CyberArk SCA/SIA Engineer - CyberArk SaaS | Azure | AWS | Remote/London
We are supporting a major CyberArk SaaS Privileged Access Management (PAM) transformation programme for one of the world's leading financial markets organisations.
As part of a large-scale cloud security initiative, we are looking for experienced CyberArk SCA/SIA Engineers with recent, hands-on experience implementing CyberArk SaaS technologies across Azure and AWS environments.
This is a fantastic opportunity to work on a next-generation CyberArk Identity Security Platform deployment, delivering modern privileged access capabilities across a complex enterprise cloud estate.
Key Responsibilities
- Build and support CyberArk Secure Cloud Access (SCA) for Azure and AWS
- Implement Secure Infrastructure Access (SIA) for Windows and Linux platforms
- Configure Just-in-Time (JIT) and Zero Standing Privilege (ZSP) access models
- Implement privileged access policies, credential vaulting and session management
- Configure CyberArk Identity and approval workflows
- Support Privilege Cloud onboarding, credential management and Secrets Rotation Service (SRS)
- Configure Secure Web Sessions (SWS) for browser-based privileged access
- Integrate CyberArk with Microsoft Entra ID, ServiceNow and enterprise identity platforms
- Develop automation using Terraform, APIs and CI/CD pipelines where appropriate
- Produce design documentation, onboarding standards, runbooks and operational procedures
- Work closely with Cloud, Security and Infrastructure teams to deliver production-ready PAM services
Essential Skills
- Recent, hands-on experience implementing CyberArk Secure Cloud Access (SCA)
- Recent, hands-on experience implementing CyberArk Secure Infrastructure Access (SIA)
- Strong experience with CyberArk SaaS/Privilege Cloud
- Experience configuring privileged access across Azure and/or AWS
- Knowledge of Just-in-Time (JIT), Zero Standing Privilege (ZSP) and least privilege access models
- Experience with RDP, SSH and privileged infrastructure access
- Experience integrating CyberArk with Entra ID and ServiceNow
- Experience with approval workflows and privileged access governance
- Strong understanding of credential life cycle management and password rotation
Highly Desirable
- Experience with Secure Web Sessions (SWS)
- Experience with Secrets Rotation Service (SRS)
- Experience with CyberArk Identity and Identity Flows
- Terraform and API-driven automation
- DevSecOps and CI/CD integration
- Kubernetes privileged access
- Experience within banking, financial services or other highly regulated environments
Certifications
CyberArk certifications such as Defender, Sentry or Guardian are highly desirable.
Additional Information
- Inside IR35
- Contract until the end of the year with strong potential for extension
- Immediate start
- Remote, hybrid and onsite working options available (London preferred)
- Working on one of the UK's largest CyberArk SaaS transformation programmes
Excellent day rate available. We are prepared to pay a premium for candidates who can demonstrate recent, hands-on production experience implementing CyberArk SCA/SIA and the associated CyberArk SaaS technologies.
If you have genuine, production-level experience implementing CyberArk SCA/SIA technologies and are looking to work on a high-profile enterprise security programme, please get in touch.