Jobs · Engineering · New Jersey

Privileged Access Management Engineer

Mizuho · Iselin, NJ · 2 wk ago
HybridEngineering$81k–$150k/yrFull-time

About the role

Mizuho’s Identity and Access Management (IAM) team is transforming to become a central pillar of the firm's cybersecurity and regulatory strategy. This role plays a crucial part in securing privileged and service accounts, ensuring compliance, and supporting enterprise users and applications.

Responsibilities

  • Design, implement, and maintain CyberArk Privileged Access Management (PAM) solutions to secure privileged, service, and application accounts across enterprise environments.

  • Configure and manage CyberArk components including Digital Vault, PVWA, CPM, PSM, and connectors (Windows, Unix, Database, Cloud where applicable).

  • Create and manage safes, platforms, access policies, and permissions in accordance with least-privilege and security standards.

  • Build automations to support the core PAM activities.

  • Lead onboarding of privileged and service accounts into CyberArk, including inventory validation, account vaulting, and enabling password rotation.

  • Work closely with infrastructure and application teams to identify dependencies and ensure password changes do not disrupt services.

  • Manage account lifecycle activities such as modifications, offboarding, and exception handling.

  • Implement and monitor automated password rotation and reconciliation for managed accounts.

  • Configure and support Privileged Session Management (PSM) for secure access and session recording.

  • Troubleshoot password rotation failures, access issues, and CPM/PSM errors.

  • Provide L2/L3 operational support, including root-cause analysis and coordination with vendors or internal teams.

  • Maintain and update runbooks, SOPs, and operational documentation for CyberArk processes.

  • Support audit and regulatory requirements by generating CyberArk reports, access certifications, and compliance evidence.

  • Participate in periodic privileged access recertifications and remediation of findings.

  • Ensure CyberArk configurations align with IAM standards, internal policies, and regulatory frameworks (e.g., SOX, ISO, internal audits).

  • Integrate CyberArk with IAM tools (e.g., SailPoint), Active Directory, ServiceNow and other enterprise applications.

  • Support use of CyberArk REST APIs and Central Credential Provider (CCP) for application integrations and automation.

  • Aid in automation and reconciliation processes related to privileged account discovery and onboarding.

  • Act as a subject-matter expert (SME) for CyberArk/PAM, advising application, infrastructure, and security teams.

  • Collaborate with IAM Governance, Risk, Compliance, and Audit teams on PAM-related initiatives.

  • Participate in design and architecture discussions to identify gaps and drive scalable, automation-friendly improvements.

Qualifications

  • 7+ years of experience in Identity & Access Management, cybersecurity engineering, or related infrastructure security roles, with a strong focus on Privileged Access Management.

  • Demonstrated experience with CyberArk.

  • Experience in enterprise environments (Windows, Unix, databases, service accounts).

  • Familiarity with security controls and regulatory expectations related to identity, credential, and Privileged Access Management (e.g., SOX, NIST).

  • Strong collaboration and communication skills, with the ability to work effectively across infrastructure, cloud, security, and DevOps teams.

Benefits

The expected base salary ranges from $81,000 - $150,000. Salary offers are based on a wide range of factors including relevant skills, training, experience, education, and, where applicable, certifications and licenses obtained. Market and organizational factors are also considered. In addition to salary and a generous employee benefits package, including Medical, Dental and 401K plans, successful candidates are also eligible to receive a discretionary bonus.

Similar jobs