Senior CyberArk Infrastructure Security Engineer - Full-time / Part-time

It's an exciting time to be a member of the Fisher Investments Technology Department. We're investing in the future of our firm's technology and are building our team to achieve global growth. We are looking for a Senior CyberArk Security Engineer to support our Corporate Systems team. If you are looking for an opportunity to make a difference as we develop scalable and strategic solutions to support our global growth, we want to hear from you!

The Opportunity:

The Senior CyberArk Engineer/SME/Scripter implements, coordinates, migrates, and onboards all aspects and phases of the CyberArk's Privileged Access Management (PAM) on-prem and privilege cloud solution rollout, and CyberArk operational tasks. As part of the broader Infrastructure Operations & Security organization, you will participate in a versatile information security team, applying fundamental systems security understanding, skills and experience to maintain and operate complex information systems and security tools that satisfy organizational mission and our requirements, including partner protection needs and security requirements. You will report to the Vice President, Infrastructure Security.

The Day-to-Day:

• Onboard and provision users, store service accounts and password rotations, manage credentials, including those that are interactive, non-interactive, API-based
• Guide privileged access management programs to improve our broader security posture, demonstrated by metrics
• Lead the configuration, administration, and maintenance of CyberArk solution, including both the infrastructure and the application itself
• Oversee the relevant documentation and training required for privileged access management solutions and processes, including define and help develop policies and control standards
• Report progress and system health through metrics and KPIs that are risk-driven and operational in nature
• Addresses ticket queue and follow appropriate change management procedures
• Understand risk and make recommendations for enhancing systems security and processes
• Keep up on current security technologies and maintain awareness of industry trends and threats, and industry best practices, providing input focusing on IAM/PAM technologies, offer subject matter expertise where relevant

Your Qualifications:

• 5+ years of experience leading enterprise-wide privileged access management technology solution adoption across medium- to large-scale companies
• 5+ years of hands-on experience with CyberArk (CyberArk Cloud Platform, EPM, LCD, and CyberArk SaaS Cloud Base)
• 3+ years of experience as a systems engineer at a medium- to large-scale company in Financial Services
• 1+ years of hands-on experience with SailPoint
• Experience of Thycotic Secret Server, privilege manage, and connection server
• Experience with password repository technologies and remote session governance, specifically with the policies that govern target system platforms
• Excellent knowledge in IAM & PAM ecosystem (technology, standards, implementations, migration, and operational)
• Experience with privileged access management program, specifically familiar with CyberArk solutions (i.e., Core Privileged Access Security, Endpoint Privilege Manager Application Access Manager, Privileged Session Manager, Privileged Threat Analytics, Central Password Manager, Connectors)
• Strong experience in installing, upgrading, configuring, operating, and troubleshooting experience with CyberArk AAM (CCP, CP, ASCP), EPV, PVWA, CPM, PSM, HTML5 Gateway, PSMP, PTA (with various versions)
• Strong experience in DNA, Discovery scan and automate account onboarding process
• Knowledge in various application integration with CyberArk through CPM custom plugin
• Integration experience with SailPoint, Database, SCIM, AWS, GCP, Azure, or Paloalto
• Scripting knowledge, PACLI, PowerShell, Python, JavaScript, AutoIt, REST API
• Bachelor's degree in Information Assurance, Computer Science, Cybersecurity, Information Systems or related field
• Security industry certification (CISSP, SSCP, CISM, SANS GSEC, ECSA, ECSP, and Security+)
• CyberArk Certification (Defender and Sentry)

Why Fisher Investments:

We work for a bigger purpose: bettering the investment universe. We take great pride in our inclusive culture, our learning and development framework customized for every employee, and our Great Place to Work Certification. It's the people that make the Fisher purpose possible, and we invest in them by offering exceptional benefits like:

• 100% paid medical, dental and vision premiums for you and your qualifying dependents
• A 50% 401(k) match, up to the IRS maximum
• 20 days of PTO*, plus 10 paid holidays (*17 days of PTO and 3 days of sick time for California employees)
• Family Support programs including 8 weeks Paid Primary Caregiver leave, adoption assistance and back-up child care
• Opportunity to participate in our hybrid work from home test. This program is a pilot test and subject to change. Based on tenure and performance eligibility, you will have the opportunity to work from home up to 100 days per year

FISHER INVESTMENTS IS AN EQUAL OPPORTUNITY EMPLOYER