ECMA - CyberArk PAM Operations Engineer
Open Systems Technologies Corporation · Fort Belvoir, VA · 1 mo ago
On-siteEngineeringFull-time
Key Responsibilities
- Monitor system health daily for Vault, PVWA, CPM, PSM, and PTA components.
- Execute routine patching, software upgrades, and backup verifications across all PAM infrastructure.
- Manage Safe structures, user permissions, and Master Policy configurations.
- Maintain platform documentation, operational runbooks, and disaster recovery procedures.
- Onboard privileged accounts for operating systems, databases, network devices, and cloud environments.
- Configure platform policies and password rotation rules to meet compliance standards.
- Integrate applications with CyberArk Secrets Manager or Application Identity Manager (AIM).
- Automate operational tasks using PowerShell, Python, or CyberArk REST APIs.
- Resolve Tier 2/3 incidents related to credential rotation failures and connection issues.
- Support end-users with daily access requests, dual-control workflows, and technical troubleshooting.
- Audit privileged sessions and investigate anomalous activities alongside the SOC team.
- Enforce least-privilege principles across all corporate technical teams.
Requirements
- US Citizen (Dual Citizens accepted if they have an active clearance)
- Active Secret Clearance Required
- Possession of Security+ or equivalent
- Technical Expertise: 3+ years of hands-on CyberArk PAM administration in an enterprise setting.
- Infrastructure: Deep understanding of Windows Server, Linux/Unix, Active Directory, and LDAP.
- Networking: Solid grasp of firewalls, load balancers, DNS, and TLS/SSL certificates.
- Automation: Proven ability to write functional scripts in PowerShell, Bash, or Python.
- Certifications: CyberArk Defender or Sentry certification is highly desirable.
- Communication: Clear verbal and written skills to guide users through security protocols.
- Analytical Mindset: Strong troubleshooting skills for complex, multi-tier software environments.
Qualifications
- Deep understanding of Windows Server, Linux/Unix, Active Directory, and LDAP.
- Solid grasp of firewalls, load balancers, DNS, and TLS/SSL certificates.
- Proven ability to write functional scripts in PowerShell, Bash, or Python.
- Certifications: CyberArk Defender or Sentry certification is highly desirable.
- Clear verbal and written skills to guide users through security protocols.
- Strong troubleshooting skills for complex, multi-tier software environments.
Benefits
- 3 weeks paid time off
- 11 Federal Holidays
- medical/dental coverage
- STD, LTD, Life Insurance, AD&D
- 401k with up to 4% match
- end-of-year profit sharing