Senior CyberArk/PAM Engineer

Site: Mass General Brigham Incorporated

 

Mass General Brigham relies on a wide range of professionals, including doctors, nurses, business people, tech experts, researchers, and systems analysts to advance our mission. As a not-for-profit, we support patient care, research, teaching, and community service, striving to provide exceptional care. We believe that high-performing teams drive groundbreaking medical discoveries and invite all applicants to join us and experience what it means to be part of Mass General Brigham.

 

 

Job Summary

The Sr. CyberArk/PAM Engineer is responsible for designing, implementing, and optimizing privileged access management (PAM) solutions, with a focus on CyberArk. The role involves maintaining and enhancing security controls, identifying and mitigating vulnerabilities, and ensuring the effectiveness of PAM infrastructure. The engineer will work independently on complex projects, lead technical implementations, and coordinate across teams. Additionally, they will provide documentation, mentorship, and technical guidance to junior engineers.

 

Education & Certification:

Bachelor’s or Master’s degree in Computer Science or related field preferred; relevant certifications are a plus.

Principal Duties and Responsibilities:

• Owns and leads the design, implementation, and maintenance of specific PAM components.
• Acts as a technical lead, mentoring junior engineers and reviewing team contributions to ensure quality and best practices.
• Identifies and proposes innovative security solutions and technologies.
• Troubleshoots and resolves complex technical issues, including critical incidents.
• Collaborates with internal teams, vendors, and stakeholders to enhance solution effectiveness.
• Provides expert consulting support on PAM-related concerns across the organization.
• Participates in after-hours and on-call support as needed.
• Builds knowledge of Mass General Brigham systems, security policies, and service offerings.

Knowledge, Skills and Abilities

• Privileged Access Management: Strong hands-on experience with CyberArk solutions (PAM, SIA, SCA, SWS), including privileged access auditing and event monitoring using CyberArk or SIEM tools like Splunk.
• Cloud & Identity Management: Working knowledge of cloud platforms (Azure, AWS, GCP) for secrets management, and enterprise IAM tools such as Okta and Microsoft Entra, with understanding of authentication protocols (SAML, OAuth, OIDC).
• Systems & Directory Services: Proficient with Windows and Linux environments, Microsoft Active Directory (on-prem and Azure AD), Group Policy, and LDAP-based directory services.
• Communication & Collaboration: Strong communicator with the ability to engage all levels of technical and business stakeholders using tools like Microsoft Teams, email, and in-person interaction.
• Work Ethic & Problem-Solving: Self-driven, organized team player with strong troubleshooting skills and the ability to work independently or collaboratively to resolve complex issues.
• Process Knowledge: Familiarity with IT service management frameworks like ITIL.

 

• M-F Eastern Business Hours required
• Hybrid Onsite Flexible working model required weekly includes onsite in office (1-2 days per week weekly, must be flexible for business needs)
• Remote working days require stable, secure, quiet, compliant working station

 

Hybrid

 

399 Revolution Drive

 

40

 

Regular

 

Day (United States of America)

Pay Range

$92,102.40 - $134,056.00/Annual

Grade

7
At Mass General Brigham, we believe in recognizing and rewarding the unique value each team member brings to our organization. Our approach to determining base pay is comprehensive, and any offer extended will take into account your skills, relevant experience if applicable, education, certifications and other essential factors. The base pay information provided offers an estimate based on the minimum job qualifications; however, it does not encompass all elements contributing to your total compensation package. In addition to competitive base pay, we offer comprehensive benefits, career advancement opportunities, differentials, premiums and bonuses as applicable and recognition programs designed to celebrate your contributions and support your professional growth. We invite you to apply, and our Talent Acquisition team will provide an overview of your potential compensation and benefits package.
Mass General Brigham Incorporated is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, national origin, sex, age, gender identity, disability, sexual orientation, military service, genetic information, and/or other status protected under law. We will ensure that all individuals with a disability are provided a reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. To ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Veteran’s Readjustment Act of 1974, and Title I of the Americans with Disabilities Act of 1990, applicants who require accommodation in the job application process may contact Human Resources at (857)-282-7642.

 

Mass General Brigham Competency Framework