Remote PAM/CyberArk Engineer
Role details
Job location
Tech stack
Job description
We are seeking a CyberArk Engineer to support and enhance Privileged Access Management (PAM) solutions. The role involves hands-on work with core CyberArk components, integrations with identity systems, directories, and security tools, as well as onboarding and managing privileged accounts across on-prem and cloud environments. The engineer will also support access reviews, automation, reporting, and documentation while collaborating with security and infrastructure teams.
Lead end-to-end CyberArk application onboarding, from intake through production deployment
Onboard and manage privileged accounts and application identities within CyberArk PAM
Work directly with application teams to gather requirements and translate them into onboarding activities
Configure and support CyberArk components to meet application and security needs
Troubleshoot and resolve onboarding issues in real time
Ensure onboarding efforts align with enterprise security standards and timelines
Requirements
Strong hands-on experience with CyberArk PAM, specifically application onboarding
Proven ability to deliver end-to-end onboarding, not just design or advisory work
Experience working with US-based teams and stakeholders
Ability to operate independently in a remote environment
Strong communication skills to work across security, infrastructure, and application teams
Hands-on with Core-PAS CyberArk components (EPV, DR EPV, HA EPV, PVWA, PSM, PSMP, CPM).
Hands-on with Advanced Modules (AAM - CP, AAM - CCP)
Hands-on with Connection components creation using Auto-IT for Web applications & thick clients
Knowledge about PAM Access Reviews
Knowledge about Identity modules (Eg: Sailpoint, ISIM)
Knowledge about Access Modules (Eg: Azure SSO, ISAM)
Knowledge about Active Directories (Microsoft AD, Azure AD)
Hands-on with SIEM, SNMP, SMTP, SAML, LDAPS integrations with CyberArk
Creation of Project Documentation (HLD, DTD, SoP, KEDB, etc.,)
Knowledge about CyberArk REST API's
Knowledge about DNA Scans
Hands-on with Device types - Windows, *Nix, Network, Database, SAP, Web applications, Tier 0&1 accounts, Domain Controllers, Azure.
Knowledge about PAS Reporter & Export Vault Data Preferred - CyberArk Sentry/ Defender
Entra ID PIM knowledge
Experience onboarding multiple applications concurrently
Prior experience in large enterprise environments