CyberArk PAM Engineer

CyberArk PAM Engineer - sought by investment bank based in London - Contract - Hybrid

inside IR35

Key Responsibilities

• Lead the design, implementation, and optimisation of CyberArk PAM solutions.
• Manage CyberArk components including Vault, CPM, PSM, PSMP, CCP, PTA, AIM.
• Plan and execute major version upgrades and migrations.
• Automate credential onboarding, rotation, and decommissioning.
• Develop and maintain Safes, RBAC structures, and master policies aligned to NIST 800-53 and Zero Trust.
• Build custom connectors for non-standard platforms (e.g., Oracle Cloud).
• Provide SME-level support and troubleshooting across CyberArk environments.
• Integrate CyberArk with DevOps pipelines using AIM/AAM/Conjur.
• Maintain documentation and deliver training to internal teams.

Required Skills & Experience

• 10+ years of hands on experience with CyberArk PAM suite.
• Strong knowledge of privileged access concepts, RBAC, and compliance frameworks (NIST, ISO 27001).
• Experience with Linux (RHEL 9), Windows Server, Oracle DB, and cloud platforms.
• Scripting and automation skills (PowerShell, REST APIs).
• Proven track record in CyberArk upgrades and custom integrations.
• Excellent communication and stakeholder engagement skills.

Desirable

• Experience in financial services or banking environments.
• Familiarity with Sentinel, Defender XDR, and SIEM integrations.
• CyberArk Defender & Sentry certifications.

Please apply within for further details - Matt Holmes, Harvey Nash