Privileged Access Management Engineer

We are looking for a Privileged Access Management (PAM) Senior Engineer to lead the implementation, enterprise-wide rollout, and ongoing operational support of CyberArk solutions, including:

• Endpoint Privilege Management (EPM)
• Privilege Threat Analytics (PTA)
• Privileged Access Management (PAM) This role plays a critical part in enhancing our security posture by designing, deploying, and maintaining robust access control frameworks across the organization.

Responsibilities:

• Develop scripts and workflows using Ansible or similar orchestration frameworks
• Configure, develop, and maintain automation scripts/tools for EPM policy management
• Gather requirements, create implementation plans, and execute EPM rollouts to new devices/users
• Perform unit testing, coordinate integration and performance testing, manage upgrades and patching for EPM agents
• Enable PTA policies and rules, integrating with Splunk, Active Directory, and other enterprise threat sensors
• Build request, monitoring, reporting, and alerting workflows for EPM/PTA via ServiceNow
• Resolve incidents and fulfill service requests related to access, configurations, and artifacts
• Create and maintain documentation, conduct training, and define SOPs for EPM and PTA use cases
• Support deployment, configuration, and management of EPM solutions for endpoint devices in hybrid (on-prem/cloud) environments

Skills Required:

• 5+ years of hands-on experience with PAM/EPM solutions (CyberArk, BeyondTrust)
• Experience with requirements gathering, solution design, engineering, and operational support
• Familiarity with DevOps/Agile frameworks
• Strong OS fundamentals across Windows and Mac systems (Linux is a plus)
• Extensive scripting experience in Python, Bash, PowerShell
• Experience using automation tools (e.g., Ansible, SCCM) to manage endpoint privileges
• Working knowledge of enterprise-level incident and change management processes
• Experience with monitoring and troubleshooting tools (e.g., Sysmon, SIEMs)
• Excellent verbal and written communication skills

Must-Have Skills:

• Hands-on scripting experience:
• Python and Ansible (required)
• Bash and PowerShell (nice to have)
• Proven ability to work as an individual contributor:
• Develop solution approaches, vet with senior team members, and execute independently
• In-depth experience with the CyberArk Suite:
• Automate tasks, build workflows, and interpret/clarify requirements autonomously Nice-to-Have Skills:
• Prior experience working on enterprise-scale initiatives
• Understanding of change management, troubleshooting, and monitoring best practices
• English - Native or bilingual proficiency

Additional information

Must be able to work in Montreal.