Principal Engineer, Privileged Access Management

Summary

Join New Era Technology as a Principal Engineer for Privileged Access Management (PAM), a key technical role within a team of security professionals. You will be a hands-on expert in PAM, working with cutting-edge technologies and tackling advanced security threats. Responsibilities include designing, developing, and implementing security architecture and solutions for secure privileged identity management. This role requires deep technical expertise and strategic leadership, collaborating with cross-functional teams to enforce Zero Trust principles and regulatory compliance. The ideal candidate possesses proven experience in Information Security with expertise in PAM solutions (CyberArk) and Active Directory. New Era offers a team-oriented culture prioritizing personal and professional development, along with competitive benefits.

Requirements

• Bachelor’s degree, or higher education with preferable focus in area with Information Technology, and/or a minimum of 8 years of experience in Information Security
• 5+ Hands-on experience with CyberArk PAM suite - CyberArk Vault, Central Policy Manager (CPM) , Privileged Session Manager (PSM), Credential Provider (CP), Password Vault Web Access (PVWA) , Endpoint Privilege Manager (EPM) and Privileged Threat Analytics (PTA), Active Directory and Azure AD
• 5+ years of experience in JavaScript, Java, TypeScript, SQL, or Python
• Strong knowledge of Windows, Linux, Databases, authentication, security protocols and secrets management
• Expertise in Zero Trust architecture and Defense-in-Depth security models
• Experience with cloud security, particularly Azure
• Familiarity with security frameworks (CIS, NIST CSF) for risk management and security design

Responsibilities

• Design, develop, configure, and customize CyberArk as per organization security policies and requirements
• Define access models, safe/vault structures, credential policies and session control strategies
• Install, configure, and manage CyberArk privileged cloud and associated components – CyberArk Vault, Central Policy Manager (CPM) , Privileged Session Manager (PSM), Credential Provider (CP), Password Vault Web Access (PVWA) , Endpoint Privilege Manager (EPM) and Privileged Threat Analytics (PTA)
• Onboard privileged accounts and rotate credentials across various platforms (Windows, Linux, DBs, Network devices, Azure cloud)
• Develop custom connectors, plug ins and drive automation through API scripting (REST, PowerShell and/or Python)
• Integrate CyberArk with Active Directory, Azure AD, IGA platforms (SailPoint, One Identity), ITSM tools (ServiceNow), SIEM (DEVO) and cloud platforms
• Collaborate with stakeholders to translate security and risk management requirements into business-aligned solutions
• Troubleshoot and resolve issues related to privileged access
• Provide input on process improvements, best practices, and automation to enhance PAM efficiency
• Conduct unit testing, integration testing, and UAT for CyberArk implementations and enhancements
• Prepare and maintain technical documentation, including design documents, SOPs, and user guides
• Lead transformation workshops across security, network, application, authentication, and Enterprise Architecture teams to implement next-gen Zero Trust models
• Drive remediation of identified security risks and control deficiencies
• Provide hands-on technical support, including after-hours availability when needed
• Participate in application projects and change management committees, ensuring security-by-design principles

Preferred Qualifications

Cybersecurity certifications (Security+, CISSP, CISM, CCSP) and/or CyberArk certifications preferred