Principal Engineer, Privileged Access Management

Job description

Join New Era Technology, where _People First_ is at the heart of everything we do. With a global team of over 4,500 professionals, we’re committed to creating a workplace where everyone feels valued, empowered, and inspired to grow. Our mission is to securely connect people, places, and information with end-to-end technology solutions at scale.

At New Era, you’ll join a team-oriented culture that prioritizes your personal and professional development. Work alongside industry-certified experts, access continuous training, and enjoy competitive benefits. Driven by values like Community, Integrity, Agility, and Commitment, we nurture our people to deliver exceptional customer service.

If you want to make an impact in a supportive, growth-oriented environment, New Era is the place for you. Apply today and help us shape the future of work—together.

Company Summary

Principal Engineer for Privileged Access Management (PAM) will be a key technical subject matter expert and a member of a diversified team of security technology professionals. In this role, you will be working as a hands-on security expert in PAM. The technologies you would be primarily responsible for - Privileged Access Management, Vaulting solutions, Credentials rotation, Active Directory Security, etc. You will have the opportunity to work with cutting-edge technologies to tackle advanced security threats in a collaborative, agile environment.

Job Summary

The Principal Engineer for PAM is responsible for designing, developing, and implementing security architecture and solutions, ensuring secure privileged identity management across the enterprise. This role combines deep technical expertise with strategic leadership, collaboration with cross-functional teams to enforce Zero Trust, least privilege and regulatory compliance.

The Ideal Candidate

• You have proven experience in Information Security with expertise in PAM solutions (CyberArk) and Active Directory.
• You have deep technical knowledge of authentication protocols, access controls, session recordings and credentials rotation.
• You have strong communication, customer service orientation, and leadership abilities.
• You have proven experience leading PAM programs, including Zero Trust implementation.

Essential Duties and Responsibilities

• Design, develop, configure, and customize CyberArk as per organization security policies and requirements
• Define access models, safe/vault structures, credential policies and session control strategies.
• Install, configure, and manage CyberArk privileged cloud and associated components – CyberArk Vault, Central Policy Manager (CPM) , Privileged Session Manager (PSM), Credential Provider (CP), Password Vault Web Access (PVWA) , Endpoint Privilege Manager (EPM) and Privileged Threat Analytics (PTA)
• Onboard privileged accounts and rotate credentials across various platforms (Windows, Linux, DBs, Network devices, Azure cloud)
• Develop custom connectors, plug ins and drive automation through API scripting (REST, PowerShell and/or Python)
• Integrate CyberArk with Active Directory, Azure AD, IGA platforms (SailPoint, One Identity), ITSM tools (ServiceNow), SIEM (DEVO) and cloud platforms
• Collaborate with stakeholders to translate security and risk management requirements into business-aligned solutions.
• Troubleshoot and resolve issues related to privileged access
• Provide input on process improvements, best practices, and automation to enhance PAM efficiency
• Conduct unit testing, integration testing, and UAT for CyberArk implementations and enhancements
• Prepare and maintain technical documentation, including design documents, SOPs, and user guides.
• Lead transformation workshops across security, network, application, authentication, and Enterprise Architecture teams to implement next-gen Zero Trust models.
• Drive remediation of identified security risks and control deficiencies.
• Provide hands-on technical support, including after-hours availability when needed.
• Participate in application projects and change management committees, ensuring security-by-design principles

Qualifications

• Bachelor’s degree, or higher education with preferable focus in area with Information Technology, and/or a minimum of 8 years of experience in Information Security.
• 5+ Hands-on experience with CyberArk PAM suite - CyberArk Vault, Central Policy Manager (CPM) , Privileged Session Manager (PSM), Credential Provider (CP), Password Vault Web Access (PVWA) , Endpoint Privilege Manager (EPM) and Privileged Threat Analytics (PTA), Active Directory and Azure AD.
• 5+ years of experience in JavaScript, Java, TypeScript, SQL, or Python
• Strong knowledge of Windows, Linux, Databases, authentication, security protocols and secrets management
• Expertise in Zero Trust architecture and Defense-in-Depth security models.
• Experience with cloud security, particularly Azure.
• Familiarity with security frameworks (CIS, NIST CSF) for risk management and security design.
• Cybersecurity certifications (Security+, CISSP, CISM, CCSP) and/or CyberArk certifications preferred.

Below is the pay range of this position for considered candidates based on qualifications and experience.

Pay Range

$65—$70 USD

New Era Technology, Inc., and its subsidiaries (“New Era” “we”, “us”, or “our”) in its operating regions worldwide are committed to respecting your privacy and recognize the need for appropriate protection and management of any Personal Data that you may provide us. In this, we are also committed to providing you with a positive experience on our websites and while using our products, services and solutions (“Solutions”).

View our Privacy Policy here https://www.neweratech.com/us/privacy-policy/