Senior Security Engineer

Ampcus Inc. is a certified global provider of a broad range of Technology and Business consulting services. We are in search of a highly motivated candidate to join our talented Team.

Job Title: Senior Security Engineer

Location(s): Sandy Springs, GA

Description
We are seeking a skilled Security Engineer to support a strategic initiative aimed at reducing privilegedaccess risk. This role combines technical remediation and business analysis, leveraging CyberArk, Windows/Active Directory, and privilegedaccess governance to execute endtoend removal of local administrator accounts. The Security Engineer will lead account discovery, remediation, and stakeholder coordination to enhance security posture and ensure compliance readiness. The ideal candidate will eliminate local admin accounts, onboard functional and JIT accounts into CyberArk, document ownership and dependencies, and deliver executivelevel reporting that demonstrates measurable risk reduction.

• Handson experience with CyberArk Privileged Access Security (onboarding, vaulting, JIT/ZOA policy configuration).
• Strong knowledge of Windows Server administration, Active Directory, and local admin privilege management.
• Demonstrated ability to perform business analysis, including gathering requirements, validating account dependencies, and documenting access justification.
• Excellent troubleshooting skills with strong communication and documentation abilities.
• Familiarity with compliance frameworks such as SOX and audit readiness requirements.
• 7+ years of experience working in Active Directory Management, AD Replication, GPO, trusts, DNS and DHCP.
• 7+ years in writing advanced, efficient, and well-structured PowerShell , Python or shell scripts.
• 4+ years working with CyberArk products.
• 3+ years working and driving large scale security initiatives in an enterprise environment.

• CyberArk certification (Defender, Sentry, or Client).
• Microsoft/Cloud certifications
• M365 administration
• Experience supporting large-scale IAM/PAM remediation initiatives.
• Background in security operations, Infrastructure security, or security architecture.
• Strong knowledge of networking fundamentals (TCP/IP, DNS, VPN, firewalls) and operating systems.

• Strong Windows Administration with deep Active Directory expertise (GPO, DNS, DHCP, replication).
• Advanced PowerShell scripting for automation and troubleshooting.
• Experience in authentication protocols (Kerberos, NTLM) and Windows Server hardening.
• CyberArk (PAM) hands-on experience - required but secondary to Windows/AD.

Ampcus is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veterans or individuals with disabilities.