Senior Cybersecurity Technologist

TravelersHartford, CT
$126,500 - $208,700Onsite

About The Position

At Travelers, our Cybersecurity Engineering teams are responsible for the overall implementation and management of strategic platforms that provide oversight, process management, protection and enablement of security control processes and allow for an effective Cybersecurity practice. As a Cybersecurity Engineer II, you will provide subject matter expertise and consultation on complex cybersecurity platforms to ensure correct installation, configuration, and maintenance. You will consult with business partners on any changes and/or enhancements and will effectively communicate potential operational impacts. Leveraging your technical expertise on strategic platforms, you will troubleshoot complex issues that may be escalated and provide guidance and coaching to team members.

Requirements

  • Bachelor’s degree in Computer Science, similar degree, or its equivalent in work experience.
  • 4 years of experience in Information Technology Security Engineering or Software engineering.

Nice To Haves

  • Hands-on experience operating self-hosted (on-premises) CyberArk PAM in a production enterprise environment.
  • Strong working knowledge of the full CyberArk component set: Vault, PVWA, CPM, PSM/PSMP, and familiarity with PTA, Conjur, or CyberArk's SaaS offerings.
  • Experience developing custom connection components and CPM plugins for non-standard platforms.
  • Proficiency with the CyberArk REST API and scripting in PowerShell (Python a plus) to automate operational tasks.
  • Solid command of Windows Server and Active Directory, with working knowledge of Linux/Unix privileged access models.
  • Practical understanding of authentication protocols and PKI concepts (LDAP, SAML, Kerberos, certificates) as they relate to PAM.
  • Understanding of just-in-time and zero-standing-privilege access models, and how to move a program from static, always-on credentials toward ephemeral access.
  • Working knowledge of password-less and certificate-based authentication concepts, and how they apply to privileged access.
  • Experience integrating PAM with the surrounding identity and operations ecosystem IdP/SSO (Entra ID, Okta), ITSM (ServiceNow), SIEM, and secrets consumers via API.
  • Experience evaluating, piloting, or integrating new capabilities into an existing PAM program — able to weigh build-vs-buy tradeoffs and plan phased rollouts.
  • A track record of leading upgrades, migrations, or resilience improvements in a self-hosted deployment.
  • CyberArk certifications (Defender, Sentry, or Guardian).
  • Exposure to hybrid and cloud privileged access patterns (AWS, Azure).
  • Experience supporting privileged access in a regulated industry.

Responsibilities

  • Own the architecture, deployment, and lifecycle of self-hosted CyberArk components, including the Password Vault Web Access (PVWA), Central Policy Manager (CPM), and Privileged Session Manager (PSM/PSMP).
  • Maintain platform configurations, safe structures, access policies, and master policy settings that align with least-privilege and separation-of-duties principles.
  • Onboard privileged accounts and secrets across Windows, Linux/Unix, databases, network devices, and cloud platforms, developing custom CPM plugins and connectors where out-of-the-box support falls short.
  • Lead vault resilience efforts, including disaster recovery, high-availability configuration, backup validation, and version upgrades with minimal disruption.
  • Build automation for onboarding, reconciliation, reporting, and health monitoring using the CyberArk REST API, PowerShell, and related tooling.
  • Troubleshoot complex issues across the PAM stack, from connection component failures and PSM recordings to CPM rotation errors and vault performance tuning.
  • Document standards and runbooks and contribute to the technical maturity of the broader team.
  • Help advance our privileged access roadmap toward password-less and modern authentication by reducing reliance on static credentials through ephemeral, certificate-based, and just-in-time access models, and tighter integration with our broader identity platform.

Benefits

  • Health Insurance
  • 401(k) matching
  • Pension Plan
  • Paid Time Off
  • Paid company Holidays
  • Wellness Program
  • Matching Gift and Volunteer Rewards program
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service