Role Summary
The CyberArk EPM Engineer is responsible for designing, implementing, and managing least-privilege access controls on endpoints across enterprise environments. This role focuses on application control, privilege elevation, endpoint hardening, and threat reduction, while ensuring business continuity and regulatory compliance in cloud and hybrid environments. This role also requires experience as a CrowdStrike admin.
Key Responsibilities
CyberArk EPM Administration
• Deploy, configure, and maintain CyberArk Endpoint Privilege Manager (EPM) in cloud and hybrid environments.
• Manage EPM policies, application groups, sets, and rules to enforce least-privilege access.
• Handle application onboarding (browsers, Office apps, Citrix, development tools, PowerShell, CMD, installers, etc.).
Handle CrowdStrike Admin platform for configuring, onboarding and troubleshooting.
Policy & Privilege Management
• Design Just-In-Time (JIT) and time-bound elevation policies.
• Implement parent–child process control, command-line restrictions, and file reputation–based rules.
• Troubleshoot blocked applications and failed elevation requests using EPM logs and audit trails.
Identity & Access Integration
• Integrate CyberArk EPM with Microsoft Entra ID (Azure AD) for user and group-based policy enforcement.
• Map Entra ID groups to EPM policy rules for role-based privilege access.
• Support SSO-based elevation workflows where applicable.
Monitoring, Logging & Integrations
• Integrate CyberArk EPM with SIEM/SOAR platforms such as Microsoft Sentinel, Splunk, or QRadar.
• Analyze elevation events, blocked executions, and anomaly patterns.
• Generate weekly/monthly reports on policy usage, elevation trends, and security posture.