We are currently seeking a privilege access management specialist with deep level expertise in CyberArk, and enterprise experience with Active Directory and Cloud PAM Solutions. As a key member of the UMG Technical team, the Sr CyberArk Engineer is responsible to ensure our CyberArk environment functions at peak technical efficiency across UMG's diverse global environment. You will be a team player working to expand and mature the integration of our CyberArk solution with our enterprise applications, dev-ops, implementation, day-to-day administration, and operations teams. As a senior member of the team, you will be comfortable in a global fast-paced environment, adjusting to changing priorities and schedules, be accountable to successfully balance support and project work, and mentor other team members as required.
In addition to having strong technical skills, you must be comfortable in effectively communicating with business end users, technical IT teams, business partners, network providers, and business process outsourced vendors, all while being sensitive to a wide diversity of cultural and technical backgrounds in a global business environment.
How you'll CREATE:
• Using your expertise in CyberArk and background in identity and privilege access management, evaluate/update and make recommendation for UMG's CyberArk installation.
• Review, update, install, and train others on the features and best practices of CyberArk, creating a secure, sustainable, and highly automated environment that meets UMG's requirements across all on-prem and cloud-based footprints.
• Working with the team, identify the tools and techniques to translate UMG needs and future goals into a plan that will enable secure and effective solutions.
• Apply expertise in the installation and configuration of the CyberArk platform, including conducting routine solution maintenance, monitoring the health of the platform, and conducting daily proactive monitoring of the CyberArk production environment.
• Automate processes across the CyberArk products
• Monitor CyberArk and support any break/fix, upgrades, patches, and performance or integration related issues.
• Create automated periodic reports as required, and address any discrepancies found.
• Support critical CyberArk functions, including maintenance, patch identification and publication, and upgrades of CyberArk and related modules.
• Maintain responsibility for privilege user incident management support, user acceptance testing of privilege accounts, load testing, performance testing, and validation testing of the CyberArk solution.
• Maintain & support CyberArk on a daily basis, troubleshooting Vault, CPM, PTA, PSM/PSMP, PVWA, LCD/EPM issues as required.
• Resolution of trouble tickets including password rotations, password malfunctions, account creations, account changes, scheduling.
• Installation of CyberArk vault including multiple CPMs, PVWAs, and as built documentation
• Collaborate to define access control, user entitlements, and user access policy management
• Collaborate to develop, execute and be accountable for overall project plan and timelines for key CyberArk program deliverables.
• Work with development teams on integration with UMG's PAM solutions
Bring your VIBE:
• CyberArk Expertise
• CyberArk administration, configuration, implementations, designs, and troubleshooting
• Minimum of 7-10 years directly related experience in CyberArk toolset, including Vault, CPM, PVWA, PSM, and PTA
• Experience in Privileged Account Management with CyberArk PIM Administration
• Extensive experience in implementation and integration of Cyber-Ark's Privileged Identity Management (PIM) Suite
• Advanced experience with script development (PowerShell/Python preferred)
• Experience with PAM tasks – Defining Access Control, User Entitlements, Manage Applications Credentials, User Access Policy Management.
• Able to work with confidential and sensitive information, maintaining confidentiality.
• A high level of technical ability for diagnosis, troubleshooting and problem analysis with the ability to clearly communicate the results of problem analysis to business stakeholders, IT support teams, and network providers to quickly and effectively resolve issues.
• Technical competence in the following:
• PAM & PIM via CyberArk product suite
• CyberArk Administration/Development
• Security protocols such as LDAP-S, SAML, WS-Federation, SCIM, OAuth, and OIDC
• Component services & areas: domain design, DDNS, DHCP, Directory Services including directory services replication/synchronization, Kerberos, Active Directory compliance for Schema Extensions, DEA (Directory Enabled Applications), LDAP-S, AD integration security, federation services and Forest system context management for application services
• Azure AD, PAM/PIM, AAD P2
• Cloud entitlement management solutions such as Saviynt and Cyberark, in addition to AWS, GCP, and Azure options
• Adept at scripting in Python, PowerShell and/or one or more additional scripting languages
• Demonstrated current work experience engineering, customizing, and integrating IAM solutions such as Azure Active Directory, Duo, MIM, CyberArk, Duo, Okta, and Sailpoint/Saviynt
• Demonstrated organizational skills, attention to detail and ability to work both independently and as part of a team. As a senior member of the team, ability to work unsupervised, prioritize own workload, and mentor other team members as required is essential
• Comfortable in a global fast-paced enterprise team environment, with ability to adjust to changing priorities and schedules, and balance support and project work
• Customer service driven/focused with a proactive and positive can-do approach, demonstrating effective communication with multiple internal/external stakeholders in a global business environment
• Bachelor's Degree in Computer Science, Engineering, Network Security or related field
• Demonstrated excellent technical writing skills and project/program management experience
• IT Certifications including CyberArk Sentry/Guardian, Microsoft Certification specialization in Identity Management, CISSP, AWS, GCP, and ITIL v3 Foundations certifications
• International experience beneficial; multiple language skills a plus
• Be part of an entrepreneurial, global organization that values authenticity, drive, creativity, relationships, and a competitive spirit
• Comprehensive medical, dental, vision, and FSA options, as well as:
• 100% coverage for out-patient mental health services
• Wellbeing reimbursements for fitness classes, spa treatments, meal services, travel, and so much more (up to $720/year)
• A lifetime fertility support allowance of $30,000 to plan participants
• Student Loan Repayment Assistance and Tuition Reimbursement
• 100% immediately vested 401(k) match on the first 5% of your contribution on eligible compensation
• Variety of ways to prioritize much-needed time away from work including:
• Flexible Paid Time Off (PTO) for exempt employees
• 3-weeks PTO for non-exempt employees
• 2-weeks paid Winter Break
• 10 Paid Holidays (including Juneteenth and Wellbeing Day)
• Summer Fridays (between Memorial Day and Labor Day)
• Generous paid parental leave for every type of parent
Disclaimer: This job description only provides an overview of job responsibilities that are subject to change.
All UMG employees are currently req
Jobcode: Reference SBJ-d83eo6-3-239-6-58-42 in your application.