We are looking for an experienced CyberArk Privileged Access Management (PAM) Associate Director to design, implement, and manage enterprise-grade PAM solutions using CyberArk. This role will provide end-to-end support (L3), ensuring the security, governance, and compliance of privileged accounts across on-premises and cloud environments, including CyberArk Secure Cloud Access (SCA).
The ideal candidate will have deep technical expertise in CyberArk components, strong troubleshooting skills, and experience integrating PAM with enterprise security ecosystems.
Key Responsibilities
Implementation & Configuration
Deploy and configure CyberArk components: EPV, PVWA, CPM, PSM, PSMP, AAM, PTA, and Secure Cloud Access (SCA).
Design and implement PAM policies including least privilege, just-in-time access, and session monitoring.
Support & Troubleshooting (L1–L3)
L1: Monitor CyberArk services, respond to s, and handle basic user requests.
L2: Perform advanced troubleshooting, resolve integration issues, and manage credential rotation failures.
L3: Lead root cause analysis, resolve complex incidents, and provide expert-level support for CyberArk infrastructure.
Administration & Maintenance
Perform health checks, patching, and upgrades of CyberArk infrastructure.
Manage vaulting, credential rotation, and session management.
Integration & Automation
Integrate CyberArk with IAM, SIEM, ITSM, and cloud platforms (AWS, Azure, GCP).
Implement and manage Secure Cloud Access for privileged sessions in cloud environments.
Develop automation scripts using PowerShell, Python, and REST APIs.
Security & Compliance
Conduct risk assessments, audits, and ensure compliance with SOX, HIPAA, PCI, NIST, ISO 27001.
Generate detailed access reports and support regulatory audits.
Documentation & Training
Create technical documentation, playbooks, and deliver training to internal teams.
Required Qualifications
Experience:
10+ years in Information Security, with 5+ years in PAM.
Hands-on experience with CyberArk PAS Suite (EPV, PVWA, CPM, PSM, PTA) and Secure Cloud Access (SCA).
Technical Skills:
Strong knowledge of Active Directory, LDAP, RDP/SSH, Windows/Unix systems.
Familiarity with cloud environments (AWS, Azure, GCP).
Scripting skills: PowerShell, Python, Bash.
Certifications:
CyberArk Defender (PAM-DEF) and Sentry (PAM-SEN) required; Guardian or CDE preferred.
Preferred Qualifications
Experience with DevOps tools, CI/CD pipelines, and containerized environments.
Exposure to BeyondTrust or other PAM solutions.
Knowledge of custom connectors/plugins and RESTful API integrations.
