Privileged Access Management, CyberArk Engineer (Contractor - 9 Month)

Company Description

Experience something Brilliantly Different with a career at MUFG Investor Services.   

Who are we? In a nutshell, MUFG Investor Services is part of the Mitsubishi UFJ Financial Group, and we partner with over 480 loyal global investment firms to provide them with administration, asset services, banking and fund financing. 

We’re in 14 global locations and provide an exceptional hub of Brilliantly Different talent to thrive.  

#LI-Hybrid

Job Description

We are seeking a skilled and motivated CyberArk Engineer to join our Privileged Access Management (PAM) team. The successful candidate will play a crucial role in engineering, configuring and implementing CyberArk solutions to strengthen the organization’s security posture across its cloud-based infrastructure. This role involves working closely with the PAM lead to ensure the successful implementation of various CyberArk modules, including Privileged Cloud, Secure Infrastructure Access, Secure Cloud Access, Conjur, Endpoint Privileged Management, and Workforce Password Management and supporting both business-as-usual (BAU) operations and user training initiatives.

As the organization operates fully in the cloud (AWS and Azure), the role will include the discovery, analysis, and onboarding of privileged accounts across the cloud estate to maintain compliance and security standards.

You Will:

CyberArk Engineering and Configuration:

• Engineer, configure and implement CyberArk solutions including:
• Privileged Cloud
• Secure Infrastructure access
• Secure Cloud Access for Azure and AWS Portal Console
• Conjur (Secrets Management)
• Endpoint Privileged Management (EPM)
• Workforce Password Management

Privileged Account Discovery and Onboarding:

• Perform comprehensive discovery of privileged accounts, credentials, and access points across AWS and Azure cloud environments.
• Develop strategies and implement processes for the secure onboarding of identified accounts into CyberArk, ensuring full compliance with organizational security policies.
• Establish and maintain account lifecycle management processes, including account rotations, monitoring, and de-provisioning.
• Implement auto discovery and onboarding of privileged accounts across the cloud estate (AWS and Azure) including endpoints and server credentials.
• Ensure proper documentation and tracking of privileged accounts.

Project Assistance and Implementation:

• Assist the PAM lead with all project activities related to CyberArk implementation including project planning, execution, and monitoring tasks to ensure timely delivery.
• Collaborate with cross-functional teams to integrate CyberArk solutions with existing systems and processes.
• Support the change and request process to represent upcoming changes in production

Security and Compliance:

• Ensure CyberArk configurations comply with security policies and standards.
• Conduct regular SOC IAM audits and assessments to identify and mitigate security risks.
• Implement security policies and controls as defined by the organization's security framework.
• Support the integration of CyberArk with other security and IT systems such as SIEM
• Provide support during security incidents and investigations involving privileged accounts.

Training and Support:

• Assist in developing and delivering training programs for end users and internal teams on CyberArk tools, features, and best practices.
• Provide hands-on guidance to users for secure password management, privileged session management, and other PAM-related activities.
• Collaborate with the PAM Lead to document and share lessons

System support, maintenance and monitoring:

• Provide ongoing BAU support for CyberArk solutions, ensuring high availability, performance, and adherence to security policies.
• Monitor the health and performance of CyberArk systems and components.
• Perform regular maintenance tasks, such as patching, upgrades, and backups.
• Ensure the continuous availability and reliability of CyberArk services
• Develop, maintain and update documentation for CyberArk configurations, integrations, and processes including standard operating procedures and best practices.

Troubleshooting and issue resolution:

• Diagnose and resolve complex, critical, and sensitive support issues related to CyberArk solutions.
• Monitor, troubleshoot, and resolve issues related to CyberArk modules, including incident response and root cause analysis
• Provide support through various channels, including phone, email, and remote session
• Collaborate with internal teams to escalate and resolve critical issues efficiently

#LI-Hybrid

Qualifications

You Have:

• A Bachelor's degree in Computer Science, Information Technology, or a related field.
• A CyberArk certification (e.g., CyberArk Certified Delivery Engineer or CyberArk Sentry).
• Experience with other PAM/IAM solutions and security tools
• Demonstrated knowledge of regulatory compliance requirements (e.g., GDPR, SOC).

Skills and Experience:

• Proven experience in CyberArk engineering and configuration.
• Strong understanding of privileged access management principles and best practices.
• Experience with cloud platforms, particularly AWS and Azure.
• Familiarity with CyberArk Conjur, Endpoint Privileged Management, and Workforce Password Management.
• Excellent problem-solving skills and attention to detail.
• Strong communication and collaboration skills.

Additional Information

What’s in it for you to join MUFG Investor Services?   

Take a look at our careers site and you’ll find everything you’d expect from a career with the fastest-growing business at one of the world’s largest financial groups. Now take another look. Because it’s how we defy expectations that really defines us. You’ll feel that difference in all kinds of ways.  Our vibrant CULTURE. Connected team. Love of innovation, laser client focus, and next-level LEARNING & DEVELOPMENT.  Oh, and we really walk the talk when it comes to HYBRID WORKING.     

So, why settle for the ordinary?  Apply now for a Brilliantly Different career.   

We thank all candidates for applying; however, only those proceeding to the interview stage will be contacted.

We are an equal opportunity employer.