Haystack
← Back to Jobs
Other

CyberArk Endpoint Privilege Manager (EPM) Architect in Sanjose, CA

Mergen IT LLCSan Jose, CA🇺🇸United StatesPosted 14 Jul 2026

Quick Overview

Work Type
Hybrid
Level
Mid Senior

Job Description

Role: CyberArk Endpoint Privilege Manager (EPM) Architect 

Location: Sanjose, CA

Duration: 12+ Months Contact

 

Description

  • Architect, deploy, and configure CyberArk EPM across enterprise Windows and macOS environments.
  • Lead end to end migration of CyberArk EPM policies, configurations, application groups, and rule sets from one environment/tenant to another.
  • Design and implement application control, privilege elevation, and least privilege strategies.
  • Develop, optimize, and troubleshoot EPM policies, trusted applications, and elevation rules.
  • Integrate CyberArk EPM with enterprise identity, security, and endpoint management platforms (Microsoft Intune, MECM/SCCM, SentinelOne, SIEM, etc.).
  • Automate deployment, policy management, and migration activities using PowerShell and REST APIs.
  • Perform architecture reviews, health assessments, and recommend best practices for performance, scalability, and security.
  • Collaborate with security, infrastructure, desktop engineering, and application teams throughout implementation and migration projects.
  • Create technical documentation, migration runbooks, and operational procedures.
  • Provide Level 3/4 technical support and mentor engineering teams.
  • 8+ years of endpoint security experience with 4+ years of hands on CyberArk EPM architecture and implementation.
  • Proven experience deploying CyberArk EPM in large enterprise environments.
  • Strong experience migrating CyberArk EPM from one tenant/environment to another, including policy and configuration migration.
  • Deep understanding of application control, privilege management, allow/block rules, elevation policies, and sub process elevation.
  • Strong PowerShell scripting and API automation experience.
  • Experience with Microsoft Intune, MECM/SCCM, Active Directory, Entra ID, Windows security, and endpoint management.
  • Strong troubleshooting, communication, documentation, and stakeholder management skills.
  • CyberArk certifications (EPM, Defender, Sentry, or Guardian).
  • Experience with enterprise transformation, Zero Trust, and Privileged Access Management (PAM) initiatives.

Experience integrating EPM with SIEM, EDR/XDR, and ITSM platforms.

Skills

Active Directory
PowerShell
REST
Stakeholder Management
Technical Support
Zero Trust

Similar jobs