1

Cyberark Security Engineer Jobs (NOW HIRING)

What will the Security Engineer do? Coterie's Security team is hiring a Security Engineer (100 ... Experience with an endpoint privilege management solution (e.g., CyberArk EPM, Admin By Request ...

The PAM Engineer will support clients privileged access management modernization, CyberArk/vaulting ... with security teams. • Support STIG configurations and hardened container images. • Monitor ...

We are looking for a Security Engineer who will be responsible for the engineering, design ... CyberArk * Strong understanding of security architecture principles, including secure network ...

Additionally, you'll be involved in identifying and mitigating security vulnerabilities, providing ... IT and DevOps experience will be helpful in addition to IAM/PAM * CyberArk products support ...

next page

Showing results 1-20

Cyberark Security Engineer information

See salary details

$61.5K

$152.8K

$205.5K

How much do cyberark security engineer jobs pay per year?

As of Jul 17, 2026, the average yearly pay for cyberark security engineer in the United States is $152,773.00, according to ZipRecruiter salary data. Most workers in this role earn between $143,000.00 and $158,500.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive in the Cyberark Security Engineer position, and why are they important?

To thrive as a Cyberark Security Engineer, you need expertise in Privileged Access Management (PAM), strong knowledge of security protocols, and hands-on experience with CyberArk solutions, typically backed by a degree in computer science or cybersecurity. Familiarity with CyberArk PAS suite, Active Directory, scripting languages (like PowerShell), and certifications such as CyberArk Certified Delivery Engineer (CDE) are highly valued. Analytical problem-solving, proactive communication, and teamwork are essential soft skills in this role. These abilities ensure effective implementation, protection of sensitive assets, and seamless coordination with IT and security teams.

What is a CyberArk Security Engineer job?

A CyberArk Security Engineer is responsible for designing, implementing, and managing privileged access security solutions using CyberArk. They configure and maintain CyberArk components, such as the Enterprise Password Vault (EPV), Privileged Session Manager (PSM), and Central Policy Manager (CPM), to protect sensitive accounts. Their role includes monitoring privileged access activities, troubleshooting security issues, and ensuring compliance with organizational policies. Additionally, they collaborate with IT and security teams to develop best practices for securing privileged credentials across the enterprise.

What are the typical daily responsibilities of a Cyberark Security Engineer?

A Cyberark Security Engineer typically manages and maintains CyberArk environments, implements and updates privileged access controls, and monitors security incidents related to privileged accounts. They often work closely with IT and security teams to troubleshoot issues, perform system integrations, and ensure compliance with company policies. Daily tasks may also include reviewing audit logs, responding to access requests, and participating in security assessments or projects. This hands-on role requires a proactive approach to anticipate and remediate security risks while supporting ongoing IT operations.

More about Cyberark Security Engineer jobs
What states have the most Cyberark Security Engineer jobs? States with the most job openings for Cyberark Security Engineer jobs include:
What job categories do people searching Cyberark Security Engineer jobs look for? The top searched job categories for Cyberark Security Engineer jobs are:
Infographic showing various Cyberark Security Engineer job openings in the United States as of July 2026, with employment types broken down into 23% Internship, 5% As Needed, 21% Full Time, 32% Temporary, 2% Contract, and 17% Nights. Highlights an 72% Physical, 11% Hybrid, and 17% Remote job distribution, with an average salary of $152,773 per year, or $73.4 per hour.

Sr. IAM Implementation Engineer (Microsoft Entra ID and CyberArk PAM)

Rivago infotech inc

Manhattan, NY • On-site

$117K - $159K/yr

Other

This job post has expired today. Applications are no longer accepted.


Job description

Role: Sr. IAM Implementation Engineer (Microsoft Entra ID and CyberArk PAM)

Location: New York, NY 10017 (100% Onsite)

End Client - Service-based Industry

Experience - 12+ Years

Role Summary

We are seeking a Senior / Principal IAM & PAM Implementation Engineer with deep hands‑on experience in Microsoft Entra ID (Azure AD) and CyberArk Privileged Access Management, combined with AI / GenAI identity security exposure, to support financial services and highly regulated clients.

