Job DescriptionDescription Step into the role of a Mid-Level CyberArk Engineer, where you will play a crucial supporting role in enhancing the Department of Transportation's (DOT) cybersecurity infrastructure. Working alongside senior engineers, you'll contribute to the deployment and ongoing maintenance of a sophisticated Privileged Access Management (PAM) solution. This role will see you engaging with key stakeholders, including DHS CISA integrators, to ensure the PAM system operates flawlessly across development, testing, and production environments.
Your daily responsibilities will involve assisting with the management of roles and safes, helping deploy software updates, and contributing to the preparation of reports that highlight the performance and security of the PAM tool. Additionally, you'll be involved in identifying and mitigating security vulnerabilities, providing essential support for on-call troubleshooting and remediation efforts related to the PAM solution.
You'll also support annual disaster recovery testing, aid in documenting recovery and contingency plans, and assist with operating system patching on vault appliances. Your role is critical in ensuring that the PAM solution not only meets but exceeds security requirements, following DOT's Change Management processes and contributing to the enhancement of reporting capabilities in line with DHS CISA requirements.
Role is ONSITE in DC Top Qualifications, Skills, Experience or Certifications: - Good background of Systems (Windows/Linux) and networking in IT and DevOps experience will be helpful in addition to IAM/PAM
- CyberArk products support experience including troubleshooting (analyzing debug logs) password management/CPM, PSM/PSMP secure connection, credential providers
- Windows AD/LDAP experience, Cloud experience (AWS/Azure/GCP), SIEM/logging, monitoring
- Working knowledge of RESTAPI and PowerShell scripting
- Working with Audit and controls teams and meet compliance requirements
- Monitoring and logging/SIEM - Elastic, Reporting/Metrics
- Performs day-to-day activities required to assist and identify technology solutions that meet enterprise requirements.
- Maps functional requirements into technological requirements and identifies technologies that meet the technological requirements.
- Conducts proof of concept, pilots and demos for the purpose of evaluating the suitability of given technologies for meeting requirements.
- Evaluates the tradeoffs between competing solutions and develops quantitative driven analysis of alternatives.
- Produces written analysis of research and recommendation papers that clearly describe the process followed, alternatives considered, evaluation criteria and rationale for recommendation and need for additional work
Qualifications Job Role Specific Requirements:- Bachelor's Degree preferred with IT/Cybersecurity experience in the IAM/PAM
- Must have a minimum of 5 years of related experience providing business solutions engineering support, to include architectural design, engineering design, proof of concept development, pilots, analysis, results, and documentation
- CyberArk Sentry Certification Required: Current Certified CyberArk Sentry credential, affirming their expertise in managing and safeguarding privileged accounts within the CyberArk platform
- CyberArk Implementation Experience: One year of experience in designing and implementing integrated lifecycle management processes for
- CyberArk within an organization comparable in scale to the Department of Transportation (DOT), demonstrating a capability to support complex cybersecurity environments
- Server Administration Expertise: Three years of server administration experience is required, with specific proficiency in managing Windows Server 2019 and Red Hat Enterprise Linux (RHEL) 8 environments. This experience should highlight a strong foundational knowledge in operating systems, indicating the candidate's ability to maintain and optimize server infrastructure for reliability and performance
- Candidate must be a U.S. citizen or green card holder who has resided in the U.S. for at least 3 years and the ability to obtain a public trust
Preferred skills and qualifications:- Proficiency in CyberArk and SailPoint Integration: Demonstrated proficiency in seamlessly integrating CyberArk with SailPoint, showcasing the ability to unify privileged access management with comprehensive identity governance solutions, enhancing organizational security posture
- Comprehensive Active Directory Knowledge: Extensive experience with Active Directory, encompassing both front-end aspects such as account management and Group Policy, as well as back-end complexities including AD Schema, Public Key Infrastructure (PKI), and automation via PowerShell. This depth of knowledge ensures a robust and secure identity and access management framework
- Database Management Competence: Solid understanding of database management principles, specifically with SQL Server 2019. This includes proficiency in backups, indexing, integrity checks, installation, configuration, managing ports and protocols, creating maintenance plans, and effective troubleshooting. Additionally, skilled in data modeling and schema, with the ability to interpret and navigate Entity Relationship Diagrams, underscoring a well-rounded database administration skill set
- CyberArk Configuration Expertise: Proven capability in configuring CyberArk to ensure secure collaboration with a diverse array of systems and devices, including networks, iDRAC interfaces, applications, cloud services, storage solutions, servers, and appliances, guaranteeing the integrity and security of privileged access across the IT ecosystem
Target salary range: $80,001 - $120,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
Overview SAIC accepts applications on an ongoing basis and there is no deadline.
