The work

The CyberArk PAM Operations Engineer ensures the stability, security, and continuous operation of the enterprise Privileged Access Management platform. This role focuses on daily platform administration, account onboarding, operational troubleshooting, and safeguarding privileged credentials across the organization. The engineer works closely with security, infrastructure, and application teams to enforce least-privilege principles and maintain compliance. Strong hands-on experience with CyberArk core components and a deep understanding of enterprise infrastructure are critical for success in this role. Attention to detail, the ability to work both independently and collaboratively, and a commitment to maintaining a secure credential ecosystem are essential.

Key responsibilities

• Monitor daily system health for Vault, PVWA, CPM, PSM, and PTA components
• Execute routine patching, software upgrades, and backup verification
• Manage Safe structures, user permissions, and Master Policy configurations
• Maintain platform documentation, operational runbooks, and disaster recovery procedures
• Onboard privileged accounts for operating systems, databases, network devices, and cloud environments
• Configure platform policies and password rotation rules to ensure compliance
• Integrate applications with CyberArk Secrets Manager or Application Identity Manager (AIM)
• Automate operational tasks using PowerShell, Python, or CyberArk REST APIs
• Resolve Tier 2/3 incidents related to credential rotation failures and connection issues
• Support end-users with access requests, dual-control workflows, and technical troubleshooting
• Audit privileged sessions and investigate anomalous activities with the SOC
• Enforce least-privilege principles across all corporate technical teams

Here's what you need

• 3+ years of hands-on CyberArk PAM administration experience in an enterprise environment
• Experience with Windows Server, Linux/Unix, Active Directory, and LDAP
• Strong understanding of firewalls, load balancers, DNS, and TLS/SSL certificates
• Ability to write functional scripts in PowerShell, Bash, or Python
• Security+ or equivalent security certification

Nice to have

• CyberArk Defender or Sentry certification
• Strong verbal and written communication skills for guiding users and documenting procedures
• Analytical mindset with strong troubleshooting skills for complex multi-tier environments

Eligibility requirements

• US Citizen (dual citizens accepted)
• Active Secret Clearance

As required by local law, Accenture Federal Services provides reasonable ranges of compensation for hired roles based on labor costs in the states of California, Colorado, Hawaii, Illinois, Maine, Maryland, Massachusetts, Minnesota, New Jersey, New York, Vermont, Virginia, Washington, and the District of Columbia, and the city of Cleveland. The base pay range for this position in these locations is shown below. Compensation for roles at Accenture Federal Services varies depending on a wide array of factors, including but not limited to office location, role, skill set, and level of experience. Accenture Federal Services offers a wide variety of benefits. You can find more information on benefits here. We accept applications on an on-going basis and there is no fixed deadline to apply.

The pay range for the states of California, Colorado, Hawaii, Illinois, Maine, Maryland, Massachusetts, Minnesota, New Jersey, New York, Vermont, Virginia, Washington, and the District of Columbia, and the city of Cleveland is:

$64,000-$124,200 USD