Privileged Access Management (PAM) Engineer - CyberArk Specialist | Cross-Border Banking and Markets Leader

[Up to c. $150k Base Salary + Discretionary Bonus | Hybrid Working]Role OverviewWe’re supporting a global financial institution as it continues to build out its internal identity security engineering capability. This position sits within a small, high-impact core PAM engineering team and forms part of a broader strategy to reduce reliance on external consultants and bring critical expertise in-house. This is a deeply hands-on engineering role focused on Privileged Access Management, with CyberArk at the centre. You’ll take ownership of day-to-day platform engineering, onboarding, and optimisation, while contributing to the long-term stability and scalability of the PAM environment. The role is well-suited to someone who enjoys operating at a practical level while having the opportunity to influence how the platform evolves over time...Key ResponsibilitiesDeliver hands-on engineering across the CyberArk platform, ensuring it is secure, stable, and operating effectivelyConfigure, maintain, and optimise core CyberArk components, including vault performance and platform reliabilityBring new applications, systems, and service accounts into the PAM environment, ensuring secure onboarding and minimal operational disruptionEnhance and refine credential lifecycle processes, including rotation, reconciliation, and exception handlingImprove platform performance through vault tuning, configuration adjustments, and ongoing optimisation workBuild scripts and automation to support reporting, onboarding, and operational efficiency across the PAM estateInvestigate and resolve platform issues, identifying root causes and implementing long-term fixesIntegrate CyberArk with surrounding systems such as directory services, IAM tooling, and service management platformsSupport audit and control processes, including evidence generation and interaction with audit stakeholdersCollaborate with engineering, security, and application teams to gather requirements and deliver PAM solutionsContribute to platform enhancements, including exploration of automation-led improvements (e.g. AI-assisted operational workflows)Act as a go-to technical specialist for privileged access management within the organisationWhat You’ll Bring…6-10 years’ experience in IAM, security engineering, or infrastructure security rolesStrong recent focus on CyberArk, with at least 3-5 years of hands-on, day-to-day platform ownershipProven experience delivering end-to-end CyberArk engineering, including onboarding, configuration, and optimisationExperience integrating CyberArk with enterprise systems such as Active Directory, IAM tools, or ITSM platformsDeep understanding of privileged account lifecycle management across enterprise environmentsExperience improving vault performance, stability, and operational reliabilityPractical experience building automation (e.g. scripting for reporting, onboarding, or platform operations)Strong familiarity with Windows, Linux/Unix, and service-based account environmentsUnderstanding of control frameworks and ability to support audit and compliance processesStrong troubleshooting capability, with a focus on root-cause resolution rather than surface fixesConfident communicator, able to engage both technical teams and senior stakeholders(Preferred) Experience with additional PAM or secrets management solutions(Preferred) Exposure to cloud-based access controls (AWS, Azure, GCP)...