CyberArk PAM Engineer

Job Description

Company: Nova Web Technologies

Location: Remote
Employment Type: Full-Time / Contract
Experience Level: 8+ Years

Position Overview:

We are seeking an experienced CyberArk PAM Engineer to lead the implementation, administration, and support of enterprise Privileged Access Management (PAM) solutions. The ideal candidate will have extensive hands-on experience with CyberArk Privileged Access Security (PAS), including greenfield deployments, integrations, upgrades, operational support, and automation.

This role requires expertise in designing, deploying, and maintaining highly available CyberArk environments while ensuring security best practices, compliance requirements, and operational excellence.

Key Responsibilities:

CyberArk Implementation & Deployment

• Lead end-to-end CyberArk greenfield implementations from initial design through production deployment.

• Install, configure, and support CyberArk components including:

• Primary Vault

• Privileged Vault Web Access (PVWA)

• Central Policy Manager (CPM)

• Privileged Session Manager (PSM)

• Privileged Session Manager for SSH (PSMP)

• Disaster Recovery (DR) Vault

• On-Demand Privileges Manager (OPM/EPM)

• Configure CyberArk environments across development, testing, staging, and production environments.

• Perform CyberArk upgrades, patching, migrations, and platform onboarding activities.

CyberArk Administration & Operations

• Manage day-to-day CyberArk administration activities.

• Configure and maintain:

• Safes

• Platforms

• User Policies

• Privileged Accounts

• User Access Management

• Password Rotation Policies

• Session Monitoring Policies

• Support privileged account onboarding and lifecycle management.

• Perform health checks and ongoing maintenance of CyberArk infrastructure.

Integrations & Automation

• Integrate CyberArk with enterprise systems including:

• LDAP / Active Directory

• Okta

• PKI Infrastructure

• SMTP

• RADIUS

• Multi-Factor Authentication (MFA) Solutions

• Develop and implement automation solutions using:

• AutoIT

• PowerShell

• REST APIs

• CyberArk APIs

• Automate operational and administrative PAM activities.

Monitoring & Troubleshooting

• Analyze CyberArk system logs, application logs, and network logs to identify and resolve issues.

• Troubleshoot CPM, PSM, PSMP, Vault, and PVWA-related incidents.

• Maintain platform stability, availability, and performance.

• Act as an escalation point for CyberArk-related issues.

• Coordinate with CyberArk support and third-party vendors for issue resolution.

• Conduct root cause analysis and implement preventive measures.

Security & Compliance

• Ensure PAM solutions align with enterprise security policies and compliance requirements.

• Support security audits and compliance initiatives.

• Monitor privileged access activities and security events.

• Participate in vulnerability remediation and security hardening activities.

Architecture & Design

• Design highly available and scalable CyberArk PAM architectures.

• Implement disaster recovery and business continuity strategies.

• Support enterprise-wide PAM adoption and expansion initiatives.

• Recommend security improvements and PAM best practices.

Required Qualifications:

Experience

• 5+ years of hands-on CyberArk PAM experience.

• Experience leading CyberArk greenfield implementations.

• Experience supporting large-scale enterprise PAM environments.

• Strong troubleshooting and operational support experience.

Technical Skills

• Strong expertise with:

• CyberArk PAS

• Vault

• PVWA

• CPM

• PSM

• PSMP

• DR Vault

• OPM/EPM

• Discovery & Audit (DNA)

• Experience integrating CyberArk with:

• Active Directory

• LDAP

• Okta

• PKI

• SMTP

• RADIUS

• Strong knowledge of:

• Windows Server Administration

• Linux/Unix Administration

• Networking Concepts

• Security Architecture

• Identity and Access Management (IAM)

• Experience with scripting and automation using:

• PowerShell

• AutoIT

• REST APIs

Core Competencies

• Strong analytical and problem-solving skills.

• Ability to work independently and manage multiple priorities.

• Excellent verbal and written communication skills.

• Strong customer and stakeholder management experience.

• Ability to operate in a 24×7 support environment when required.

Preferred Qualifications:

• Experience with BeyondTrust Privileged Remote Access (PRA) and Privileged Password Safe (PS).

• Experience with HashiCorp Vault administration and integration.Knowledge of cloud PAM solutions (AWS, Azure, GCP).

• Experience with DevSecOps and secrets management.CyberArk certifications such as:

• CyberArk Defender

• CyberArk Sentry

• CyberArk Guardian

• CyberArk CDE

• Familiarity with SIEM platforms such as:

• Splunk

• QRadar

• Sentinel

Nice to Have:

• Experience in financial services, healthcare, government, or highly regulated industries.

• Knowledge of Zero Trust Security frameworks.

• Experience implementing privileged access governance programs.

• Exposure to cloud-native secrets management and container security.

Source: Indeed