CyberArk PAM Operations Engineer

About The Position

Requirements

• 3+ years of hands‑on CyberArk PAM administration experience in an enterprise environment
• Experience with Windows Server, Linux/Unix, Active Directory, and LDAP
• Strong understanding of firewalls, load balancers, DNS, and TLS/SSL certificates
• Ability to write functional scripts in PowerShell, Bash, or Python
• Security+ or equivalent security certification
• US Citizen (dual citizens accepted)
• Active Secret Clearance

Nice To Haves

• CyberArk Defender or Sentry certification
• Strong verbal and written communication skills for guiding users and documenting procedures
• Analytical mindset with strong troubleshooting skills for complex multi‑tier environments

Responsibilities

• Monitor daily system health for Vault, PVWA, CPM, PSM, and PTA components
• Execute routine patching, software upgrades, and backup verification
• Manage Safe structures, user permissions, and Master Policy configurations
• Maintain platform documentation, operational runbooks, and disaster recovery procedures
• Onboard privileged accounts for operating systems, databases, network devices, and cloud environments
• Configure platform policies and password rotation rules to ensure compliance
• Integrate applications with CyberArk Secrets Manager or Application Identity Manager (AIM)
• Automate operational tasks using PowerShell, Python, or CyberArk REST APIs
• Resolve Tier 2/3 incidents related to credential rotation failures and connection issues
• Support end‑users with access requests, dual‑control workflows, and technical troubleshooting
• Audit privileged sessions and investigate anomalous activities with the SOC
• Enforce least‑privilege principles across all corporate technical teams

Benefits

• hands‑on experience
• certifications
• industry training