PAM Engineer

Role: CyberArk PAM Administration

Location: Hyderabad

Type: Fulltime

Experience: 7+ Years

Must have: upgrades, monitoring, trouble shooting

Roles and Responsibilities:

Technical Skills:

The CyberArk Administrator is responsible for day-to-day operational monitoring, account provisioning, access troubleshooting, complex account onboarding, policy tuning, platform creation/modification, system troubleshooting , security governance, platform expansion, automation and execution of runbook-defined BAU activities in the CyberArk PAM environment. L1 is the first line of defense ensuring system availability, password rotation success, and handling basic service requests.

Monitor CyberArk Dashboard and PVWA (Password Vault Web Access) health.

Check Vault, CPM service availability and alert dashboards.

Review and resolve password rotation failures (via CPM logs).

Perform onboarding/offboarding of privileged accounts following runbook steps.

Validate user access provisioning (Safe membership, platform mapping).

Handle user requests password retrieval errors, access unlocks, Safe access issues.

Validate system backups and CPM job completion.

Reconcile orphan accounts and validate platform compliance.

Perform Safe permission audits and share reports

Test vault connectivity from integrated servers and devices..

Track recurring password rotation issues

Repeated password rotation failures not resolvable via standard runbook.

CPM, PVWA, or PSM service failures.

Integration or platform issues needing script or configuration changes.

Perform advanced troubleshooting (Vault/CPM/PSM logs, policy validation).

Manage CPM platforms create/modify platform settings and plugin parameters.

Handle user and application onboarding, Safe structuring, and group-based access control.

Execute and test password management for custom applications and devices.

Monitor and maintain integration with AD, ticketing tools, and SIEM systems.

Support periodic password change jobs, rotation exceptions, and platform tuning.

Manage onboarding of new applications, servers, and privileged accounts.

Coordinate with InfoSec and application teams for policy compliance.

Develop scripts for automation of onboarding or health monitoring.

Support audit and evidence collection

Oversee all P1/P2 incidents and perform RCA.

Lead platform architecture design and optimization.

Approve and review configuration changes and new integrations.

Manage high-severity vault or PSM/CPM service issues.

Mentor L1/L2 teams; conduct technical knowledge transfer sessions.

Monitor performance and resource usage (Vault sizing, CPM load, etc.).

Plan and implement CyberArk upgrades, patch management, and DR drills.

Review PAM architecture for scalability, redundancy, and compliance.

Drive automation through API-based integrations or DevOps pipelines.

Define and maintain CyberArk security policies and standards.

Conduct internal and external audit readiness reviews.