Senior IAM Engineer

Security Benefit-posted 25 days ago
Full-time • Senior
Hybrid • Topeka, KS
501-1,000 employees
Securities, Commodity Contracts, and Other Financial Investments and Related Activities
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The Senior IAM Engineer will lead the design, implementation, and optimization of CyberArk Privileged Access Management (PAM) solutions, serving as the primary subject matter expert for CyberArk across the organization. This role requires advanced technical skills in CyberArk architecture, deployment, and operations, as well as a strong understanding of identity governance, access management, and security best practices. The Senior IAM Engineer position reports to the Manager, Identity and Security Operations and can be based out of our home office in Topeka, Kansas, our Overland Park, Kansas office or remotely for the right candidate. We work a hybrid schedule, offering flexibility to work both remotely and on-site.

  • CyberArk Architecture & Implementation: Design, architect, and deploy enterprise-grade CyberArk Privileged Access Management (PAM) solutions that align with organizational security and compliance objectives.
  • Identity & Access Architecture Leadership: Lead the technical design and implementation of broader Identity and Access Management (IAM) solutions across the enterprise, ensuring scalability, automation, and alignment with business and security requirements.
  • Scripting & Automation: Develop and maintain automation scripts (e.g., PowerShell, Python, REST APIs) to enhance provisioning, access control, and system monitoring processes.
  • Security Engineering & Hardening: Implement secure configurations, patch management, and least privilege models across CyberArk components and integrated systems. Perform security baseline and hardening in line with industry (NIST, CIS) benchmarks.
  • Threat Detection & Response: Collaborate with Security Operations to monitor privileged accounts for anomalies or abuse, participate in incident investigations, and contribute to response for security events.
  • Integration Leadership: Lead integrations between CyberArk and enterprise identity, authentication solutions (e.g., Azure AD/Entra ID, Okta, AWS IAM).
  • Governance & Compliance: Ensure PAM and IAM controls meet regulatory and audit requirements (NIST, SOX, NYDFS). Maintain thorough documentation and evidence for audits.
  • Stakeholder Collaboration: Work closely with infrastructure, application, and audit teams to translate privileged access requirements into secure, scalable designs.
  • Mentorship & Continuous Improvement: Provide technical mentorship, promote security best practices, and contribute to the evolution of enterprise IAM standards and security posture.
  • CyberArk Privilege Cloud & ISPSS Expertise: 8+ years proven experience implementing, configuring, and managing CyberArk Privilege Cloud and Identity Security Platform Shared Services (ISPSS) in enterprise environments. Deep understanding of secure design, onboarding, policy configuration, and lifecycle management in cloud-native deployments.
  • Architecture & Design: Strong background in designing scalable and secure CyberArk Privilege Cloud architectures that integrate with hybrid identity environments (on-prem, AWS, Azure).
  • Identity & Access Management: Broad understanding of IAM principles including authentication, authorization, SSO, MFA, and directory services (Active Directory, Azure AD, Okta).
  • Scripting & Automation: Proficiency in scripting languages such as PowerShell, Python, or REST APIs to automate PAM operations, onboarding, and integrations across CyberArk and related systems.
  • Integration Experience: Demonstrated success integrating CyberArk Privilege Cloud with enterprise platforms such as IDPs (Entra ID, Okta), ITSM (Jira Service Management, ServiceNow), and identity governance solutions (SailPoint).
  • Compliance & governance: Knowledge of regulatory and security frameworks such as NIST, CIS, SOX, and NYDFS, with the ability to map PAM controls to compliance requirements.
  • Cloud & Infrastructure Security: Experience managing privileged access and secrets in AWS and Azure environments, leveraging CyberArk's cloud connectors and ISPSS services.
  • Automation & DevOps Integration: Proficiency integrating PAM solutions into CI/CD pipelines, cloud-native platforms, and DevOps workflows.
  • Governance, Monitoring & Continuous Improvement: Familiarity with automating access reviews, integrating PAM telemetry into SIEM platforms (InsightIDR, Sentinel), and driving ongoing security posture enhancements.
  • Certifications: CyberArk Guardian, CyberArk Sentry, CyberArk Defender, CISSP, GIAC Certifications, or similar credentials.
  • Competitive salary and annual incentive bonuses to reward your contributions.
  • 33 days of paid time off (including PTO, holidays, Volunteer Day, and days of significance).
  • Paid parental leave after 90 days of service.
  • Comprehensive medical, dental & vision insurance.
  • 401(k) with company match, plus Profit Sharing & Savings Plan.
  • Short- and Long-Term Disability Insurance to give you peace of mind.
  • Flexible Spending Accounts for medical and dependent care.
  • Life Insurance to protect your loved ones.
  • Educational assistance to support your career development.
  • Associate assistance programs for your personal and professional well-being.
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Senior Engineering Manager Resume Examples
Senior Engineering Manager Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service