CyberArk Engineer

The Sr. CyberArk Architect/SME will be responsible for the design, implementation, and optimization of CyberArk privileged Access Management (PAM) solutions. This role requires deep technical expertise in CyberArk Core PAS, EPM, CPM, PSM, and Conjur or SaaS offerings, as well as a strong understanding of privileged identity management, access governance, and cybersecurity best practices. The CyberArk SME will work closely with cross-functional teams to design secure and scalable PAM solutions that support the organization's security and compliance goals.
Responsibilities

• Solution Architecture Design and implement end-to-end CyberArk PAM solutions including Core PAS, CPM, PSM, EPM, and related components; and lead architecture discussions and ensure scalable, secure designs.
• Implementation & Configuration Manage installation, configuration, hardening, and customization of CyberArk platforms; and define and enforce credential vaulting, session monitoring and least privilege access policies.
• Stakeholder Engagement Work with business and IT teams to gather requirements and translate them into CyberArk solutions that align with organizational risk management strategies.
• Privileged Access Governance Define and manage workflows for privileged access requests, onboarding/offboarding, periodic access reviews, and access certifications.
• Integration Expertise Integrate CyberArk with enterprise tools including Active Directory, SIEM, ticketing systems (e.g., ServiceNow), Cloud platforms (e.g., AWS, Azure), and third-party applications.
• Security & Compliance Ensure CyberArk environments comply with regulatory frameworks (SOX, HIPAA, PCI-DSS, GDPR, etc.); and maintain audit readiness and enforce access control policies.
• Automation & Optimization Identify opportunities to automate privileged account lifecycle management and streamline PAM operations using REST APIs, scripts, and integrations.
• Mentorship & Leadership Provide guidance and mentorship to junior engineers and drive PAM-related best practices across engineering and security teams.
• Troubleshooting & Support Lead resolution of complex CyberArk issues, performance-tuning, and operational maintenance of PAM systems.
• Documentation Maintain up-to-date documentation of CyberArk configurations, architecture, procedures, and integrations for operational continuity.
• Continuous Improvement Stay current with CyberArk product updates, threat trends, and emerging technologies to improve the PAM program continually.

Requirements

• 7+ years of experience in Identity & Access Management (IAM) with 5+ years of hands-on CyberArk implementation and operations.
• Technical Expertise In-depth knowledge of CyberArk components including Core PAS, CPM, PSM, EPM, PTA, and/or Conjur; strong scripting ability in PowerShell, Python, or REST APIs.
• Enterprise Integration Proven experience integrating CyberArk with AD, Cloud environments (Azure, AWS), ServiceNow, SIEM, and DevOps pipelines.
• IAM Best Practices Solid understanding of privileged access control principles (e.g., least privilege, zero trust, RBAC), credential rotation, session recording, and vaulting.
• Security & Compliance Knowledge of regulatory and compliance mandates and how PAM plays a role in enforcing those controls.