IAM CyberArk Engineer

IAM CyberArk Engineer

Posted: 06/18/2025

Job Type: Permanent

Industry: Cybersecurity

eStreetSecurity is partnering with a globally leading Investment Management firm in their search for a skilled CyberArk Security Engineer. This role is a key addition to their expanding Identity and Access Management (IAM) team, with a significant focus on Privileged Access Management (PAM). This position is part of a global IAM Engineering group, primarily headquartered in St. Petersburg, FL. We’re looking for candidates who bring solid, hands-on experience with CyberArk and a genuine passion for contributing to a maturing PAM program.

Location & Compensation:

• Location: St. Petersburg, FL; Denver, CO; Memphis, TN; Southfield, MI. Remote work will be considered for exceptionally strong candidates.
• Salary: $125,000 – $140,000 base salary range.

What You’ll Be Doing:

As a CyberArk Security Engineer focusing on IAM and PAM, your responsibilities will include:

• PAM Solution Management: Deploying and managing Privileged Access Management solutions, ensuring optimal security configurations and continuous performance monitoring.
• Security Trend Analysis: Staying current with external security trends and thoroughly evaluating their relevance and potential impact on the organization’s security posture.
• Documentation & Training: Producing and maintaining high-quality documentation for technical procedures and user guidance, promoting clear understanding and consistent practices.
• Continuous Improvement: Proactively participating in relevant training, pursuing certifications, and actively engaging in knowledge-sharing to support the continuous improvement of the PAM program.
• Stakeholder Collaboration: Collaborating effectively with various stakeholders to gather and precisely define business requirements related to identity and access.
• CyberArk Module Expertise: Operating across key CyberArk modules such as EPV (Enterprise Password Vault), PSM (Privileged Session Manager), CPM (Central Policy Manager), and others. This includes providing expertise in the onboarding, offboarding, and comprehensive account lifecycle management within CyberArk.
• Process Development: Developing and meticulously documenting PAM-related processes, creating standardized templates, and establishing clear usage guidelines for the organization.
• Service Delivery Support: Establishing efficient workflows and integrating with ticketing processes to streamline PAM service delivery and issue resolution.
• Reporting & Metrics: Providing essential operational metrics and detailed reporting on PAM activities to demonstrate program effectiveness and identify areas for enhancement.
• Continuous Control Monitoring: Implementing Continuous Control Monitoring mechanisms to uphold and enforce security best practices across all PAM initiatives.
• On-Call Rotation: Participating in a rotating on-call schedule, which may involve working non-standard hours as needed to ensure continuous support.

What’s Needed:

We’re seeking a candidate with a strong foundation and practical experience:

• CyberArk Experience: 3+ years of hands-on experience specifically with CyberArk and Privileged Access Management (PAM) solutions.
• IT Security Principles: A strong understanding of core IT security principles applicable across both Windows and Linux environments.
• Independent & Leadership Capabilities: Proficiency in working independently, taking initiative, and offering technical leadership when required.
• Project Lifecycle Experience: Proven experience in requirement gathering, process mapping, and comprehensive systems testing within an IT security context.
• Compliance & Risk Knowledge: Familiarity with IT compliance frameworks, risk management methodologies, and business continuity standards.
• Problem-Solving: Demonstrated problem-solving skills and the ability to effectively troubleshoot complex technical issues in a timely manner.

Technical Knowledge:

• CyberArk & Ticketing Systems: Expertise with various CyberArk components and experience with ticketing systems (ServiceNow preferred).
• Active Directory: A strong grasp of Microsoft Active Directory architecture.
• Preferred CyberArk Experience: Experience with CyberArk Privileged Cloud (preferred) and CyberArk Secrets Management / Conjur (preferred).
• Monitoring Tools: Familiarity with Splunk (preferred).
• Scripting Proficiency: Proficiency in scripting languages such as PowerShell, Python, or Java.
• OS Understanding: A solid understanding of Windows and Linux server and workstation operating systems.

Certifications:

• CyberArk Defender certification required.

Work Schedule:

This position includes participation in a rotating on-call schedule and may require working outside traditional business hours to ensure continuous operational support.