Lead CyberArk Engineer (Remote Possible)
Santa Ana, California-Remote; California-Remote; Florida-Remote; Illinois-Remote; Nevada-Remote; Oregon-Remote; Texas-Remote; Washington-Remote; Minnesota-Remote;
Who We AreJoin a team that puts its People First! Since 1889, First American (NYSE: FAF) has held an unwavering belief in its people. They are passionate about what they do, and we are equally passionate about fostering an environment where all feel welcome, supported, and empowered to be innovative and reach their full potential. Our inclusive, people-first culture has earned our company numerous accolades, including being named to the Fortune 100 Best Companies to Work For® list for eight consecutive years. We have also earned awards as a best place to work for women, diversity and LGBTQ+ employees, and have been included on more than 50 regional best places to work lists. First American will always strive to be a great place to work, for all. For more information, please visit www.careers.firstam.com.
What We Do
This role will deliver services that form the backbone for privileged access management (PAM) and security throughout the enterprise. This role will assist with standardizing user provisioning and securing privileged access, while enabling cross-platform principle of least privilege, as well as aiding in the design, development, and delivery of PAM architecture to enhance First American’s capabilities. This role will need to influence and communicate with customers from all sections of the enterprise – including end user, technical resources, IT leadership and other business leaders, as well as drive security excellence through PAM adoption, implementation, expansion, and maturity.
What You'll Do:
- Work with PAM engineering team on mass account onboarding initiatives such as human admin level accounts, robotic process automation accounts, and other non-human service accounts
- Design and implement service offerings from the CyberArk Privileged Access Security suite of products
- Integration with SailPoint, Splunk, Securonix, and other in-house or off-the-shelf applications
- Work with the core product team to expand the capabilities across the enterprise to integrate with multiple ranges of platforms, operating systems, and applications
- Work alongside Security Architect and Project Managers to develop roadmap and PAM strategy based on a risk-based approach to information security
- Integrating various platforms with CyberArk, such as different LDAP providers, Windows and UNIX servers, Oracle and SQL Databases, Robotic Process Automation, and Networking devices
- Maintain, configure, troubleshoot CyberArk Endpoint Privilege Management (EPM), Privileged Threat Analytics (PTA), Privileged Session Management (PSM), Central Policy Manager (CPM)
- Perform health check monitoring on all CyberArk components to ensure consistent availability of system to end user and meet the SLAs
- Identify opportunities and develop scripts to automate engineering tasks leveraging REST API’s
- Engineer technical PAM solutions while engaging service owners, architects, project managers, global infrastructure teams, and Application Development during the lifecycle of solutions delivery
- Work with the broader IT security, risk, and compliance teams to interpret policies and standards ensuring they are properly followed by new and existing IAM solutions
- Troubleshoot and resolve complex integration problems
- Lead and/or execute daily, weekly, and monthly PAM support activities
- Develop dashboards, metrics, and benchmarks for CyberArk platform
- Participate in development of a PAM Center of Excellence. Provide knowledge transfer and support activities to operations teams as necessary.
- Constantly assess and identify known vulnerabilities, assess potential impact, develop remediation approaches, and resolve the vulnerabilities.
What You'll Bring:
- Technical expertise in integrating identity and privileged access management software into heterogeneous infrastructure and application portfolio.
- Troubleshoots and guides others on a wide variety of complex problems and identifies solutions within broad application and functional expertise.
- Ability to influence business, IT, and information security peers and management in the decision-making process.
- Ability to explain complex technical detail and tradeoffs to non-technical associates.
- Critical thinker with decision-making and problem-solving capabilities.
- Ability to work in a team environment and to contribute to multiple projects at once.
- Excellent interpersonal and communication skills.
- Ability to communicate and interact with all levels of the organization, both in and outside of IT and Information Security.
- Ability to identify enhancement opportunities, develop processes, and present to the peer CyberArk engineers and leadership.
- PAM or Privileged Account Management: 5 years (Required)
- CyberArk: Minimum 7 years (Required)
- CyberArk Sentry and/or Guardian Certification: 2+ years
- Solid understanding of scripting and programming languages as well as software development methodologies
- Experience developing runbooks, procedures, and technical training materials
- Experience with security architecture, design, operational support
- Experience in information technology with an emphasis on SDLC, Agile, unit testing and scrum methodologies.
- Strong understanding of Identity Management processes and privileged access management best practices
- Experience defining roles and managing an enterprise RBAC hierarchy
- Bachelor’s degree or equivalent experience
Pay Range: $86180- $183,480 annually
This hiring range is a reasonable estimate of the base pay range for this position at the time of posting. Pay is based on a number of factors which may include job-related knowledge, skills, experience, business requirements and geographic location.