (SOC) teams Data science / AI teams IAM architects and cloud engineers Evaluate emerging AI-driven security tools Drive innovation in Intelligent Identity Security and Autonomous Access Management

Thank you for your interest in TCS. Candidates that meet the qualifications for this position will be contacted within a 2-week period. We invite you to continue to apply for other opportunities that match your profile.