Senior CyberArk Engineer

Job Summary:

The Senior CyberArk Engineer will be responsible for designing, deploying, and maintaining the privileged access management framework, infrastructure, and operations for Project. The role involves automating processes, integrating PAM solutions with existing systems, and ensuring compliance with security policies. The candidate will work closely with security, IT, and audit teams to enforce governance and control over privileged access.

Key Responsibilities:

1. Design & Implementation of PAM Solutions

• Lead the end-to-end design, deployment, and management of the privileged access management framework.

• Implement CyberArk solutions, including Enterprise Password Vault (EPV), Privileged Session Manager (PSM), Privileged Threat Analytics (PTA), and Application Identity Manager (AIM).

• Ensure seamless integration of PAM solutions with various enterprise systems, including Active Directory, databases, and cloud platforms.

2. Automation & Integration

• Develop and implement automation strategies to improve the efficiency of privileged access management operations.

• Integrate CyberArk with other security and IT management tools via APIs to enable seamless workflow automation.

• Design and implement straight-through processing solutions to minimize manual intervention and enhance security.

3. Operations & Support

• Provide ongoing operations support for privileged access management, ensuring system stability, performance, and security.

• Develop real-time dashboards and management reports to monitor PAM activities, using tools like Grafana and PowerShell scripting.

• Maintain continuous compliance monitoring to detect unauthorized access and ensure adherence to security policies.

4. Compliance, Audit & Governance

• Respond to internal and external audit queries, providing detailed reports on privileged access governance.

• Maintain accurate documentation of privileged access controls, policies, and operational procedures.

• Analyse audit findings, identify risks, and implement corrective actions to close compliance gaps.

5. Incident Management & Remediation

• Investigate and remediate CyberArk failed objects, ensuring all privileged accounts meet security and compliance requirements.

• Troubleshoot and resolve issues related to privileged access, working closely with security and infrastructure teams.

• Proactively identify and mitigate risks associated with privileged accounts.

Required Skills & Experience:

1. CyberArk Expertise

• Minimum 4 years of hands-on experience in deploying, configuring, and managing CyberArk components.

• Strong expertise in integrating CyberArk solutions with other enterprise security tools via APIs.

• CyberArk certifications (e.g., CyberArk Defender, CyberArk Sentry) are preferred.

2. Technical Proficiency

• Strong PowerShell scripting and SQL skills to develop automated reports and data-driven insights.

• Experience with Grafana for creating real-time monitoring dashboards.

• Proficiency in managing operating systems such as Windows, Unix/Linux, and databases like MSSQL and MariaDB.

3. Security & Compliance Knowledge

• In-depth understanding of privileged access management principles, risk management, and security best practices.

• Experience working in a banking or financial services environment, ensuring compliance with industry standards (e.g., MAS, PCI-DSS, ISO 27001).

• Familiarity with audit processes, governance frameworks, and regulatory requirements.

4. Problem-Solving & Communication Skills

• Strong analytical skills to troubleshoot and resolve security and infrastructure issues.

• Ability to collaborate with cross-functional teams, including IT security, infrastructure, compliance, and audit teams.

• Excellent written and verbal communication skills to document and present findings effectively.

Educational & Professional Qualifications:

• Bachelor’s degree in computer science, Information Systems, Engineering, or a related field.

• Relevant industry certifications such as CyberArk Defender, CyberArk Sentry, CISSP, CISM, or CISA is advantageous.