Mid-Level CyberArk Engineer

About The Position

Requirements

• Good background of Systems (Windows/Linux) and networking in IT and DevOps experience will be helpful in addition to IAM/PAM.
• CyberArk products support experience including troubleshooting (analyzing debug logs) password management/CPM, PSM/PSMP secure connection, credential providers
• Windows AD/LDAP experience, Cloud experience (AWS/Azure/GCP), SIEM/logging, monitoring
• Working knowledge of RESTAPI and PowerShell scripting
• Working with Audit and controls teams and meet compliance requirements
• Monitoring and logging/SIEM - Elastic, Reporting/Metrics
• Performs day-to-day activities required to assist and identify technology solutions that meet enterprise requirements. Maps functional requirements into technological requirements and identifies technologies that meet the technological requirements. Conducts proof of concept, pilots and demos for the purpose of evaluating the suitability of given technologies for meeting requirements. Evaluates the tradeoffs between competing solutions and develops quantitative driven analysis of alternatives. Produces written analysis of research and recommendation papers that clearly describe the process followed, alternatives considered, evaluation criteria and rationale for recommendation and need for additional work.
• Bachelor’s Degree preferred with IT/Cybersecurity experience in the IAM/PAM
• Must have a minimum of 5 years of related experience providing business solutions engineering support, to include architectural design, engineering design, proof of concept development, pilots, analysis, results, and documentation.
• CyberArk Sentry Certification Required: Current Certified CyberArk Sentry credential, affirming their expertise in managing and safeguarding privileged accounts within the CyberArk platform.
• CyberArk Implementation Experience: One year of experience in designing and implementing integrated lifecycle management processes for CyberArk within an organization comparable in scale to the Department of Transportation (DOT), demonstrating a capability to support complex cybersecurity environments.
• Server Administration Expertise: Three years of server administration experience is required, with specific proficiency in managing Windows Server 2019 and Red Hat Enterprise Linux (RHEL) 8 environments. This experience should highlight a strong foundational knowledge in operating systems, indicating the candidate's ability to maintain and optimize server infrastructure for reliability and performance.
• Candidate must be a U.S. citizen or green card holder who has resided in the U.S. for at least 3 years and the ability to obtain a public trust

Nice To Haves

• Proficiency in CyberArk and SailPoint Integration: Demonstrated proficiency in seamlessly integrating CyberArk with SailPoint, showcasing the ability to unify privileged access management with comprehensive identity governance solutions, enhancing organizational security posture.
• Comprehensive Active Directory Knowledge: Extensive experience with Active Directory, encompassing both front-end aspects such as account management and Group Policy, as well as back-end complexities including AD Schema, Public Key Infrastructure (PKI), and automation via PowerShell. This depth of knowledge ensures a robust and secure identity and access management framework.
• Database Management Competence: Solid understanding of database management principles, specifically with SQL Server 2019. This includes proficiency in backups, indexing, integrity checks, installation, configuration, managing ports and protocols, creating maintenance plans, and effective troubleshooting. Additionally, skilled in data modeling and schema, with the ability to interpret and navigate Entity Relationship Diagrams, underscoring a well-rounded database administration skill set.
• CyberArk Configuration Expertise: Proven capability in configuring CyberArk to ensure secure collaboration with a diverse array of systems and devices, including networks, iDRAC interfaces, applications, cloud services, storage solutions, servers, and appliances, guaranteeing the integrity and security of privileged access across the IT ecosystem.

Responsibilities

• Assisting with the management of roles and safes
• Helping deploy software updates
• Contributing to the preparation of reports that highlight the performance and security of the PAM tool
• Identifying and mitigating security vulnerabilities
• Providing essential support for on-call troubleshooting and remediation efforts related to the PAM solution
• Supporting annual disaster recovery testing
• Aiding in documenting recovery and contingency plans
• Assisting with operating system patching on vault appliances
• Ensuring that the PAM solution not only meets but exceeds security requirements
• Following DOT’s Change Management processes
• Contributing to the enhancement of reporting capabilities in line with DHS CISA requirements