Role Overview

This role leads the strategy, engineering, and lifecycle management of enterprise privileged access and machine identity security platforms within a global Identity and Access Management (IAM) organization. Operating within a product operating model, you will own the Privileged Access Management (PAM) and Non-Human Identity (NHI) security platforms end-to-end, including strategy, roadmap, architecture, engineering delivery, resilience, governance, and security posture management.

Success requires deep expertise in CyberArk platform architecture, privileged identity governance, credential vaulting, session monitoring, secrets management, and modern identity security models such as just-in-time access and automated machine identity governance.

Responsibilities

Leadership & Strategy

Own the strategic direction and roadmap for enterprise PAM and NHI platforms, aligned with Zero Trust, identity security, and cyber defense initiatives.
Drive adoption of PAM and NHI capabilities across infrastructure, applications, cloud platforms, and DevOps environments.
Manage platform backlog, engineering priorities, and delivery outcomes within an agile framework.

Platform Engineering & Governance

Lead engineering and operational oversight of the enterprise CyberArk PAM platform, including upgrades, security patching, and disaster recovery.
Implement modern privileged access controls such as least privilege, just-in-time elevation, and session monitoring.
Define enterprise standards for privileged role definitions, boundaries, and administrative access models to eliminate shared credentials and standing access.
Establish governance frameworks for non-human identities (NHI) including service accounts, API credentials, and workload identities.
Implement automated credential rotation and secrets governance for automation frameworks and DevOps pipelines.

Security & Integration

Identify and onboard unmanaged privileged accounts across hybrid environments using automated discovery.
Integrate PAM and NHI capabilities with Microsoft Entra ID (PIM) and other cloud identity platforms.
Partner with the SOC and Cyber Defense teams to detect and respond to identity-based threats and investigate credential misuse.
Ensure PAM and NHI controls align with enterprise governance frameworks and support SOX compliance.
Drive automation across privileged access workflows and credential lifecycle management.

Required Qualifications

Bachelor's degree in Computer Science, Cybersecurity, or a related field.
15+ years of experience in Identity and Access Management.
10+ years of experience implementing and managing enterprise Privileged Access Management platforms, specifically CyberArk.
Experience managing non-human identities including service accounts, application identities, and machine credentials.
Proven track record securing privileged access across hybrid infrastructure, cloud platforms, and application environments.
Experience operating within a product operating model, including ownership of platform roadmaps and engineering delivery.
Strong leadership skills with the ability to mentor technical teams and engage with executive leadership.

Preferred Qualifications

CyberArk certifications such as Defender, Sentry, or Guardian.
Professional certifications such as CISSP, CISM, or CCSP.
Microsoft security or identity certifications.

Benefits

Participation in a competitive bonus program.
Retirement support including a 401(k) structure with up to 9% in company contributions (4.5% basic plus 4.5% match).
Comprehensive medical carrier options with 100% in-network preventive care.
Company-paid basic life insurance and short-term disability.
Global parental-leave standard supporting birth, adoptive, and foster parents.
Adoption and surrogacy assistance, childcare discounts, and an Employee Assistance Program.
Wellness and family support programs, paid leave, and education-related programs.

Travel: Periodic travel (up to 10%) may be necessary for key meetings or team collaboration.

Product Owner & Head of IAM Privileged Access Management Services