Mizuho Financial

Privileged Access Management Engineer

Mizuho Financial$81K — $150K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 7+ years in Identity & Access Management or cybersecurity engineering with a focus on Privileged Access Management.
  • Proven hands-on experience with CyberArk solutions.
  • Background in enterprise environments including Windows, Unix, and databases.
  • Knowledgeable about security controls and regulatory standards like SOX and NIST.
  • Strong communication skills to effectively collaborate with various technical teams.

Responsibilities

  • Design and implement CyberArk PAM solutions for securing privileged accounts across the enterprise.
  • Manage CyberArk components including Digital Vault and PSM for various platforms.
  • Onboard and manage the lifecycle of privileged accounts within CyberArk.
  • Automate password rotations and monitor session management for security compliance.
  • Provide L2/L3 support, troubleshooting, and maintain operational documentation for CyberArk processes.
  • Generate compliance reports and support audit requirements for privileged access.
  • Integrate CyberArk with IAM tools and assist in automation of account discovery.

Benefits

  • Comprehensive Medical and Dental coverage.
  • 401K retirement plan with employer contributions.
  • Discretionary bonus eligible based on performance.
  • Hybrid work model allowing for remote work flexibility.
Full Job Description

Join Mizuho as Privileged Access Management Engineer!

We are seeking a CyberArk Engineer to support the implementation, operation, and ongoing management of our Privileged Access Management (PAM) platform. The role is responsible for securing privileged and service accounts, ensuring compliance with security standards, and supporting enterprise users and applications.

This hands-on engineering role focuses on delivering secure and scalable solutions for managing privileged accounts used by servers, applications, services, APIs, and cloud workloads. The ideal candidate has deep expertise in CyberArk and related technologies.

This role is critical to strengthening the firm's identity security posture, enabling secure cloud adoption, and supporting compliance with regulatory and internal control requirements

Key Responsibilities:

Core CyberArk / PAM Engineering

  • Design, implement, and maintain CyberArk Privileged Access Management (PAM) solutions to secure privileged, service, and application accounts across enterprise environments.
  • Configure and manage CyberArk components including Digital Vault, PVWA, CPM, PSM, and connectors (Windows, Unix, Database, Cloud where applicable).
  • Create and manage safes, platforms, access policies, and permissions in accordance with leastprivilege and security standards.
  • Build automations to support the core PAM activities.

Privileged Account Onboarding & Lifecycle Management

  • Lead onboarding of privileged and service accounts into CyberArk, including inventory validation, account vaulting, and enabling password rotation.
  • Work closely with infrastructure and application teams to identify dependencies and ensure password changes do not disrupt services.
  • Manage account lifecycle activities such as modifications, offboarding, and exception handling.

Password & Session Management

  • Implement and monitor automated password rotation and reconciliation for managed accounts.
  • Configure and support Privileged Session Management (PSM) for secure access and session recording.
  • Troubleshoot password rotation failures, access issues, and CPM/PSM errors.

Operations, Monitoring & Support

  • Provide L2/L3 operational support, including rootcause analysis and coordination with vendors or internal teams.
  • Maintain and update runbooks, SOPs, and operational documentation for CyberArk processes.

Compliance, Audit & Governance

  • Support audit and regulatory requirements by generating CyberArk reports, access certifications, and compliance evidence.
  • Participate in periodic privileged access recertifications and remediation of findings.
  • Ensure CyberArk configurations align with IAM standards, internal policies, and regulatory frameworks (e.g., SOX, ISO, internal audits).

Integration & Automation

  • Integrate CyberArk with IAM tools (e.g., SailPoint), Active Directory, ServiceNow and other enterprise applications.
  • Support use of CyberArk REST APIs and Central Credential Provider (CCP) for application integrations and automation.
  • Assist with automation and reconciliation processes related to privileged account discovery and onboarding.

Stakeholder Collaboration

  • Act as a subjectmatter expert (SME) for CyberArk/PAM, advising application, infrastructure, and security teams.
  • Coordinate with IAM Governance, Risk, Compliance, and Audit teams on PAMrelated initiatives.
  • Participate in design and architecture discussions to identify gaps and drive scalable, automation-friendly improvements.

Nice to Have

  • Experience with cloud PAM (AWS, Azure, GCP)
  • Scripting (PowerShell, Python) for automation
  • CyberArk certifications (CPC, CDE, Defender)

Required Qualifications

  • 7+ years of experience in Identity & Access Management, cybersecurity engineering, or related infrastructure security roles, with a strong focus on Privileged Access Management.
  • Demonstrated experience with CyberArk.
  • Experience in enterprise environments (Windows, Unix, databases, service accounts).
  • Familiarity with security controls and regulatory expectations related to identity, credential, and Privileged Access Management (e.g., SOX, NIST).
  • Strong collaboration and communication skills, with the ability to work effectively across infrastructure, cloud, security, and DevOps teams.

The expected base salary ranges from $81,000 - $150,000. Salary offers are based on a wide range of factors including relevant skills, training, experience, education, and, where applicable, certifications and licenses obtained. Market and organizational factors are also considered. In addition to salary and a generous employee benefits package, including Medical, Dental and 401K plans, successful candidates are also eligible to receive a discretionary bonus.

#LI-Hybrid

Other requirements

Mizuho has in place a hybrid working program, with varying opportunities for remote work depending on the nature of the role, needs of your department, as well as local laws and regulatory obligations. Roles in some of our departments have greater in-office requirements that will be communicated to you as part of the recruitment process.

About Mizuho Financial

Mizuho Financial Group, Inc. is a Japanese banking holding company headquartered in the ?temachi district of Chiyoda, Tokyo, Japan. The name "mizuho" literally means "abundant rice" in Japanese. It holds assets in excess of $1.8 trillion US dollars through its control of Mizuho Bank, Mizuho Corporate Bank, and other operating subsidiaries. The company's combined holdings form the second largest financial services group in Japan. Its banking businesses rank third in Japan after Mitsubishi UFJ Financial Group and Sumitomo Mitsui Financial Group. It is the 15th largest banking institution in the world by total assets as of December 2018.
Learn more about Mizuho Financial
Size
54,492 employees
Market Cap
$35 billion
Industry
Net Income
$84.4 billion
5 Year Trend
-0.6%
NASDAQ

Similar Jobs

More Jobs at Mizuho Financial

More Information Technology Jobs

Find similar Privileged Access Management Engineer jobs: