CyberArk PAM Engineer

London | Hybrid (2 days onsite) | 12 Months | Inside IR35

A leading financial services organisation is seeking a CyberArk PAM Engineer to take ownership of a large-scale Privileged Access Management environment and drive platform improvements, automation, integrations, and upgrades.

Key Responsibilities

• Manage and enhance a multi-region CyberArk environment including:
• Vault
• PVWA
• CPM
• PSM / PSMP
• CCP
• PTA
• AIM / AAM
• Lead CyberArk upgrades, migrations, and platform optimisation.
• Automate onboarding, rotation, and management of privileged accounts, service accounts, certificates, and SSH keys.
• Design and maintain Safes, RBAC models, and PAM policies aligned to security best practices.
• Develop PowerShell and API‑based automation.
• Build and support custom integrations and non‑standard connectors.
• Support secrets management initiatives including Conjur and CI/CD integrations.
• Provide SME support, troubleshooting, documentation, and knowledge transfer.
• 10+ years’ CyberArk engineering experience.
• Deep expertise across the CyberArk PAM suite.
• Strong knowledge of PAM, RBAC, Zero Trust, and security controls.
• Experience with Windows, Linux (RHEL), Active Directory, Oracle, and cloud platforms.
• Strong PowerShell and REST API skills.
• Proven experience delivering CyberArk implementations, upgrades, and integrations.
• Excellent stakeholder engagement and communication skills.
• JIT access and privilege tiering.
• Conjur, AAM, and DevSecOps integrations.
• Microsoft Sentinel and Defender XDR integration experience.
• Financial services or other highly regulated environments.
• CyberArk Defender and/or Sentry certifications.

What’s on Offer

• 12-month contract
• Inside IR35
• Hybrid working (2 days per week in London)
• Opportunity to lead and shape a strategic CyberArk programme within a complex enterprise environment.

#J-18808-Ljbffr…