[Remote] Sr. IAM Engineer (CyberArk)

Note: The job is a remote job and is open to candidates in USA. System One is seeking a Senior IAM Engineer for a long-term remote opportunity. The Senior Identity Access Management (IAM) Engineer will lead the design, implementation, and optimization of CyberArk Privileged Access Management (PAM) solutions, serving as the primary subject matter expert for CyberArk across the organization.

Responsibilities

• CyberArk Solution Architecture: Design and implement CyberArk PAM solutions that meet organizational requirements. Lead technical design and architecture for complex CyberArk deployments, including integrations with enterprise systems (Active Directory, LDAP, cloud platforms)
• Implementation & Configuration: Oversee installation, configuration, and customization of CyberArk, including Safe policy management, PSM connectors, CPM, password rotation, and privileged account onboarding
• Stakeholder Engagement: Collaborate with business and IT stakeholders to understand requirements and translate them into CyberArk solutions aligned with security and governance goals
• Privileged Access Lifecycle Management: Develop and maintain privileged access lifecycle processes (onboarding, offboarding, access certification, RBAC, access reviews)
• Implement integrations with cloud platforms (Azure AD, Okta, AWS IAM), ServiceNow, and other enterprise applications
• Security & Compliance: Ensure CyberArk solutions meet security, compliance, and auditing requirements (NIST, CIS, HIPAA, GDPR, etc.). Support audit requests and maintain documentation for completeness and accuracy
• Automation & Optimization: Identify opportunities for process automation and operational efficiency improvements within the CyberArk platform
• Disaster Recovery: Setup and maintain multi-region active-active environments in AWS for CyberArk
• Mentorship & Leadership: Provide mentorship and guidance to junior team members and drive best practices for CyberArk development and implementation
• Troubleshooting & Support: Troubleshoot complex issues related to CyberArk and privileged access management systems. Provide ongoing support and performance tuning for deployed solutions. Must be available after hours in the event of any outage of the identity platforms
• Maintain thorough documentation for CyberArk configurations, workflows, integrations, and policies
• Stay up-to-date with the latest CyberArk features, industry trends, and best practices, and bring innovative solutions to the table
• Provide support for audit requests including privileged access reviews and session recordings
• Maintain completeness and accuracy for onboarding all privileged accounts and systems into CyberArk
• Implement security hardening and best practices for CyberArk infrastructure

Skills

• 7+ years in identity and access management (IAM), with at least 5 years of hands-on experience with CyberArk
• Deep knowledge of CyberArk architecture, provisioning, Safe policy management, PSM connectors, CPM, password rotation, and privileged access management
• Design and deploy PSM connectors for various platforms including Windows, Unix/Linux, databases, and network devices
• Strong experience integrating CyberArk solutions into enterprise environments (Active Directory, LDAP, Office 365, cloud apps)
• Knowledge of IAM frameworks, security models, and access control principles (RBAC, ABAC, least privilege, segregation of duties)
• Understanding of regulatory and compliance requirements related to IAM and privileged access
• Experience with CyberArk, SailPoint, ServiceNow, Okta, Microsoft Azure AD, AWS IAM, and related IAM tools
• Ability to manage multiple tasks, prioritize, and deliver on-time in a fast-paced, dynamic environment. Experience with agile methodologies is a plus
• Strong analytical and troubleshooting skills for complex privileged access issues
• Proficiency with CyberArk APIs (REST API, PACLI) for automation and integration
• Bachelor's degree in Computer Science, Information Technology, Engineering, or a related field
• Experience with CyberArk SaaS/Privilege Cloud platform preferred
• Certifications (Preferred): CyberArk Certified, CISSP, CISM, or other IAM-related certifications
• Master's degree or relevant certifications is a plus
• Experience with SailPoint and other IAM platforms
• Experience with identity federation, single sign-on (SSO), and multi-factor authentication (MFA)
• Familiarity with DevOps practices and CI/CD pipelines for IAM solutions

Benefits

• Health and welfare benefits coverage options including medical, dental, vision, spending accounts, life insurance, voluntary plans
• Participation in a 401(k) plan

Company Overview

• System One is a professional staffing firms. It was founded in 2008, and is headquartered in Pittsburgh, Pennsylvania, USA, with a workforce of 5001-10000 employees. Its website is http://www.systemoneservices.com.

Company H1B Sponsorship

• System One has a track record of offering H1B sponsorships, with 5 in 2025, 6 in 2024, 9 in 2023, 10 in 2022, 9 in 2021, 5 in 2020. Please note that this does not guarantee sponsorship for this specific role.

Apply tot his job Apply To this Job