Privileged Access Management (PAM) Engineer - CyberArk Specialist | Cross-Border Banking and Markets Leader

[Up to c. $150k Base Salary Discretionary Bonus | Hybrid Working]

Role Overview

We’re supporting a global financial institution as it continues to build out its internal identity security engineering capability. This position sits within a small, high-impact core PAM engineering team and forms part of a broader strategy to reduce reliance on external consultants and bring critical expertise in-house. This is a deeply hands-on engineering role focused on Privileged Access Management, with CyberArk at the centre. You’ll take ownership of day-to-day platform engineering, onboarding, and optimisation, while contributing to the long-term stability and scalability of the PAM environment. The role is well-suited to someone who enjoys operating at a practical level while having the opportunity to influence how the platform evolves over time...

Key Responsibilities

• Deliver hands-on engineering across the CyberArk platform, ensuring it is secure, stable, and operating effectively
• Configure, maintain, and optimise core CyberArk components, including vault performance and platform reliability
• Bring new applications, systems, and service accounts into the PAM environment, ensuring secure onboarding and minimal operational disruption
• Enhance and refine credential lifecycle processes, including rotation, reconciliation, and exception handling
• Improve platform performance through vault tuning, configuration adjustments, and ongoing optimisation work
• Build scripts and automation to support reporting, onboarding, and operational efficiency across the PAM estate
• Investigate and resolve platform issues, identifying root causes and implementing long-term fixes
• Integrate CyberArk with surrounding systems such as directory services, IAM tooling, and service management platforms
• Support audit and control processes, including evidence generation and interaction with audit stakeholders
• Collaborate with engineering, security, and application teams to gather requirements and deliver PAM solutions
• Contribute to platform enhancements, including exploration of automation-led improvements (e.g. AI-assisted operational workflows)
• Act as a go-to technical specialist for privileged access management within the organisation

What You’ll Bring…

• 6-10 years’ experience in IAM, security engineering, or infrastructure security roles
• Strong recent focus on CyberArk, with at least 3-5 years of hands-on, day-to-day platform ownership
• Proven experience delivering end-to-end CyberArk engineering, including onboarding, configuration, and optimisation
• Experience integrating CyberArk with enterprise systems such as Active Directory, IAM tools, or ITSM platforms
• Deep understanding of privileged account lifecycle management across enterprise environments
• Experience improving vault performance, stability, and operational reliability
• Practical experience building automation (e.g. scripting for reporting, onboarding, or platform operations)
• Strong familiarity with Windows, Linux/Unix, and service-based account environments
• Understanding of control frameworks and ability to support audit and compliance processes
• Strong troubleshooting capability, with a focus on root-cause resolution rather than surface fixes
• Confident communicator, able to engage both technical teams and senior stakeholders
• (Preferred) Experience with additional PAM or secrets management solutions
• (Preferred) Exposure to cloud-based access controls (AWS, Azure, GCP)

...