CyberArk Engineer (Sentry Certified)
Posted 2 days ago by Robert Half
£85 Per hour
Inside
Hybrid
London Area, United Kingdom
Summary: The CyberArk Engineer role involves hands-on responsibilities for running, maintaining, upgrading, and enhancing CyberArk within a major financial services organization. The position requires collaboration with internal teams to deliver changes across the platform and manage security vulnerabilities. This is a 6-month contract with potential for extension, based in London with hybrid working arrangements. The role requires CyberArk Sentry certification and experience in a regulated financial environment.
Key Responsibilities:
- Plan, test, and deliver CyberArk upgrades (e.g. version releases)
- Manage monthly OS patching across Vault and supporting infrastructure
- Apply CyberArk patches to remediate security vulnerabilities
- Maintain and enhance existing connectors and integrations
- Build up to ~10 custom CPM and PSM connectors annually
- Maintain integrations (e.g. Saviynt SCIM, PowerBI telemetry)
- Collaborate with internal teams on configuration changes and new platform onboarding
- Deploy and integrate CyberArk CP / CCP across environments
- Implement SSH key management processes (incl. rotation)
- Configure safes, platforms, and application authentication
- Support monitoring, testing, and hypercare activities
- Produce HLDs, LLDs, runbooks, and BAU documentation
- Identify privileged accounts not under CyberArk control using discovery tools
- Produce monthly metrics on PAM coverage across infrastructure and directories
- Drive onboarding of privileged accounts and close control gaps
- Assess existing secrets (keys, tokens, certificates, service accounts)
- Define and implement treatment plans (e.g. CP/CCP, PKI, mTLS approaches)
- Prioritise and deliver onboarding and remediation activities
Key Skills:
- CyberArk Sentry certification (or above) essential
- Strong hands-on CyberArk SME experience across Vault, CPM, PSM, PSMP
- Proven experience delivering upgrades, patching, and platform maintenance
- Experience building custom connectors (CPM / PSM)
- Financial services / regulated environment experience required
- Comfortable operating across BAU and change delivery
Salary (Rate): £85.00/hr
City: London
Country: United Kingdom
Working Arrangements: hybrid
IR35 Status: inside IR35
Seniority Level: undetermined
Industry: IT
CyberArk Engineer – Financial Services
Robert Half are supporting a global consulting firm,, who have partnered with a major financial services organisation to source a CyberArk Engineer for a large-scale programme. This role is hands-on , focused on running, maintaining, upgrading, and enhancing CyberArk , alongside delivering change across the platform.
Assignment Details
Initial 6-month contract (c.12–18 month programme)
Hybrid working – London (2–3 days onsite, TBC)
ASAP start
Engagement via PAYE (due to end financial services client environment)
Key Responsibilities
- Plan, test, and deliver CyberArk upgrades (e.g. version releases)
- Manage monthly OS patching across Vault and supporting infrastructure
- Apply CyberArk patches to remediate security vulnerabilities
- Maintain and enhance existing connectors and integrations
- Build up to ~10 custom CPM and PSM connectors annually
- Maintain integrations (e.g. Saviynt SCIM, PowerBI telemetry)
- Collaborate with internal teams on configuration changes and new platform onboarding
- Platform & Engineering
- Deploy and integrate CyberArk CP / CCP across environments
- Implement SSH key management processes (incl. rotation)
- Configure safes, platforms, and application authentication
- Support monitoring, testing, and hypercare activities
- Produce HLDs, LLDs, runbooks, and BAU documentation
- Controls & Adoption
- Identify privileged accounts not under CyberArk control using discovery tools
- Produce monthly metrics on PAM coverage across infrastructure and directories
- Drive onboarding of privileged accounts and close control gaps
- Secrets Management
- Assess existing secrets (keys, tokens, certificates, service accounts)
- Define and implement treatment plans (e.g. CP/CCP, PKI, mTLS approaches)
- Prioritise and deliver onboarding and remediation activities
Key Experience
- CyberArk Sentry certification (or above) essential
- Strong hands-on CyberArk SME experience across Vault, CPM, PSM, PSMP
- Proven experience delivering upgrades, patching, and platform maintenance
- Experience building custom connectors (CPM / PSM)
- Financial services / regulated environment experience required
- Comfortable operating across BAU and change delivery
All candidates must complete standard screening (Right to Work, DBS, credit/sanctions, employment verification).