Roles & Responsibilities
Job Description - CyberArk Engineer
Position Overview
We are seeking an experienced CyberArk Engineer to manage and enhance our Privileged Access Management (PAM) capabilities. The role will focus on administering the CyberArk platform, onboarding accounts, enforcing security policies, and ensuring compliance with regulatory standards. The ideal candidate will have strong hands-on experience in CyberArk administration, privileged access security, and integration with enterprise and cloud environments.
Key Responsibilities
CyberArk Administration
- Administer and maintain the CyberArk PAM platform, including Vault, PVWA, CPM, and PSM.
- Onboard privileged accounts, applications, SSH keys, and machine identities.
- Configure password rotation, credential vaulting, and policy enforcement.
- Manage connectors and plugins for enterprise integrations.
- Perform upgrades, patching, and ongoing maintenance.
Privileged Access Security
Implement least privilege principles for admin, service, and application accounts.Enforce Just-in-Time (JIT) access for privileged accounts.Monitor privileged sessions using PSM and review recordings for anomalies.Integrate CyberArk with SIEM / SOAR platforms to support threat detection and response.Collaborate with SOC to investigate and remediate privileged account misuse.Governance, Risk & Compliance
Ensure PAM policies align with MAS TRM, PCI-DSS, ISO 27001, and NIST CSF standards.Support audit reporting and privileged access reviews.Participate in risk assessments and remediation planning.Maintain up-to-date documentation, SOPs, and PAM playbooks.Continuous Improvement & Integration
Collaborate with IAM and security architecture teams to align PAM with enterprise IAM roadmap.Integrate CyberArk with cloud platforms (AWS, Azure, GCP) and DevOps pipelines.Explore CyberArk advanced modules such as Conjur, Alero, and Endpoint Privilege Manager.Automate onboarding and account lifecycle tasks via APIs, Python, or PowerShell scripting.Key Performance Indicators (KPIs)
% of privileged accounts onboarded and vaulted.SLA adherence for account onboarding and password rotation.% reduction in unmonitored privileged sessions.Compliance audit success rate.MTTR (Mean Time to Remediate) privileged account incidents.Automation coverage (manual vs automated onboarding).Education & Experience
Education : Diploma / Bachelor’s degree in Information Technology, Cybersecurity, or related field.Experience : 3–6 years of professional experience in CyberArk administration and Privileged Access Management.Mandatory Skills :
CyberArk PAM (Vault, PVWA, CPM, PSM)Privileged Access Management principles and enforcementScripting (Python / PowerShell) for automationGood to Have :
Experience with cloud PAM integration (AWS, Azure, GCP)Familiarity with advanced CyberArk modules (Alero, Conjur, EPM)Knowledge of security and compliance standards (PCI-DSS, MAS TRM, ISO 27001, NIST CSF)Tell employers what skills you have
Security Architecture
Remediation
Pipelines
CCNP
Powershell
ISO
Enforcement
Scripting
Administration
Information Technology
ISO 27001
Compliance
Routers
VPN
Firewalls