PAM (Privileged Access Management) Senior CyberArk Engineer

PAM (Privileged Access Management) Senior CyberArk Engineer

Country: United States of America

It Starts Here:

Santander is a global leader and innovator in the financial services industry and is evolving from a high-impact brand into a technology-driven organization. Our people are at the heart of this journey and together, we are driving a customer-centric transformation that values bold thinking, innovation, and the courage to challenge what's possible. This is more than a strategic shift. It's a chance for driven professionals to grow, learn, and make a real difference.

If you are interested in exploring the possibilities We Want to Talk to You!

The Difference You Make:
The Senior CyberArk Engineer is responsible for architecting, deploying, and maintaining privileged access security solutions using the CyberArk suite. This role ensures the protection of critical systems, credentials, and privileged accounts while aligning with security best practices and regulatory requirements. The ideal candidate possesses deep hands-on expertise with CyberArk Privileged Access Security (PAS), strong security engineering skills, and experience operating in large, complex environments.

CyberArk Engineering & Administration:

Design, deploy, configure, and maintain the full on-premises CyberArk Privileged Access Security (PAS) suite, including:

• Enterprise Password Vault (EPV)
• Privileged Session Manager (PSM)
• Privileged Session Manager for SSH (PSM-SSH)
• Central Policy Manager (CPM)
• Privileged Threat Analytics (PTA)

• Implement and maintain CyberArk safes, platforms, policies, and connectors.
• Integrate CyberArk with enterprise systems, including LDAP/AD, and SIEM ticketing systems, and cloud platforms (AWS, Azure, Google Cloud Platform).
• Build and maintain custom connectors and plugins for applications and infrastructure.

Security Architecture & Governance:

• Develop and enforce privileged access policies and best practices.
• Conduct threat modeling and ensure PAM alignment with regulatory frameworks (SOX, GLBA, NYDFS , etc.).
• Review privileged access workflows and recommend improvements to strengthen security posture.

Automation & Continuous Improvement:

• Automate onboarding of privileged accounts, systems, and applications using REST APIs, PowerShell, Python, or similar tools.
• Tune CPM/PSM performance, optimize vault operations, and improve automated credential rotation processes.
• Implement continuous monitoring, alerting, and reporting mechanisms.

Operations & Support:

• Serve as a subject matter expert (SME) for CyberArk-related issues across infrastructure, development, and security teams.
• Troubleshoot complex vaulting, credential, and session management issues.
• Perform CyberArk upgrades, patching, health checks, and system hardening.
• Participate in on-call rotations and provide escalation-level support.

Collaboration & Training:

• Work closely with IAM, security operations, risk, and compliance stakeholders.
• Provide guidance and mentorship to junior engineers.
• Develop documentation, runbooks, and best practice guides.

What You Bring:
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Bachelor's Degree or equivalent work experience: Computer Science/Software Engineering or equivalent field. - Required.

• 5+ years of experience in Information Security or Identity and Access Management.- Required
• 5+ years of hands-on on-premises CyberArk engineering experience.-Required
• Strong understanding of privileged access management principles.-Required

• Proficiency with:
• PowerShell, Python, or equivalent scripting languages.
• Windows and Linux administration.
• Active Directory, LDAP, MFA integrations.
• Networking basics (firewalls, proxies, DNS).

• Experience supporting large-scale, high-availability PAM environments.
• Threat and vulnerability management related to privileged access
• Background in regulated industries (finance, healthcare, government).
• Strong analytical, problem-solving, and debugging skills.
• Excellent communication and documentation abilities.
• Ability to lead complex projects with minimal supervision.
• High attention to detail and commitment to security best practices.

Certifications:

• CyberArk Defender, Sentry, or Guardian certifications.-Preferred

It Would Be Nice For You To Have:

• Established work history or equivalent demonstrated through a combination of work experience, training, military service, or education.
• Experience in Microsoft Office products.

What Else You Need To Know:

The base pay range for this position is posted below and represents the annualized salary range. For hourly positions (non-exempt), the annual range is based on a 40-hour work week. The exact compensation may vary based on skills, experience, training, licensure and certifications and location.

Base Pay Range:

Minimum:

$101,250.00 USD

Maximum:

$180,000.00 USD

We Value Your Impact:

Your contribution matters and it's recognized. You can expect a fair and competitive rewards package that reflects the impact you create and the value you deliver. We know rewards go beyond numbers. Offering more than just a paycheck our benefits are designed to support you, your family and your well-being, now and into the future. Santander Benefits - 2025 Santander OnGoing/NH eGuide (foleon.com)

Risk Culture:

We embrace a strong risk culture and all of our professionals at all levels are expected to take a proactive and responsible approach toward risk management.

EEO Statement:

At Santander, we value and respect differences in our workforce. We actively encourage everyone to apply. Santander is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, genetics, disability, age, veteran status or any other characteristic protected by law.

Working Conditions:

Frequent minimal physical effort such as sitting, standing and walking is required for this role. Depending on location, occasional moving and lifting light equipment and/or furniture may be required.

Employer Rights:

This job description does not list all of the job duties of the job. You may be asked by your supervisors or managers to perform other duties. You may be evaluated in part based upon your performance of the tasks listed in this job description. The employer has the right to revise this job description at any time. This job description is not a contract for employment and either you or the employer may terminate your employment at any time for any reason.

What To Do Next :

If this sounds like a role you are interested in, then please apply.

We are committed to providing an inclusive and accessible application process for all candidates. If you require any assistance or accommodation due to a disability or any other reason, please contact us at to discuss your needs.