Description:
The CyberArk IAM Analyst works at the intersection of security operations, access governance, and business enablement, supporting privileged credential provisioning, lifecycle management, and compliance across enterprise platforms.
The Opportunity
- Hybrid: In office/remote
- Privileged Access & Credential Management
- Provision, modify, and decommission privileged credentials across enterprise platforms including Active Directory, Windows, Unix/Linux, Databases, and Applications
- Onboard and manage privileged accounts into the CyberArk Privileged Access Suite, including:
- Enterprise Password Vault (EPV)
- Password Vault Web Access (PVWA)
- Central Password Manager (CPM)
- Privileged Session Manager (PSM)
- Perform safe creation, policy configuration, and access reviews within CyberArk
- IAM Operations & Controls
- Execute add / remove / change access requests in alignment with bank IAM policies and security standards
- Review and validate privileged users, groups, and access entitlements on a periodic basis
- Ensure ongoing compliance with Identity & Access Management controls, audit requirements, and internal security standards
- Support access recertification, audits, and control attestations
- Stakeholder & Request Management
- Act as a key point of contact for access-related requests from application teams, infrastructure teams, and security stakeholders
- Work closely with requestors to gather requirements, validate approvals, and ensure successful onboarding
- Prioritize and manage requests based on risk, urgency, and business impact
- Communicate clearly with stakeholders regarding request status, issues, and remediation steps
- Risk, Audit & Governance Support
- Support internal and external security audits, risk assessments, and compliance reviews
- Assist with documentation of IAM processes, procedures, and control evidence
- Identify gaps in access controls and recommend remediation actions
- Ensure alignment with bank policies, regulatory expectations, and industry best practices
This position description identifies the responsibilities and tasks typically associated with the performance of the position. Other relevant essential functions may be required.
What You Need
- Core IAM / CyberArk Experience
- Hands-on experience with CyberArk Privileged Access Management, particularly:
- Credential onboarding and lifecycle management
- Safe creation and access configuration
- PVWA, CPM, and PSM operations
- Strong understanding of privileged access provisioning and access governance
- Working knowledge of enterprise platforms:
- Active Directory
- Windows & Unix/Linux
- Databases and application service accounts
- Understanding of authentication, authorization, and access control concepts
- Solid understanding of the Identity & Access Management lifecycle
- Familiarity with security and technology standards across infrastructure and applications
- Experience operating within financial services or regulated environments is highly preferred
- Strong analytical mindset with the ability to research, assess, and resolve access-related issues
- Ability to interpret policies, requirements, and approvals and translate them into technical actions
- Detail-oriented with a strong focus on accuracy, controls, and compliance
- Strong written and verbal communication skills
- Comfortable working with both technical teams and non-technical stakeholders
- Proactive, organized, and capable of working independently while supporting multiple request streams
- Nice-to-Have / Preferred:
- CyberArk Trustee or related certification
- Experience supporting audits, access reviews, or compliance initiatives
- Familiarity with PowerShell or scripting (supporting / operational level)
- Exposure to endpoint or security tooling (helpful but not core to the role)