CyberArk / PAM Engineer [REMOTE]

About The Position

Requirements

• Bachelor's Degree and 4 years work experience or equivalent experience
• 4+ years of experience with IT, including identity access management, privileged access management, and/or security-related behavior monitoring.
• 2+ years of hands-on experience supporting on-premises CyberArk PAM
• Working knowledge of Linux operating systems and SSH-based access
• In-depth knowledge of the various CyberArk architecture components (Vault/EPV, DR Vault, PVWA, PSM, CPM).
• Experience with CyberArk Rest API and credential provider (CCP/CP) components.
• Experience with troubleshooting issues with Vault, PVWA, CPM, and PSM component servers (including gathering various CyberArk logs, diagnosing firewall or network-related issues, etc.).
• Experience working with large teams to understand requirements and translate them into CyberArk safes, platforms, etc.
• Knowledge of the following areas: Active Directory/LDAP management, PKI, MFA, Identity Governance, SSO.
• Strong analytical and problem-solving skills, ability to learn new concepts quickly.
• Self-motivated with excellent interpersonal skills, strong work ethic, highly effective communicator, excellent organizational skills

Nice To Haves

• 2+ years of experience with COTS Identity Access Management tools (e.g. Micro Focus Identity Applications, SailPoint)
• Experience with CyberArk Endpoint Privilege Manager (EPM) for Linux and/or Windows
• Experience using ServiceNow for incident/change/request workflows
• Experience with SIEM tool, preferably Splunk.
• Experience with technical writing to create process documents, training, and formal documentation for compliance/audits.
• Experience with Visio to create workflows, architecture drawings, etc.
• Knowledge of scripting and/or programming languages including PowerShell, JavaScript, and/or Python.
• Experience developing or customizing PSM and CPM plugins
• AutoIT experience for PSM plugin development
• Knowledge of compliance regulations including, but not limited to, CMMC and FedRAMP
• CyberArk Defender, Sentry, and/or CISSP certification

Responsibilities

• Support and administer CyberArk PAM components including EPV, CPM, and PSM/PSM-SSH
• Onboard and maintain privileged accounts for Windows, Linux, service accounts, and applications
• Support CyberArk vault operations, including clustered vault configurations, health monitoring, and troubleshooting
• Assist with platform upgrades, patching, and operational testing activities
• Provide Tier-2 / Tier-3 support for PAM-related incidents and requests
• Support CyberArk EPM for Linux
• Support audits and compliance activities by producing required evidence and documentation

Benefits

• At BAE Systems, we support our employees in all aspects of their life, including their health and financial well-being.
• Regular employees scheduled to work 20+ hours per week are offered: health, dental, and vision insurance; health savings accounts; a 401(k) savings plan; disability coverage; and life and accident insurance.
• We also have an employee assistance program, a legal plan, and other perks including discounts on things like home, auto, and pet insurance.
• Our leave programs include paid time off, paid holidays, as well as other types of leave, including paid parental, military, bereavement, and any applicable federal and state sick leave.
• Employees may participate in the company recognition program to receive monetary or non-monetary recognition awards.
• Other incentives may be available based on position level and/or job specifics.