CyberArk PAM Engineer

Dragonfli Group is a cybersecurity and IT consulting firm providing services to federal agencies and Fortune 100 enterprises. Headquartered in Washington, DC, Dragonfli supports clients in securing mission-critical systems across on-site, hybrid, and fully remote environments.

We are seeking an experienced Privileged Access Management (PAM) Manager with deep CyberArk expertise to lead the design, implementation, and ongoing management of enterprise PAM solutions for a large commercial client. The ideal candidate brings 7+ years of IT industry experience, including at least 3 years of hands-on CyberArk implementation and project management across the full system development lifecycle. This role requires fluency across the CyberArk suite — including EPV, PVWA, CPM, PSM, PSMP, PTA, and related connectors — as well as broad experience with enterprise infrastructure including operating systems, application servers, and databases. The PAM Manager will own strategy and roadmap development, conduct architecture assessments, and serve as a subject matter expert guiding both technical teams and client stakeholders.

This is a contract position involving a large commercial enterprise. Candidates with previous consulting experience are preferred. U.S. Citizenship or Permanent Residency is required.

Responsibilities

• Lead the design, implementation, and deployment of CyberArk PAM solutions aligned with client requirements and industry best practices
• Develop and maintain PAM strategy and roadmap, including vendor assessments and capability evaluations of PAM technologies
• Conduct PAM architecture assessments and system audits to ensure alignment with industry guidelines, compliance requirements, and management-approved standards
• Establish and manage a continual service improvement plan focused on operational, process, and resource efficiency
• Identify and evaluate complex business and technology risks, internal controls that mitigate those risks, and opportunities for improvement
• Create and enforce strategies for secrets management, privileged account management, and session monitoring
• Partner with core PAM stakeholders to implement evolving processes and solutions
• Collaborate with business and technical partners to identify and scope PAM opportunities, quantify costs, and outline ROI, risks, and constraints
• Interpret and apply corporate security standards and baselines; develop and maintain cybersecurity policies
• Provide training and technical guidance to security operations teams, application owners, and IT staff
• Manage and mitigate risks associated with privileged accounts by enforcing least privilege principles
• Communicate technical and functional aspects of PAM solutions effectively to diverse, globally distributed teams
• Identify opportunities to improve engagement profitability

Must-Have Qualifications

• BA/BS degree in Computer Science, Cybersecurity, Information Security, Engineering, Information Technology, Finance, Business, or a related field
• 7+ years of industry experience developing, implementing, or architecting PAM solutions
• 3+ years managing projects through the full system development lifecycle for PAM solutions
• 3+ years of hands-on experience with CyberArk, including:
• Core Privileged Access Security
• Endpoint Privilege Manager (EPM)
• Application Access Manager (AAM)
• Enterprise Password Vault (EPV)
• Password Vault Web Access (PVWA)
• Central Policy Manager (CPM)
• Privileged Session Manager (PSM)
• Privileged Session Management Proxy (PSMP)
• Privileged Threat Analytics (PTA)
• CyberArk Connectors
• Hands-on experience with multiple operating systems, application servers, databases, and core infrastructure
• Experience developing PAM roadmaps and executing technology enhancements
• Experience interpreting and applying corporate security standards and developing cybersecurity policies
• Strong written and verbal communication skills across technical and non-technical audiences

Preferred Qualifications

• Previous consulting or Big 4 project management experience
• Active CISSP, CISM, or CISA certification
• Experience with cloud platforms (AWS, Azure, or Google Cloud Platform)
• Familiarity with SCIM and API authentication standards
• Experience across core IAM domains including Identity Governance and Administration (IGA) and Access Management (AM)

• PAM Platforms: CyberArk EPV, PVWA, CPM, PSM, PSMP, PTA, EPM, AAM
• Identity & Access Management: Privileged account lifecycle, least privilege enforcement, secrets management, session monitoring
• IAM Domains: Identity Governance & Administration (IGA), Access Management (AM)
• Infrastructure: Windows, Linux/Unix, application servers, relational databases
• Cloud: AWS, Microsoft Azure, Google Cloud Platform
• Security Frameworks: NIST, ISO 27001, SOC 2, or equivalent compliance and regulatory standards
• Integration & Protocols: SCIM, REST APIs, LDAP/Active Directory, SAML
• Project Management: Full SDLC, roadmap planning, stakeholder management, risk management
• Soft Skills: Executive communication, cross-functional collaboration, training and mentorship, global team coordination

• Insurance – health, dental, and vision
• Paid Time Off (PTO) and 11 Federal Holidays
• 401(k) with employer match