SES

SES

Systems Engineering Solutions (SES) Corporation is a Small Business specializing in information technology consulting services. We excel in Systems Engineering, Systems Integration, System Test, Infrastructure Development, Deployment, and Lab Support. ...

Internet Software & Services
51-250
Founded 2003

Description

  • Design, architect, and implement enterprise-scale CyberArk Privileged Access Management solutions.
  • Develop architecture blueprints, deployment models, integration patterns, and technical roadmaps.
  • Lead CyberArk implementations, upgrades, migrations, and enhancements in federal or regulated environments.
  • Configure and support CyberArk components including Enterprise Password Vault, Privileged Session Manager, Central Policy Manager, Privileged Threat Analytics, Endpoint Privilege Manager, CyberArk Identity, and Secrets Manager/Conjur.
  • Integrate CyberArk with identity providers, cloud platforms, SIEM tools, ITSM systems, and CI/CD pipelines.
  • Translate business, security, and compliance requirements into secure technical designs.
  • Define privileged access policies, onboarding standards, credential rotation requirements, and session monitoring approaches.
  • Lead technical workshops, design reviews, solution demonstrations, and stakeholder briefings.
  • Provide technical leadership to engineers, administrators, and implementation teams.
  • Identify risks, dependencies, technical gaps, and opportunities for automation and process improvement.
  • Support documentation development, including architecture diagrams, implementation plans, operational procedures, and security control mappings.
  • Assist with compliance assessments, audits, and security authorization activities.
  • Serve as a trusted advisor to customers, program leadership, and security stakeholders on PAM strategy and CyberArk best practices.

Requirements

  • 10+ years of IT experience, with at least 5 years focused on CyberArk PAM architecture, design, and implementation.
  • Strong hands-on experience with the CyberArk product suite in enterprise environments.
  • Experience designing PAM solutions for federal, government, or highly regulated environments.
  • Strong understanding of privileged access management concepts including credential vaulting, password rotation, session isolation and monitoring, least privilege, just-in-time access, secrets management, and service account management.
  • Experience integrating CyberArk with identity providers such as Active Directory, Entra ID/Azure AD, Okta, or similar platforms.
  • Experience integrating CyberArk with cloud environments such as AWS, Azure, or Google Cloud.
  • Familiarity with CI/CD pipeline integrations and DevSecOps environments.
  • Strong knowledge of federal cybersecurity frameworks and compliance requirements including Zero Trust Architecture, FedRAMP, NIST SP 800-53, FISMA, and NIST Cybersecurity Framework.
  • Ability to develop solution architecture documents, design diagrams, implementation plans, and technical standards.
  • Experience leading technical teams through design, implementation, testing, and deployment activities.
  • Ability to troubleshoot complex CyberArk issues and recommend scalable solutions.
  • Strong understanding of enterprise security architecture, identity governance, and access management principles.
  • Must be eligible to obtain and maintain a federal Public Trust clearance or higher.
  • CyberArk certification such as Defender, Sentry, CDE, Guardian, or Trustee is required or highly valued.
  • Cloud security certification preferred, such as AWS Certified Security – Specialty, Microsoft Certified: Azure Security Engineer Associate, Google Professional Cloud Security Engineer, or CCSP.
  • Experience supporting federal agency cybersecurity, infrastructure, or identity modernization programs is preferred.
  • Experience with Zero Trust implementation or federal Zero Trust maturity models is preferred.
  • Experience with automation and scripting using PowerShell, Python, REST APIs, or CyberArk APIs is preferred.
  • Experience with Infrastructure as Code or DevOps tools such as Terraform, Ansible, Jenkins, GitLab, or GitHub Actions is preferred.
  • Experience integrating CyberArk with SIEM, SOAR, or logging platforms such as Splunk, Elastic, or Microsoft Sentinel is preferred.
  • Experience supporting Authority to Operate, security assessments, audits, or control validation activities is preferred.
  • Familiarity with CMMC, DISA STIGs, CIS Benchmarks, or other federal security baselines is preferred.
  • Experience developing operational playbooks, runbooks, and administrator guides is preferred.

Benefits

  • Competitive salary.
  • Medical, dental, and vision insurance.
  • AD&D, short-term disability, and long-term disability coverage.
  • Company-paid life insurance.
  • 401(k) with employer contribution.
  • Paid time off.
  • Pet insurance.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Principal AI Security Specialist - Federal

Zscaler 1K-5K Internet Software & Services

Zscaler is hiring a Principal AI Security Specialist to lead field-facing enterprise AI security engagements, helping Fortune 500 customers adopt GenAI securely across complex sales cycles.

Cybersecurity Generative AI LLM
5 hours, 23 minutes ago

ZScaler Engineer (R-00171)

True Zero Technologies 11-50 Internet Software & Services

True Zero Technologies is seeking a Senior ZScaler Consultant to support enterprise customer deployments by designing, implementing, and operationalizing ZScaler solutions across ongoing projects and presales engagements.

Active Directory CrowdStrike Cybersecurity DNS GitLab SAML SIEM Splunk TLS Wireshark
5 hours, 53 minutes ago

Staff Software Engineer — Identity & Access Management

Xsolla 251-1K Internet Software & Services

Xsolla is hiring a Staff Engineer to lead the architecture and evolution of its Identity & Access Management platform, supporting secure authentication and authorization across its products.

Active Directory CI/CD CockroachDB Git Go Kafka Kubernetes NATS OpenID Connect PostgreSQL SAML TLS
5 hours, 53 minutes ago

Senior Security Engineer II - DSPM

Aledade 1K-5K Health Care Providers & Services

Aledade is hiring a Senior Security Engineer II to help secure its enterprise, cloud-native environments, and applications while improving security through data-driven automation and cross-functional partnership.

AWS Databricks HIPAA PostgreSQL Python Snowflake
6 hours, 8 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers