CyberArk PAM Architect Senior PAM Engineer (34418)

Overview

Remote
Contract - W2

Skills

Finance
Identity Management
Kubernetes
Microsoft Azure
Scalability
Multi-factor Authentication
Auditing
Regulatory Compliance
Stacks Blockchain
Knowledge Transfer
Computer Science
Information Security
FOCUS
Critical Path Method
PSM
CyberArk
Migration
Cloud Computing
SAML
OIDC
PKI
RBAC
Docker
Computer Networking
SOAP
JSON
XML
Documentation
Communication
Agile
DevOps
CISSP
Banking
SailPoint
Microsoft

Job Details

Our Financial Ottawa based client is looking for a CyberArk PAM Architect / Senior PAM Engineer to modernize and operate Privileged Access Management across on-prem and cloud, build RBAC frameworks for internally developed apps, and deliver secure credential services (CCP/Azure Key Vault) within containerized environments.

Key Responsibilities
  • Design and implement PAM architecture for internal applications in containerized (Docker/Kubernetes) environments.

  • Deliver highly available credential retrieval via CyberArk CCP and/or Azure Key Vault.

  • Define/document RBAC frameworks and integration patterns for internal apps.

  • Support modernization of CyberArk platforms (on-prem and Privilege Cloud); assess current state for simplification, scalability, and Zero Trust alignment.

  • Design/deploy CyberArk components: Vault, PVWA, CPM, PSM, PTA, CCP, web session mgmt.

  • Integrate secure auth: MFA (Microsoft), FIDO2/WebAuthn, cert-based, SAML/OIDC.

  • Implement session recording/monitoring and auditing for compliance.

  • Assist with migrations from on-prem to Privilege Cloud (incl. multi-tenant).

  • Produce repeatable integration patterns and reference architectures; own troubleshooting across PAM/IAM stacks.

  • Provide knowledge transfer, best practices, and governance recommendations.

  • Create clear, business-ready documentation for technical/non-technical audiences.
Must-Have Qualifications
  • Degree/diploma in Computer Science, Information Security, or related.

  • 10+ years in IAM with focus on PAM.

  • 5+ years hands-on with CyberArk (on-prem and/or Privilege Cloud).

  • Deep expertise with Vault, PVWA, CPM, PSM, PTA, CCP, and web sessions.

  • Proven CyberArk migration experience (on-prem ? cloud / multi-tenant).

  • Strong knowledge of SAML, OIDC, FIDO2/WebAuthn, PKI.

  • Experience designing RBAC for internally developed applications.

  • Solid technical footing in containers (Docker/K8s), networking, REST/SOAP, JSON/XML.

  • Excellent documentation, analysis, and stakeholder communication skills.
Nice to Have
  • Agile/DevOps delivery experience.

  • Security certs (e.g., CISSP, GIAC).

  • Banking and/or government sector experience.

  • Identity governance with SailPoint or Microsoft Entra ID.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About Myticas LLC