Windows System Administrator
About The Position
Overview: We are seeking a skilled Security Engineer to support a strategic initiative aimed at reducing privileged‑access risk. This role combines technical remediation and business analysis, leveraging CyberArk, Windows/Active Directory, and privileged‑access governance to execute end-to-end removal of local administrator accounts. The Security Engineer will lead account discovery, remediation, and stakeholder coordination to enhance security posture and ensure compliance readiness. The ideal candidate will eliminate local admin accounts, onboard functional and JIT accounts into CyberArk, document ownership and dependencies, and deliver executive‑level reporting that demonstrates measurable risk reduction. • 1200 accounts within multiple servers at the client's that need to be remediated, equal amount of coordination multiple stakeholders for local admin provides, understanding the functionally of the servers, coming up with some CyberArk and provisioning privilege and admin privileges • 50/50 security and systems, working with stakeholders needed and back and forth communication, working on one domain but maybe other domain at a later time
Requirements
- 7+ years of experience working in Active Directory Management, AD Replication, GPO, trusts, DNS and DHCP
- Strong knowledge of Windows Server administration, Active Directory, and local admin privilege management
- Understanding of CyberArk products or other Security tools
- Hands‑on experience with CyberArk Privileged Access Security (onboarding, vaulting, JIT/ZOA policy configuration).
- 7+ years in writing advanced, efficient, and well-structured PowerShell , Python or shell scripts
- Hands‑on experience with CyberArk Privileged Access Security (onboarding, vaulting, JIT/ZOA policy configuration).
- Strong knowledge of Windows Server administration, Active Directory, and local admin privilege management
- Demonstrated ability to perform business analysis, including gathering requirements, validating account dependencies, and documenting access justification.
- Excellent troubleshooting skills with strong communication and documentation abilities.
- Familiarity with compliance frameworks such as SOX and audit readiness requirements.
Nice To Haves
- CyberArk certification (Defender, Sentry, or Guardian).
- Microsoft/Cloud certifications
- M365 administration
- Experience supporting large-scale IAM/PAM remediation initiatives.
- Background in security operations, Infrastructure security, or security architecture.
- Strong knowledge of networking fundamentals (TCP/IP, DNS, VPN, firewalls) and operating systems
Responsibilities
- Account discovery
- Remediation
- Stakeholder coordination
- Eliminate local admin accounts
- Onboard functional and JIT accounts into CyberArk
- Document ownership and dependencies
- Deliver executive‑level reporting that demonstrates measurable risk reduction
Benefits
- Medical, dental & vision
- Critical Illness, Accident, and Hospital
- 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available
- Life Insurance (Voluntary Life & AD&D for the employee and dependents)
- Short and long-term disability
- Health Spending Account (HSA)
- Transportation benefits
- Employee Assistance Program
- Time Off/Leave (PTO, Vacation or Sick Leave)
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Career Level
Mid Level
Education Level
No Education Listed
Number of Employees
5,001-10,000 employees
