PAM Architect and SME CyberArk

· Lead architecture, design, and implementation of CyberArk PAM solutions across complex enterprise environments.

· Act as technical SME for PAM, advising on best practices, standards, and emerging capabilities.

· Deliver end-to-end CyberArk deployments including PAS, Privilege Cloud, and associated components.

· Define and implement privileged access policies, credential management, session monitoring, and vaulting strategies.

· Conduct security assessments and gap analyses, providing remediation recommendations aligned to NIST and ISO 27001.

· Support audit and compliance requirements, ensuring adherence to security policies and regulatory obligations.

· Provide technical leadership and mentoring to internal teams and customer stakeholders.

· Contribute to continuous improvement and innovation initiatives within the PAM domain.

Our client is looking for an experienced PAM Architect and CyberArk SME to lead the design, implementation, and optimisation of enterprise Privileged Access Management solutions in a secure, defence-grade environment. You will need proven hands-on CyberArk expertise and the ability to operate at both an architectural and delivery level. Apply today!, · Proven experience in a PAM Architect or Senior SME role.

· Strong hands-on expertise with CyberArk PAS, CPM, PSM, and PVWA.

· Experience designing and delivering enterprise-scale PAM solutions end to end.

· Ability to produce high-quality design documentation including HLDs, LLDs, security architecture docs, and runbooks.

· Deep understanding of IAM principles, least privilege models, and privileged credential lifecycle management.

· Experience integrating CyberArk with Active Directory, LDAP, SIEM, and ITSM tools.

· Strong stakeholder management and communication skills across technical and non-technical audiences.

· Ability and willingness to work on secure UK customer sites, with flexibility to travel for project delivery.

The client would also like to see some of the below, but this is not essential:

· CyberArk Certified Delivery Engineer (CDE), Defender (CDP), or Sentry certification.

· CISSP, CISM, or equivalent security qualification.

· TOGAF or equivalent architecture framework knowledge.

· Prior experience working in the Defence and/or Aerospace sector.

· Familiarity with DevSecOps practices and secrets management.

· Experience with CyberArk PTA (Privileged Threat Analytics).

· Flexible working arrangements.

· Provide expert financial guidance to help you select a pension plan tailored to your lifestyle.

· Company culture that places a premium on achieving a healthy work-life balance.

· Offer competitive bonuses and generous compensation packages.

· Prioritise traits such as curiosity and a good-natured sense of humour.

· Encourage and assist staff in participating in local community initiatives.

· 25 days holiday + bank holidays

· Buy/Sell holiday

· Death in Service - 3x salary

· Performance Bonus

· Cycle to work scheme

· Pension Scheme