PAM Engineer / CyberArk Specialist

2 hours, 12 minutes ago
Full-time
Senior
DevOps and Infrastructure
Makpar

Makpar

Makpar is an award-winning cybersecurity consultant specializing in IT modernization for the Federal government. The company's in-house Research & Development Lab innovates to build tailored solutions for government agencies.

Internet Software & Services
51-250
Founded 2008

Description

  • Implement and support NIST-aligned least privilege practices.
  • Support just-in-time provisioning for privileged access.
  • Manage privileged session controls, privilege elevation, delegation, and lifecycle processes.
  • Support enterprise secrets management and integrations with back-end vault platforms.
  • Discover, classify, manage, and govern privileged accounts across systems and applications.
  • Identify owners and usage patterns for privileged human and non-human accounts.
  • Implement RBAC and ABAC for privileged accounts.
  • Support PIV-based SSO for privileged access and reduce credential exposure.
  • Register applications for PAM across multiple environments.
  • Randomize, manage, and vault passwords, keys, and other credentials for administrative, service, and application accounts.
  • Broker credentials to applications, databases, services, network devices, operating systems, and other systems.
  • Coordinate vulnerability remediation with security teams.
  • Support STIG configurations and hardened container images.
  • Monitor, record, audit, and analyze privileged sessions and actions.
  • Develop security audit dashboards and support FISMA and compliance data pulls.
  • Support Active Directory tiering and permission improvements.

Requirements

  • Experience implementing or operating PAM solutions.
  • Experience with privileged accounts, privileged session management, secrets management, and credential vaulting.
  • Experience with CyberArk or a comparable PAM platform.
  • Experience with least privilege, privileged account discovery, account ownership, and lifecycle governance.
  • Ability to support cloud, hybrid, and on-prem privileged access use cases.
  • Ability to obtain favorable EOD / suitability and maintain required USCIS access.
  • U.S. citizenship likely required for DHS IT access unless a waiver is granted.
  • CyberArk PAS Vault experience preferred.
  • Experience supporting PAM adoption across many application teams preferred.
  • Experience with PIV SSO for privileged access preferred.
  • Experience with AD tiering, LDAP, CDM, STIGs, hardened containers, and FISMA dashboards preferred.
  • Experience supporting DevOps secrets management and container platform integrations preferred.
  • Prior DHS, USCIS, or federal Zero Trust/PAM experience preferred.

Benefits

  • Generous compensation package.
  • Flexible work schedules.
  • Excellent training and career development opportunities.
  • Outstanding benefits package.
  • Supportive environment focused on employee well-being and engagement.
  • Workplace culture that encourages collaboration and inquisitiveness.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Sr. Information Systems Security Engineer III (6695)

MetroStar 251-1K IT Services

MetroStar is hiring a Sr. Information Systems Security Engineer to help design, implement, and maintain cybersecurity controls and monitoring for protecting sensitive digital assets and ensuring compliance.

Cybersecurity Encryption Splunk
1 hour, 27 minutes ago

Principal Security Engineer – GRC Team Lead (Remote Eligible)

Smartsheet 1K-5K Internet Software & Services

Smartsheet is hiring a GRC Team Lead to build and scale the technical foundation for compliance, risk management, and audit readiness across multiple security and regulatory frameworks.

AWS Azure Bash CloudFormation DevSecOps Encryption GCP HIPAA Python Terraform
1 hour, 57 minutes ago

Network Security Engineer

Kargo 251-1K Media

Kargo is hiring a Network Security Engineer to secure the company’s freight logistics platform across cloud, on-premise, and edge/IoT environments while supporting reliable operations and compliance.

AWS Cybersecurity DHCP DNS GCP Network Security Penetration Testing TCP/IP
1 hour, 57 minutes ago

Staff Security Engineer

First.cx 1-10 information technology & services

Wayve is hiring a Staff Security Engineer to advance the security framework for its internal platform and IT security engineering group, SPINE, while supporting security strategy across endpoint, identity, and internal platform environments.

Bash Linux PowerShell Python
1 hour, 57 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers