Role Summary
The CyberArk EPM Engineer is responsible for designing, implementing, and managing least-privilege access controls on endpoints across enterprise environments. This role focuses on application control, privilege elevation, endpoint hardening, and threat reduction, while ensuring business continuity and regulatory compliance in cloud and hybrid environments. This role also requires experience as a CrowdStrike admin.
Key Responsibilities
CyberArk EPM Administration
- Deploy, configure, and maintain CyberArk Endpoint Privilege Manager (EPM) in cloud and hybrid environments
- Manage EPM policies, application groups, sets, and rules to enforce least-privilege access
- Handle application onboarding (browsers, Office apps, Citrix, development tools, PowerShell, CMD, installers, etc.)
Handle CrowdStrike Admin platform for configuring, onboarding and troubleshooting.
Policy & Privilege Management
- Design Just-In-Time (JIT) and time-bound elevation policies
- Implement parentchild process control, command-line restrictions, and file reputationbased rules
- Troubleshoot blocked applications and failed elevation requests using EPM logs and audit trails
Identity & Access Integration
- Integrate CyberArk EPM with Microsoft Entra ID (Azure AD) for user and group-based policy enforcement
- Map Entra ID groups to EPM policy rules for role-based privilege access
- Support SSO-based elevation workflows where applicable
Monitoring, Logging & Integrations
- Integrate CyberArk EPM with SIEM/SOAR platforms such as Microsoft Sentinel, Splunk, or QRadar
- Analyze elevation events, blocked executions, and anomaly patterns
- Generate weekly/monthly reports on policy usage, elevation trends, and security posture
Required Skills & Experience
- Technical Skills
- Strong hands-on experience with CyberArk Endpoint Privilege Manager (EPM)
- In-depth understanding of:
- Windows process execution & parent-child relationships
- PowerShell, CMD, MSI/EXE installers
- File reputation, hash, certificate, and path-based controls.
- Experience with Microsoft Entra ID (Azure AD) integration
- Working knowledge of Windows OS internals and endpoint security controls.
Security & Tools
- Familiarity with SIEM tools (Microsoft Sentinel, Splunk, etc.)
- Experience with Defender for Endpoint is a plus., CrowdStrike
- Understanding of least privilege, endpoint hardening, and zero-trust principles
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
