CyberArk Engineer

Job ID: 2502830

Location: WASHINGTON, DC, US

Date Posted: 2025-03-04

Category: Cyber

Subcategory: Cyber Engineer

Schedule: Full-time

Shift: Day Job

Travel: No

Minimum Clearance Required: None

Clearance Level Must Be Able to Obtain: Public Trust

Potential for Remote Work: Yes

Description

SAIC is seeking a CyberArk Engineer to join our dynamic team in supporting a critical U.S. government agency in the National Capital Region. This role presents an exciting opportunity to manage, maintain, and enhance Privileged Access Management (PAM) solutions, ensuring secure privileged account control and compliance with industry best practices. The selected candidate will play a vital role in supporting CyberArk infrastructure, performing system upgrades, troubleshooting security issues, and implementing automation strategies.

The ideal candidate will have hands-on experience managing CyberArk components, including Privileged Session Manager (PSM), Central Policy Manager (CPM), Password Vault Web Access (PVWA), and Vault administration. This role will focus on configuring and maintaining CyberArk environments, troubleshooting replication and access issues, integrating CyberArk with SIEM solutions, and supporting security audits. The CyberArk Engineer will collaborate with IT security teams, compliance analysts, and system administrators to strengthen the organization's privileged access security posture.

Responsibilities:

• Administer, maintain, and optimize CyberArk Privileged Access Management (PAM) solutions, including Privileged Session Manager (PSM), Central Policy Manager (CPM), Password Vault Web Access (PVWA), and Vault.
• Plan and execute Continuity of Operations (COOP) and Disaster Recovery (DR) exercises to ensure system resilience.
• Develop automated workflows and integrations to enhance privileged account security, using scripting tools such as PowerShell, AutoIt, or Python.
• Troubleshoot and resolve replication issues, session failures, storage constraints, and performance bottlenecks within the CyberArk environment.
• Integrate CyberArk with SIEM platforms (Splunk, QRadar, etc.) for real-time monitoring, audit reporting, and enhanced security visibility.
• Analyze and optimize storage utilization for privileged session recordings and vault data, ensuring compliance with retention policies.
• Develop, execute, and maintain technical documentation, standard operating procedures (SOPs), and work instructions for CyberArk management.
• Support internal and external security audits by generating privileged access reports and implementing policy-driven controls.
• Provide technical expertise, mentorship, and troubleshooting support to internal IT teams regarding privileged access best practices.

Qualifications

Requirements:

• Bachelor's degree in Computer Science, Information Security, or a related field plus five (5) years of IAM experience, or eight (8) years of relevant work experience.
• Three to five (3-5) years of hands-on experience managing CyberArk PAM solutions.
• Strong knowledge of privileged access security principles, session monitoring, and access controls.
• Proficiency in Windows and Linux administration, with experience scripting in PowerShell, Python, or AutoIt.
• Hands-on experience troubleshooting CyberArk replication, storage, and authentication issues.
• Experience integrating CyberArk with SIEM platforms and configuring log forwarding mechanisms.
• Strong understanding of compliance frameworks such as NIST, ISO 27001, SOX, HIPAA, or FISMA.
• Ability to document work instructions, change management procedures, and privileged access policies.
• Must be able to communicate effectively, both verbally and in writing, and work independently with minimal supervision.
• Proficiency in Microsoft Word, PowerPoint, and SharePoint for documentation and reporting.

Preferred Qualifications:

• Experience with CyberArk cloud deployments (Azure, AWS, Google Cloud Platform).
• Knowledge of Active Directory, LDAP, and federated authentication protocols (SAML/OAuth).
• Industry certifications such as CyberArk Defender, CyberArk Sentry, or CISSP.
• Experience with SailPoint IdentityIQ, particularly in identity lifecycle management, access certification processes, and automated provisioning.
• Understanding of role-based access control (RBAC) models and their integration with IAM solutions.
• Familiarity with SailPoint IdentityIQ integrations with Active Directory, LDAP, and HR systems.
• Basic scripting knowledge in BeanShell or Java for SailPoint automation workflows.

Clearance Requirement:

• All candidates must be eligible to obtain a U.S. Public Trust Clearance.

**This hybrid role requires a minimum of three on-site days per week in Washington, DC.**

Target salary range: $120,001 - $160,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.

SAIC accepts applications on an ongoing basis and there is no deadline.

Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.