CYBERARK ENGINEER III
Job Overview
Role Summary
The CyberArk EPM Engineer is responsible for designing, implementing, and managing least-privilege access controls on endpoints across enterprise environments. This role focuses on application control, privilege elevation, endpoint hardening, and threat reduction, while ensuring business continuity and regulatory compliance in cloud and hybrid environments. This role also requires experience as a CrowdStrike admin.
Key Responsibilities
CyberArk EPM Administration
• Deploy, configure, and maintain CyberArk Endpoint Privilege Manager (EPM) in cloud and hybrid environments.
• Manage EPM policies, application groups, sets, and rules to enforce least-privilege access.
• Handle application onboarding (browsers, Office apps, Citrix, development tools, PowerShell, CMD, installers, etc.).
Handle CrowdStrike Admin platform for configuring, onboarding and troubleshooting.
Policy & Privilege Management
• Design Just-In-Time (JIT) and time-bound elevation policies.
• Implement parent–child process control, command-line restrictions, and file reputation–based rules.
• Troubleshoot blocked applications and failed elevation requests using EPM logs and audit trails.
Identity & Access Integration
• Integrate CyberArk EPM with Microsoft Entra ID (Azure AD) for user and group-based policy enforcement.
• Map Entra ID groups to EPM policy rules for role-based privilege access.
• Support SSO-based elevation workflows where applicable.
Monitoring, Logging & Integrations
• Integrate CyberArk EPM with SIEM/SOAR platforms such as Microsoft Sentinel, Splunk, or QRadar.
• Analyze elevation events, blocked executions, and anomaly patterns.
• Generate weekly/monthly reports on policy usage, elevation trends, and security posture.
Role Summary
The CyberArk EPM Engineer is responsible for designing, implementing, and managing least-privilege access controls on endpoints across enterprise environments. This role focuses on application control, privilege elevation, endpoint hardening, and threat reduction, while ensuring business continuity and regulatory compliance in cloud and hybrid environments. This role also requires experience as a CrowdStrike admin.
Key Responsibilities
CyberArk EPM Administration
• Deploy, configure, and maintain CyberArk Endpoint Privilege Manager (EPM) in cloud and hybrid environments.
• Manage EPM policies, application groups, sets, and rules to enforce least-privilege access.
• Handle application onboarding (browsers, Office apps, Citrix, development tools, PowerShell, CMD, installers, etc.).
Handle CrowdStrike Admin platform for configuring, onboarding and troubleshooting.
Policy & Privilege Management
• Design Just-In-Time (JIT) and time-bound elevation policies.
• Implement parent–child process control, command-line restrictions, and file reputation–based rules.
• Troubleshoot blocked applications and failed elevation requests using EPM logs and audit trails.
Identity & Access Integration
• Integrate CyberArk EPM with Microsoft Entra ID (Azure AD) for user and group-based policy enforcement.
• Map Entra ID groups to EPM policy rules for role-based privilege access.
• Support SSO-based elevation workflows where applicable.
Monitoring, Logging & Integrations
• Integrate CyberArk EPM with SIEM/SOAR platforms such as Microsoft Sentinel, Splunk, or QRadar.
• Analyze elevation events, blocked executions, and anomaly patterns.
• Generate weekly/monthly reports on policy usage, elevation trends, and security posture.
Required Skills & Experience
- Technical Skills
- Strong hands-on experience with CyberArk Endpoint Privilege Manager (EPM).
- In-depth understanding of:
- Windows process execution & parent-child relationships
- PowerShell, CMD, MSI/EXE installers
- File reputation, hash, certificate, and path-based controls.
- Experience with Microsoft Entra ID (Azure AD) integration.
- Working knowledge of Windows OS internals and endpoint security controls.
- Familiarity with SIEM tools (Microsoft Sentinel, Splunk, etc.).
- Experience with Defender for Endpoint is a plus., CrowdStrike.
- Understanding of least privilege, endpoint hardening, and zero-trust principles.
Security & Tools