CyberArk PAM Engineer
Role details
Job location
Tech stack
Job description
a. CyberArk Vault & Module Installation: Install, configure, and harden core CyberArk components including Enterprise Password Vault (EPV), Central Policy Manager (CPM), Privileged Session Manager (PSM), and Privileged Web Access (PVWA). b. CyberArk Privilege Cloud Migration: Orchestrate deployments of CyberArk Privilege Cloud (P Cloud), including configuring local connectors (CPM/PSM) and managing secure cloud-to-on-prem communication, We are a growing Cybersecurity VAR and Systems Integrator specializing in Privileged Access Management (PAM), Identity and Access Management (IAM), Cloud Infrastructure Entitlement Management (CIEM), and GRC services. We are an active member of the Decentralized Identity Foundation (DIF). We are looking for a CyberArk Implementation Engineer (Professional Services) to meet high growth demands., We are seeking a highly skilled CyberArk Implementation Engineer to join our Professional Services Delivery Team. In this role, the CyberArk PAM Engineer will act as the primary technical CyberArk PAM technical implementation expert for our enterprise clients and partners. Post sale, the CyberArk PAM Engineer will step in to own the end to end deployment lifecycle of CyberArk PAM, including translating high-level PAM and Security architectural designs into fully realized, production-ready CyberArk environments., CyberArk Deployment & Integration:
- Architecture Validation: Review client infrastructures, cloud environments, network topologies, and Active Directory structures to validate deployment plans prior to CyberArk PAM installation.
- CyberArk Vault & Module Installation: Install, configure, and harden core CyberArk components including Enterprise Password Vault (EPV), Central Policy Manager (CPM), Privileged Session Manager (PSM), and Privileged Web Access (PVWA).
- CyberArk Privilege Cloud Migration: Orchestrate deployments of CyberArk Privilege Cloud (P Cloud), including configuring local connectors (CPM/PSM) and managing secure cloud-to-on-prem communication.
- Onboarding & Configuration: Create platform policies, configure safe structures, configure automated password rotation rules, and onboard target privileged accounts (Windows, Unix/Linux, Databases, Network Devices).
- Machine Security Integration: Configure CyberArk Secrets Manager / Application Access Manager (AAM) to secure hardcoded credentials across client applications, CI/CD pipelines, and RPA tools.
Consultative Delivery & Partner Enablement
- Kickoff & Requirements Gathering: Guide client stakeholders through discovery sessions to map out scoping, domain controller integrations, and security policies.
- UAT & Testing: Lead User Acceptance Testing (UAT), documenting system performance, troubleshooting session broker failures, and ensuring seamless failover capabilities.
- Handover & Enablement: Deliver detailed "as-built" documentation and conduct interactive training handovers to client IT administrators for day-to-day operations.
Requirements
Looking Consultant for the Remote CyberArk PAM Engineer C2C Contract opportunity I have available. If you have any Sr. Level Expert CyberArk PAM Engineers that have recent and extensive experience performing end to end full life cycle CyberArk PAM implementations, please review the job description/requirements below and reply with, * Must have 5+ years of hands-on experience designing, deploying, implementing and configuring CyberArk PAM suites in mid-to-enterprise environments.
- Strong technical literacy in Active Directory, LDAP, Group Policy (GPOs), Kerberos, and overall Windows/Linux enterprise security administration.
- Solid understanding of firewall rules, load balancers, IIS, TLS certificates, and network security protocols.
- The following are only a Plus; NOT Mandatory: CyberArk IAM, CyberArk EPM, CyberArk SSO and MFA, Saviynt PAM, BeyondTrust, Okta PAM, writing scripts (PowerShell, Bash) or using REST APIs to automate account onboarding or customize CyberArk connection components, prior experience working for a Value-Added Reseller (VAR), System Integrator (SI), or Professional Services organization delivering external client-facing projects, any CyberArk Certifications: CyberArk Certified Delivery Engineer (CDE) or Certified Defender/Sentry status. Again, these are only a Plus, NOT Mandatory.
Benefits & conditions
- Best C2C rate (negotiable, market rate, etc. is NOT acceptable).