Information Security Engineer
Role summary
The CyberArk Privileged Access Management (PAM) Engineer will be responsible for the design, implementation, and maintenance of CyberArk Privileged Access Security (PAS) solutions. This hybrid role involves deploying and configuring core CyberArk components, integrating the system with enterprise infrastructure including servers, databases, and cloud platforms, and managing privileged accounts and access policies. The engineer will also provide operational support, troubleshoot issues, and ensure security and compliance through robust PAM controls. Collaboration with various IT teams and maintaining documentation are key aspects of this position.
Role: CyberArk Privileged Access Management (PAM) Engineer
Location: Brampton, ON- Hybrid
Hybrid
1.Design & Implementation
Deploy, configure, and maintain core CyberArk Privileged Access Security (PAS) components, including:
PVWA (Password Vault Web Access)
PAIM / PSM (Privileged Session Manager)
PIM / PAM Vault
AIM / CCP (Application Identity Manager / Central Credential Provider)
CPM (Central Policy Manager)
Onboard privileged accounts, safes, platforms, and associated access policies.
Develop and customize CyberArk plugins, password rotation policies, and platform configurations.
2. Account & System Integration
Integrate CyberArk with enterprise systems, including:
Windows & Linux servers
Databases (Oracle, SQL)
Network devices
Cloud platforms (AWS, Azure, GCP)
Authentication systems (LDAP, Active Directory, MFA)
Configure PSM connectors, dual‑control workflows, and session‑recording capabilities.
3. Operations & Support
Troubleshoot vault access issues, CPM failures, session connection problems, and plugin errors.
Support break‑glass procedures, incident response, and vulnerability remediation tasks.
Monitor CyberArk component health, performance, logs, and audit activity to ensure system stability.
4. Security, Governance & Compliance
Enforce privileged access policies, credential rotation standards, and password complexity requirements.
Support internal and external audits by providing evidence, reports, and configuration documentation.
Implement PAM controls that support least‑privilege and zero‑trust security models.
5. Documentation & Collaboration
Develop and maintain runbooks, architecture diagrams, configuration guides, and SOPs.
Collaborate with Security, DevOps, Infrastructure, Application, and IAM teams to onboard new systems and ensure secure design.
Technical Skills
3 to 6 years of hands-on experience with CyberArk Privileged Access Security solutions. Strong understanding of Privileged account management Identity and Access Management (IAM) principles Secrets management Session monitoring and credential rotation Experience with Windows Linux OS Active Directory Networking concepts (SSH, RDP, TLS)Database password management Handson scripting experience using Power Shell Bash Python (preferred)
Similar roles
- Senior Information Security EngineerBuildertrend · Omaha, Nebraska, United States · Remote
- Senior Information Security EngineerRobert Half · Calgary, Alberta, Canada · Hybrid
Senior Information Security EngineerSquarepoint · Montreal, Quebec, Canada · Onsite
Sr. Information Security EngineerCboe Global Markets · Kansas City, Missouri, United States · Onsite- Senior Information Security EngineerMovius Interactive · Alpharetta, Georgia, United States · Hybrid
