Jobs · Engineering · Virginia

ECMA - CyberArk PAM Operations Engineer

Open Systems Technologies Corporation · Fort Belvoir, VA · 1 mo ago
On-siteEngineeringFull-time

Key Responsibilities

  • Monitor system health daily for Vault, PVWA, CPM, PSM, and PTA components.
  • Execute routine patching, software upgrades, and backup verifications across all PAM infrastructure.
  • Manage Safe structures, user permissions, and Master Policy configurations.
  • Maintain platform documentation, operational runbooks, and disaster recovery procedures.
  • Onboard privileged accounts for operating systems, databases, network devices, and cloud environments.
  • Configure platform policies and password rotation rules to meet compliance standards.
  • Integrate applications with CyberArk Secrets Manager or Application Identity Manager (AIM).
  • Automate operational tasks using PowerShell, Python, or CyberArk REST APIs.
  • Resolve Tier 2/3 incidents related to credential rotation failures and connection issues.
  • Support end-users with daily access requests, dual-control workflows, and technical troubleshooting.
  • Audit privileged sessions and investigate anomalous activities alongside the SOC team.
  • Enforce least-privilege principles across all corporate technical teams.

Requirements

  • US Citizen (Dual Citizens accepted if they have an active clearance)
  • Active Secret Clearance Required
  • Possession of Security+ or equivalent
  • Technical Expertise: 3+ years of hands-on CyberArk PAM administration in an enterprise setting.
  • Infrastructure: Deep understanding of Windows Server, Linux/Unix, Active Directory, and LDAP.
  • Networking: Solid grasp of firewalls, load balancers, DNS, and TLS/SSL certificates.
  • Automation: Proven ability to write functional scripts in PowerShell, Bash, or Python.
  • Certifications: CyberArk Defender or Sentry certification is highly desirable.
  • Communication: Clear verbal and written skills to guide users through security protocols.
  • Analytical Mindset: Strong troubleshooting skills for complex, multi-tier software environments.

Qualifications

  • Deep understanding of Windows Server, Linux/Unix, Active Directory, and LDAP.
  • Solid grasp of firewalls, load balancers, DNS, and TLS/SSL certificates.
  • Proven ability to write functional scripts in PowerShell, Bash, or Python.
  • Certifications: CyberArk Defender or Sentry certification is highly desirable.
  • Clear verbal and written skills to guide users through security protocols.
  • Strong troubleshooting skills for complex, multi-tier software environments.

Benefits

  • 3 weeks paid time off
  • 11 Federal Holidays
  • medical/dental coverage
  • STD, LTD, Life Insurance, AD&D
  • 401k with up to 4% match
  • end-of-year profit sharing

Similar jobs

CyberArk Engineer

AptAlabama, United States· 2 wk ago
RemoteEngineeringapply on aptcompanies.io