Cyberark PAM Engineer: Cyberark, PAM, Privileged Access Manager, SCA, SIA, Secure Cloud Access in London

Our client is looking for a highly skilled CyberArk PAM Engineer with hands-on experience with CyberArk Identity Security Platform Shared Services (ISPSS), Secure Cloud Access (SCA) and Secure Infrastructure Access (SIA) to build and operate a comprehensive privileged access capability for clients' Public Cloud environments. A working knowledge of Secrets Rotation Service (SRS) & Secure Web Sessions (SWS) would be beneficial.

Ideal Candidate Profile:

• Senior CyberArk engineer with real-world SCA and SIA delivery experience
• Comfortable operating across access models and protocols
• Strong design to build capability
• Able to lead PAM access patterns in complex cloud environments

Start Date: 22nd June

Duration: 250 days

Pay Rate: £445 (PLEASE NOTE: Employer NI is paid for by the client)

Total Daily Earnings: £505 (includes rolled up holiday)

IR35 Status: Inside

Location: London/Hybrid (1 to 2 days per week)

Key Responsibilities:

• Secure Cloud Access (SCA)
• Build and operate CyberArk Secure Cloud Access (SCA)
• Enable secure, audited cloud console and command line access to:
• Azure - Azure Portal and cloud-native access paths
• AWS - AWS Console and CLI
• Configure:
• Identity based access
• Time bound and approval-based access
• Session recording and audit controls
• Define and document SCA policy patterns aligned to least privilege and JIT access.
• Essential Skills & Experience (Must Have):
• Hands-on experience with CyberArk Secure Cloud Access (SCA).
• Hands-on experience with CyberArk Secure Infrastructure Access (SIA).
• CyberArk Identity Security Platform Shared Services (ISPSS)
• Proven experience delivering cloud-based privileged access in Azure and/or AWS.
• Strong understanding of:
• Web based console access (HTTPS)
• Ephemeral access models
• Credential life cycle and password rotation
• Experience with approval driven access and governance workflows.
• Desirable Experience:
• Integration of CyberArk with ServiceNow
• API driven automation (PowerShell, Python)
• Experience with managing database technologies and applications
• Experience with Secrets Rotation Service (SRS)
• Experience in regulated or audit driven environments
• Exposure to GCP environments
• Broader CyberArk PAM SaaS experience
• Secure Infrastructure Access (SIA) - Ephemeral Access (ZSP):
• Build and operate CyberArk Secure Infrastructure Access (SIA).
• Enable secure, audited cloud virtual machine access via RDP & SSH to:
• Azure
• AWS
• Use Zero Standing Privilege wherever possible and vaulted credentials where not.
• Configure:
• Connector Servers
• Connector Management Agents
• Supporting software
• Management Pools and Network IDs
• Onboarding must be highly dynamic, automated wherever possible and self-service where not. This will require working closely with the PAM Developers to define the workflows required for Terraform automation.
• Access Policy & Credential Management (SIA) - essential skills:
• Define and implement SIA policies, platforms and plugins for:
• RDP
• SSH
• Access Policy & Credential Management (SIA) - desirable skills:
• Define and implement SIA access policies for:
• MSSQL
• Oracle
• PostgreSQL
• Where Vaulted Credentials are used, design and deploy password rotation controls via Secrets Rotation Service for:
• Windows platforms
• Linux platforms
• Create scripts to enable efficient handling of operational activities, eg bulk password change API scripts.

To apply for this CyberArk PAM Engineer contract job, please click the button below and submit your latest CV.

Curo Services endeavours to respond to all applications, however this may not always be possible during periods of high volume. Thank you for your patience.

Curo Services is a trading name of Curo Resourcing Ltd and acts as an Employment Business for contract and temporary recruitment as well as an Employment Agency in relation to permanent vacancies.