Job Description
About the Role:
We are seeking an experienced
Lead System Engineer with deep hands-on expertise in
CyberArk PAM and integrations with enterprise IT systems. This role requires designing, configuring, and managing end-to-end privileged access lifecycle, along with automation, troubleshooting, and cross-functional collaboration across DevOps and cloud teams. Experience in SailPoint IdentityNow and Okta is a nice to have.
Primary Responsibilities: 1. Core PAM (CyberArk) Responsibilities:
- Manage and maintain CyberArk components:
- PVWA, PSM, CPM, PTA
- Configure and administer vaults, safes, and privileged account policies.
- Automate password rotation, onboarding, and privileged session workflows.
- Handle account discovery vs. onboarding and conduct mass onboarding.
- Configure, audit, and troubleshoot PSM sessions, access issues, and rotation failures.
- Implement and enforce CyberArk security policies, manage compliance audits.
2. DevOps & Automation Integration:
- Integrate CyberArk with Jenkins, Ansible, and Terraform for secrets automation.
- Use PowerShell, REST API (PSPas), or custom scripts for CyberArk task automation.
- Leverage Conjur Cloud to secure secrets in CI/CD pipelines.
- Align CyberArk management in Infrastructure-as-Code environments.
3. Support & Monitoring:
- Provide L2/L3 support for CyberArk vault issues, session failures, and access errors.
- Monitor and audit privileged activity; generate compliance-ready reports.
- Own remediation of high-risk vulnerabilities, patching, and hardening practices.
Nice to Have: Technical Environment:
- CyberArk Core PAM (PVWA, PSM, CPM, PTA)
- PowerShell, REST API (PSPas), Python (optional)
- Jenkins, Ansible, Terraform (DevOps tools)
- Active Directory, LDAP
- AWS (basic exposure)
- SailPoint IdentityNow, Okta (basic to intermediate experience)
- ITSM tools: ServiceNow – Incident, Change, and Sprint management
Qualifications
Any Degree
Range Of Year Experience-Min Year
8
Range Of Year Experience-Max Year
11
