Software Engineering Manager – Identity & Directory Services (hybrid)

About CyberArk:
CyberArk (NASDAQ: CYBR), is the global leader in Identity Security. Centered on privileged access management, CyberArk provides the most comprehensive security offering for any identity – human or machine and AI-driven– across business applications, distributed workforces, hybrid cloud workloads and throughout the DevOps lifecycle. The world’s leading organizations trust CyberArk to help secure their most critical assets. To learn more about CyberArk, visit our CyberArk blogs or follow us on X, LinkedIn or Facebook.

CyberArk is expanding our Identity Shared Services group, the engineering team responsible for how CyberArk products integrate, unify, and sync identity data from enterprise identity providers. This team builds the core services that connect CyberArk to Active Directory, LDAP, Entra ID/Azure AD, Okta Universal Directory, SCIM-based systems, and modern identity platforms.

We are looking for an Engineering Manager who has real experience leading teams that build or integrate with identity directories, identity graphs, or large-scale identity data pipelines. This role is not governance-only IAM architecture and is not big-data/Hadoop; it is hands-on leadership of engineers building backend services that aggregate, normalize, and synchronize user and group identities.

What You’ll Lead:

Identity & Directory Integration

• Build and evolve services that ingest identity data from AD, LDAP, Okta UD, Entra ID, SCIM, and other IDPs.
• Lead the team responsible for directory sync, mapping logic, provisioning pipelines, attribute normalization, conflict/duplicate resolution, and multi-source identity stitching.
• Owning high-scale, low-latency distributed backend services powering CyberArk’s Identity Security platform.

Architecture & Technical Direction

• Guide engineers through system design, code reviews, and distributed systems best practices.
• Influence architecture around identity federation, directory aggregation, and data flow orchestration.
• Partner with Security, Product, and Platform engineering to ensure resilience, correctness, and secure-by-design implementation.

Leadership & Delivery

• Manage a team of backend engineers (5–10), providing coaching, performance guidance, and career development.
• Drive roadmap execution with clear milestones, predictable delivery, and technical accountability.
• Collaborate with product management to define use cases, prioritization, and long-term direction.
• Participate in hybrid work, with in-office collaboration in Santa Clara on Tuesdays and Wednesdays.

#LI-HA1

Experience leading teams that build or maintain one or more of the following: 

Universal Directory–type platforms (Okta UD, JumpCloud, Rippling User Graph, ForgeRock Directory Services, Ping Directory) 

Cloud Identity Directory systems (Azure AD DS/Entra directory groups, Google Cloud Identity Directory)

Directory sync and SCIM pipelines (Salesforce/Slack, VMware Workspace ONE, Duo, Atlassian Identity)

Systems that unify identity data across heterogeneous sources

• 8+ years in software development on agile teams; 6+ years building web or enterprise applications.
• 2+ years people management of software engineers
• Strong backend engineering experience in a typed, object-oriented language (C#, Java, Go, or similar), with the ability to guide design and code quality. (Experience in any modern typed, object-oriented language. Experience in C# is helpful but not required for success in this role.)
• Experience with Active Directory, LDAP, Entra-ID, or similar directory services. (unified identity or account-consolidation experience is a plus).
• Proficiency in ReactJS and JavaScript for UI development.
• Familiarity with source control tools (Git, Bitbucket, Perforce).
• Deep understanding of identity data models, group structures, join rules, and directory sync behavior
• Experience with distributed systems, event-driven pipelines, or high-throughput backend services
• Ability to read code, guide technical decisions, and support design reviews

Nice to Have

• Exposure to PKI, certificates, MFA, or authentication flows
• Experience with graph-based identity models or large-scale directory storage
• Prior work in cybersecurity, identity security, or workforce identity products
• Experience in high-scale cloud SaaS environments

Why CyberArk

CyberArk secures the identities critical to protecting the world’s largest organizations. As identity becomes the new security perimeter, this team plays a foundational role in how customers unify and protect their workforce and machine identities.

You will lead engineers building the backbone of CyberArk’s identity intelligence, directory services, and cross-platform integrations — work that directly impacts our global customer base and product expansion strategy.

CyberArk is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status. 

We are unable to sponsor or take over sponsorship of employment Visa at this time.

The salary range for this position is $200,000 – $220,000/year. Compensation also includes a discretionary annual bonus and eligibility for equity awards. Final pay will vary depending on job-related knowledge, skills, and experience. CyberArk provides a competitive and comprehensive benefits package, including medical, dental, vision, financial, and additional support programs.