CyberArk PAM Architect (SCA/SIA/DevOps) - Privilege Cloud/Financial Services

WNTD Ltd
2 days ago

Role details

Contract type
Temporary contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English

Job location

Remote

Tech stack

Microsoft Access
API
Amazon Web Services (AWS)
Azure
Software as a Service
Cloud Computing
Cloud Computing Security
Continuous Integration
Software Design Patterns
DevOps
Identity and Access Management
Azure
Session Management
Security Information and Event Management
Datadog
Enterprise Software Applications
Cyberark
Sentry
Api Design
SailPoint
Splunk
Network Server
Devsecops
ServiceNow

Job description

  • Define the end-to-end CyberArk Privilege Cloud (SaaS) target architecture
  • Design and implement SCA (Secure Cloud Access) models across Azure and AWS (including JIT access)
  • Define SIA (Secure Infrastructure Access) models for Servers, applications and traditional infrastructure
  • Architect privileged access models including session management, credential vaulting and elevation workflows
  • Design integration patterns with enterprise systems:
  • Microsoft Entra ID (Azure AD)
  • SailPoint IdentityNow/IGA platforms
  • ServiceNow (request/approval workflows)
  • SIEM/observability tools (Splunk, DataDog)
  • Define DevSecOps-aligned PAM onboarding frameworks, including CI/CD-driven automation and API-based integrations
  • Produce architecture artefacts including HLD, LLD, SDD and design patterns
  • Define identity federation, MFA and authentication architecture
  • Design data protection, encryption and session recording models (including retention policies)
  • Support security governance, audit, and regulatory compliance processes
  • Contribute to the enterprise PAM transformation roadmap

Requirements

  • Proven experience as a CyberArk PAM Architect in large enterprise environments
  • Deep knowledge of CyberArk Privilege Cloud/CyberArk SaaS architecture
  • Strong experience designing enterprise PAM solutions at scale
  • Hands-on experience with:
  • SCA (Secure Cloud Access) - Azure & AWS privileged access models
  • SIA (Secure Infrastructure Access) - server and application access control
  • Experience defining JIT (Just-in-Time) privileged access models
  • Strong understanding of IAM/PAM integration (Entra ID, SailPoint, ServiceNow)
  • Experience with DevSecOps/automation frameworks for PAM onboarding (CI/CD, APIs)
  • Strong knowledge of credential vaulting, session management, and privileged identity life cycle
  • Experience working in highly regulated environments (financial services, banking, insurance)

Highly Desirable

  • CyberArk Sentry/Guardian level certification
  • Experience delivering large-scale PAM transformation programmes
  • Experience designing CyberArk Conjur/secrets management solutions
  • Exposure to cloud-native security architecture patterns
  • Experience with NIST or equivalent security governance frameworks

Apply for this position