Job
Description
Manager CyberArk Endpoint Privilege Manager (EPM) Results-driven CyberArk EPM Specialist with 7-10 years of hands-on experience in designing, implementing, and optimizing Endpoint Privilege Manager solutions. Proven track record of developing and managing EPM policies, configuring conditional access, and enabling Just-In-Time (JIT) access for global enterprise environments. Strong analytical thinking, ability to solve complex problems, troubleshooting mindset, user onboarding, and developing metrics/dashboard expertise. Experienced with Big 4 consulting engagements or delivering Cyber Ark security transformation projects for Fortune 500 clients is a plus. Experience Deployed and maintained CyberArk EPM environment with a focus on least privilege enforcement and endpoint protection Led EPM implementations for global clients, including developing and deploying custom EPM policies tailored to user personas and risk levels. Designed and configured Conditional Access Policies integrated with Azure AD and custom scripts to enforce context-based elevation rules. Spearheaded the onboarding of endpoints across Windows, Mac, and Linux platforms into CyberArk EPM. Implemented Just-in-Time elevation for admin tasks, significantly reducing standing privileges and lateral movement risks. Worked closely with SOC and IAM teams to ensure alignment with enterprise security policies and compliance standards. Assisted in the development of automation scripts and policy templates to streamline onboarding and policy rollout. Collaborated with GRC teams to document EPM controls for audit and compliance reporting. Conducted policy tuning sessions with application owners and end-users to reduce false positives and ensure productivity. Built real-time dashboards and weekly reporting metrics to track privileged activity, policy hits, exceptions, and threats. Acted as the primary escalation point for EPM-related troubleshooting, resolving issues within SLA targets. Provided EPM training and knowledge transfer to internal security and IT teams. Core Competencies EPM Policy Design & Deployment Conditional Access Configuration Just-In-Time (JIT) Access Enablement Application control and Whitelisting/Blacklisting Threat Protection and Endpoint hardening Security Dashboarding, Reporting & Metrics User Onboarding & Lifecycle Management Incident Response & Troubleshooting Scripting & Automation using PowerShell or Python Integration with SIEM, MDR and EDR Regulatory Compliance (NIST, HIPAA, ISO 27001) Cross-functional Collaboration (IT, SecOps, GRC) Education: Bachelor s degree in computer science. CyberArk Certified Delivery Engineer (CDE) certification is a plus. 7 10 years of IT security experience, with at least 5 years in CyberArk EPM Experience onboarding a wide range of privileged accounts (OS, DB, cloud, apps) Experience with Active Directory, LDAP, and MFA integration Experience with SCA-related scripting (PowerShell, Python, REST API)
