CyberArk IAM Consultant

Job Title: Technical Consultant-PAM-Cyberark

Location : Louisville, KY (100% Permanent remote work accepted from anywhere in US; however, we’d prefer EST and CST based resources)

Duration : 12+ Months Contract

Teams Meeting Interview

Job Description:

This role is responsible for hands-on execution of a high-risk access reduction initiative focused on Active Directory privileged access across server and workstation environments. The consultant will analyze, remediate, and reduce standing administrative access by untangling nested AD group structures, validating access with application and infrastructure teams, and enabling transition to CyberArk Just-In-Time (JIT) access models.

Key Responsibilities:

Analyze and flatten complex, nested Active Directory group structures (server and workstation admin groups)

Identify and document effective access across multi-level group nesting

Partner with application and infrastructure teams to validate required vs. excessive access

Drive removal of unnecessary privileged access and track measurable reductions

Required Qualifications:

• Strong hands-on experience with Active Directory, including:
• Nested group analysis
• Admin group structures (domain, server, workstation)
• Access inheritance and effective permissions
• Proven experience performing AD or privileged access cleanup/remediation at scale
• PowerShell scripting experience (required)
• Ability to extract, analyze, and report on AD group membership
• Experience working in multi-domain / multi-forest environments
• Familiarity with Windows server and workstation administration models
• Experience with PAM concepts and tools (CyberArk preferred)

Please share resumes at