Privileged Access Management (PAM) Engineer – CyberArk Specialist | Cross-Border Banking and Markets Leader

Job Description

Company: Techfellow Limited

Location: Woodbridge Township, US

[Up to c. $150k Base Salary + Discretionary Bonus | Hybrid Working]

Role Overview

We’re supporting a global financial institution as it continues to build out its internal identity security engineering capability. This position sits within a small, high-impact core PAM engineering team and forms part of a broader strategy to reduce reliance on external consultants and bring critical expertise in-house. This is a deeply hands-on engineering role focused on Privileged Access Management, with CyberArk at the centre.
You’ll take ownership of day-to-day platform engineering, onboarding, and optimisation, while contributing to the long-term stability and scalability of the PAM environment. The role is well-suited to someone who enjoys operating at a practical level while having the opportunity to influence how the platform evolves over time…

Key Responsibilities

• Deliver hands-on engineering across the CyberArk platform, ensuring it is secure, stable, and operating effectively

• Configure, maintain, and optimise core CyberArk components, including vault performance and platform reliability

• Bring new applications, systems, and service accounts into the PAM environment, ensuring secure onboarding and minimal operational disruption

• Enhance and refine credential lifecycle processes, including rotation, reconciliation, and exception handling

• Improve platform performance through vault tuning, configuration adjustments, and ongoing optimisation work

• Build scripts and automation to support reporting, onboarding, and operational efficiency across the PAM estate

• Investigate and resolve platform issues, identifying root causes and implementing long-term fixes

• Integrate CyberArk with surrounding systems such as directory services, IAM tooling, and service management platforms

• Support audit and control processes, including evidence generation and interaction with audit stakeholders

• Collaborate with engineering, security, and application teams to gather requirements and deliver PAM solutions

• Contribute to platform enhancements, including exploration of automation-led improvements (e.g. AI-assisted operational workflows)

• Act as a go-to technical specialist for privileged access management within the organisation

What You’ll Bring…

• 6-10 years’ experience in IAM, security engineering, or infrastructure security roles

• Strong recent focus on CyberArk, with at least 3-5 years of hands-on, day-to-day platform ownership

• Proven experience delivering end-to-end CyberArk engineering, including onboarding, configuration, and optimisation

• Experience integrating CyberArk with enterprise systems such as Active Directory, IAM tools, or ITSM platforms

• Deep understanding of privileged account lifecycle management across enterprise environments

• Experience improving vault performance, stability, and operational reliability

• Practical experience building automation (e.g. scripting for reporting, onboarding, or platform operations)

• Strong familiarity with Windows, Linux/Unix, and service-based account environments

• Understanding of control frameworks and ability to support audit and compliance processes

• Strong troubleshooting capability, with a focus on root-cause resolution rather than surface fixes

• Confident communicator, able to engage both technical teams and senior stakeholders

• (Preferred) Experience with additional PAM or secrets management solutions

• (Preferred) Exposure to cloud-based access controls (AWS, Azure, GCP)

…

Source: BeBee