PAM Security Engineer - CyberArk in Nottingham

Experian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare, create marketing solutions, and gain deeper insights into the automotive market, all using our unique combination of data, analytics and software. We also assist millions of people to realize their financial goals and help them save time and money. We invest in people and new advanced technologies to unlock the power of data.

Experian Global Security Office are looking for a Privileged Access Management (PAM) Security Engineer Expert to serve as our technical Subject Matter Expert (SME) and capability owner for Privileged Access Management. With a deep focus on CyberArk solutions, you will manage the design, engineering, and advancement of PAM capabilities. These capabilities span across on-premises and multi-cloud environments, including AWS, Azure, and GCP. The engineer will improve adoption of CyberArk advanced modules such as CyberArk Secure Infrastructure Access (SIA) and CyberArk Cloud Security Access (CSA), and the engineer will implement privileged access controls for diverse resource types. You will collaborate with governance, operations, and security teams to build scalable, secure PAM solutions that align with compliance and needs. This is a remote UK-based position reporting to the Director of Privileged Access Management.

Important Responsibilities

• PAM Capability Ownership - Be a technical subject matter expert and capability owner for PAM platforms i.e. CyberArk.
• Design, implement, and improve PAM architecture and policies across hybrid environments.
• Guide the integration and expansion of CyberArk SIA and CSA into enterprise and cloud workloads.
• Oversee technical roadmap for PAM capabilities, ensuring scalability, adoption, and understanding of security and goals.
• Architect PAM solutions for cloud platforms (AWS, Azure, GCP), securing diverse resource types (IaaS, PaaS, SaaS, containers, and DevOps pipelines).
• Implement and improve secret management solutions (CyberArk Conjur, CyberArk Secrets Hub, cloud-native secret stores).
• Provide Tier 3 level support for escalations, complex troubleshooting, and platform performance optimization.

Qualifications

• Expertise with CyberArk platforms, including PAS, EPM, Conjur, WPM, and advanced modules (SIA, CSA).
• Experience securing cloud environments (AWS, Azure, GCP) and implementing PAM/secret management for cloud-native workloads.
• Hands-on experience with automation and orchestration tools (Ansible, Terraform, PowerShell, and Python).
• Experience with PAM concepts, access control models, and security frameworks (e.g., NIST, ISO 27001, CIS).
• Experience integrating PAM with SIEM, SOAR, and DevOps pipelines.
• Architectural and solution design skills, enterprise-scale PAM deployments.
• Cloud certifications, such as AWS Certified Security, Azure Security Engineer or Google Cloud Professional Cloud Security Engineer & CyberArk certifications such Defender, Sentry, Guardian.

Additional Information

• Benefits package includes: Great compensation package and discretionary bonus plan.
• Core benefits include pension, bupa healthcare, sharesave scheme and more.
• 25 days annual leave with 8 bank holidays and 3 volunteering days. You can purchase additional annual leave.

Experian is proud to be an Equal Opportunity and Affirmative Action employer. Innovation is an important part of Experian's DNA and practices, and our diverse workforce drives our success. Everyone can succeed at Experian and bring their whole self to work, irrespective of their gender, ethnicity, religion, colour, sexuality, physical ability or age. If you have a disability or special need that requires accommodation, please let us know at the earliest opportunity.