Senior CyberArk (IAM) Engineer

Title: CyberArk (IAM) Engineer
Pay: $60/hr- $65/hr on W2 (DOE)
Contract role
Location: Remote
Start Date: ASAP

Senior CyberArk (IAM) Engineer

Position Overview:
The Senior CyberArk (IAM) Engineer will lead the implementation, administration, and optimization of CyberArk Privileged Access Management (PAM) solutions and IAM systems across enterprise environments. This role is essential for maintaining security, compliance, and operational efficiency in unregulated, government-regulated, and cloud-based environments. The Engineer will collaborate with cross-functional teams, provide expert guidance on IAM and PAM practices, and ensure secure management of identities, accounts, and privileged access.
The Senior CyberArk (IAM) Engineer will provide global support and troubleshooting for CyberArk, Active Directory services, EntraID services, related AD management tools and cloud single sign-on integrations.


Key Responsibilities
CyberArk Privileged Access Management

• Design, deploy, and maintain CyberArk solutions, including Enterprise Password Vault (EPV), Privileged Session Manager (PSM), Central Policy Manager (CPM) and other CyberArk components.
• Design, deploy, and maintain CyberArk Connectors (e.g., PSM, PSMP, SIA, SWS).
• Develop privileged access policies, procedures, and standards aligned with industry best practices and regulatory compliance (e.g., CMMC, PCI-DSS, HIPAA).
• Monitor, audit, and optimize CyberArk configurations and policies to mitigate security risks.
• Integrate CyberArk with identity providers (e.g., Active Directory, Azure AD, LDAP) and other IT infrastructure.
• Automate PAM processes using scripting languages like PowerShell or Python.
• Lead incident response activities for privileged access abuse or unauthorized access attempts.

• Support and enhance IAM tools and services, focusing on secure user privileges, credential management, and access control.
• Configure and optimize identity systems, including Active Directory, Azure AD, LDAP, PKI, and SSO/2FA solutions.
• Lead IAM-related projects, including domain consolidations, decommissioning, and cloud migrations.
• Develop processes for IAM governance, compliance, and reporting.
• Define and implement workflows for user provisioning, deprovisioning, and role management.
• Troubleshoot and resolve IAM and PAM-related issues.

• Collaborate with IT, security, and compliance teams to design and implement IAM and PAM strategies.
• Act as a subject matter expert on CyberArk and IAM technologies, providing training and mentorship to team members.
• Ensure alignment of IAM solutions with organizational security and compliance requirements.
• Represent the IAM function during audits, assessments, and stakeholder discussions.

• Bachelor's degree in Computer Science, Information Systems, or related field (or equivalent experience).
• Active CyberArk Defender and Sentry certifications required are a plus.
• Additional certifications (e.g., Microsoft, AWS, Azure, CISSP) are a plus.

• 10+ years of IT experience with a focus on IAM and security solutions.
• 5+ years of experience with CyberArk PAM implementations and management.
• Proven expertise in Active Directory, Azure AD, LDAP, PKI, SSO, and 2FA systems.
• Hands-on experience with scripting (PowerShell, Python, Java or other) for automation and system integration.
• Familiarity with ITAR/GOV-controlled environments and compliance frameworks (e.g., NIST, SOX, GDPR).

• Deep understanding of privileged access management principles, including least privilege enforcement and session monitoring.
• Strong knowledge of Active Directory services, group policies, DNS, and certificate services.
• Proficiency in integrating IAM tools with cloud environments (e.g., AWS, Azure).
• Excellent troubleshooting, analytical thinking, and communication skills.
• Ability to define and drive projects from concept to completion, ensuring alignment with deadlines.

• This position requires U.S. citizenship and mandates that work is performed within the United States.
• Flexible work options, including remote, hybrid, or on-site arrangements.
• Occasional after-hours support and on-call responsibilities for critical systems.
• Limited domestic travel may be required.

This position offers the opportunity to lead critical security initiatives and influence the design and delivery of IAM and PAM solutions in a dynamic and collaborative environment.

Pride Global offers eligible employee's comprehensive healthcare coverage (medical, dental, and vision plans), supplemental coverage (accident insurance, critical illness insurance and hospital indemnity), 401(k)-retirement savings, life & disability insurance, an employee assistance program, legal support, auto, home insurance, pet insurance and employee discounts with preferred vendors.