This role is execution‑driven and operates in mission‑critical environments where identity failures directly impact business continuity, regulatory compliance, and customer trust. The engineer will design, implement, and operate IAM and PAM controls aligned to Zero Trust principlesaudit requirements, and financial‑industry regulations.

Key ResponsibilitiesIdentity & Access Management (Microsoft Entra ID / Azure AD)
  • Design and hands‑on implement Microsoft Entra ID solutions in regulated, production‑critical environments
  • Design and enforce Conditional Access, MFA, passwordless authentication, and device‑based access
  • Integrate internal and third‑party applications using SAML, OAuth 2.0, OIDC
  • Implement identity lifecycle (JML), RBAC, access reviews, and entitlement management
  • Maintain role-based access control (RBAC) aligned with least‑privilege principles.
  • Support IAM integrations with CyberArk PAM, DLP, and security platforms where applicable.
  • Troubleshoot complex sign‑in, token, MFA, PRT, and policy enforcement issues with minimal user disruption
Privileged Access Management (CyberArk PAM)
  • Hands‑on deployment and administration of CyberArk components: Vault, PSM, CPM, Secrets Management
  • Onboard privileged accounts across servers, databases, network, cloud, and service identities
  • Enforce least‑privilege, credential rotation, session recording, and approval workflows
  • Integrate CyberArk with Microsoft Entra ID for identity‑driven privileged access.
  • Monitor privileged access activity and investigate suspicious or non‑compliant usage.
  • Support PAM audits, regulatory reviews, and emergency access scenarios (break‑glass)
AI / GenAI Identity Security
  • Implement identity and access controls for AI and GenAI platforms (e.g., Microsoft Copilot, enterprise AI workloads)
  • Secure: 
    • AI service identities and service principals
    • API access and automation credentials
    • AI training and inference access pipelines
  • Align IAM, PAM controls with enterprise AI governance, model risk, and data protection standards
Governance, Compliance & Risk
  • Implement IAM and PAM controls aligned with Financial‑services regulatory expectations and Internal risk & audit frameworks
  • Support audits and compliance reviews (e.g., access evidence, privileged access reports)
  • Design and maintain audit‑ready documentation, including: 
    • Architecture diagrams
    • Policy definitions
    • Access workflows and operational procedures
  • Participate in identity‑related incident response, RCA, and remediation activities
Delivery & Client Engagement
  • Lead IAM/PAM implementations from design through production rollout
  • Work closely with Security leadership, Risk & compliance teams, Application owners, Auditors and regulators (as required)
  • Provide clear, pragmatic recommendations balancing security, usability, and regulatory compliance
  • Act as a trusted technical advisor to clients in high‑stakes environments
 Required Skills & ExperienceMandatory (Hands‑on)
  • 8–15 years of IAM / Security engineering experience in regulated environments
  • Strong hands‑on experience with: 
    • Microsoft Entra ID (Azure AD)
    • CyberArk PAM (Vault, PSM, CPM, Secrets)
  • Conditional Access, MFA, Passwordless, RBAC
  • SAML, OAuth 2.0, OpenID Connect
  • Production troubleshooting in large enterprise environments
Regulated‑Industry Experience
  • Experience supporting financial services, banking, insurance, or similarly regulated clients
  • Exposure to audit, compliance, or risk workflows related to identity and privileged access
  • Comfort operating under strict change management and approval processes
Nice to Have
  • Identity Governance (PIM, Access Reviews)
  • SIEM integrations (Azure Sentinel, Splunk)
  • PowerShell / automation for IAM & PAM
  • Zero Trust architecture implementation experience
Soft Skills
  • Strong hands‑on engineering mindset (not architecture‑only).
  • Process‑driven mindset with strong documentation discipline.
  • Pragmatic problem‑solver with strong risk awareness
  • Excellent client communication and stakeholder management skills. Clear communication with technical and business stakeholders.
  • Ability to build long‑term, trusted relationships.
  • Calm and methodical approach in high‑impact production incidents. Ability to support incidents under pressure
Preferred Certifications
  • Microsoft SC‑300 / AZ‑104 / AZ‑900
  • CyberArk PAM certifications
  • Security or identity‑related certifications (preferred)
 

--

 

 

---

---