Jobs via Dice
CyberArk PAM Architect Senior PAM Engineer (34418)
Jobs via Dice, Ottawa, Kansas, United States, 66067
Myticas LLC is seeking a CyberArk PAM Architect/Senior PAM Engineer to modernize and operate Privileged Access Management across on-prem and cloud environments. The role focuses on designing resilient credential frameworks, delivering secure authentication services (CyberArk CCP, Azure Key Vault), and leading migrations to CyberArk Privilege Cloud.
Key Responsibilities
Design and implement PAM architecture for internal applications in containerized environments (Docker/Kubernetes).
Deliver highly available credential retrieval via CyberArk CCP and/or Azure Key Vault.
Define and document RBAC frameworks and integration patterns for internal applications.
Support modernization of CyberArk platforms (on-prem and Privilege Cloud) to simplify, scale, and align with Zero Trust principles.
Design and deploy CyberArk components: Vault, PVWA, CPM, PSM, PTA, CCP, web session management.
Integrate secure authentication: MFA, FIDO2/WebAuthn, cert-based, SAML/OIDC.
Implement session recording, monitoring, and auditing for compliance.
Assist with migrations from on-prem to Privilege Cloud (multi‑tenant).
Produce repeatable integration patterns and reference architectures; troubleshoot across PAM/IAM stacks.
Provide knowledge transfer, best practices, and governance recommendations.
Create clear, business‑ready documentation for technical and non‑technical audiences.
Must‑Have Qualifications
Degree or diploma in Computer Science, Information Security, or related field.
10+ years of IAM experience with a focus on PAM.
5+ years hands‑on with CyberArk (on‑prem and/or Privilege Cloud).
Deep expertise with Vault, PVWA, CPM, PSM, PTA, CCP, and web sessions.
Proven CyberArk migration experience (on‑prem to cloud, multi‑tenant).
Strong knowledge of SAML, OIDC, FIDO2/WebAuthn, PKI.
Experience designing RBAC for internally developed applications.
Solid technical footing in containers (Docker/K8s), networking, REST/SOAP, JSON/XML.
Excellent documentation, analysis, and stakeholder communication skills.
Nice to Have
Agile/DevOps delivery experience.
Security certifications (e.g., CISSP, GIAC).
Banking and/or government sector experience.
Identity governance with SailPoint or Microsoft Entra ID.
#J-18808-Ljbffr
Key Responsibilities
Design and implement PAM architecture for internal applications in containerized environments (Docker/Kubernetes).
Deliver highly available credential retrieval via CyberArk CCP and/or Azure Key Vault.
Define and document RBAC frameworks and integration patterns for internal applications.
Support modernization of CyberArk platforms (on-prem and Privilege Cloud) to simplify, scale, and align with Zero Trust principles.
Design and deploy CyberArk components: Vault, PVWA, CPM, PSM, PTA, CCP, web session management.
Integrate secure authentication: MFA, FIDO2/WebAuthn, cert-based, SAML/OIDC.
Implement session recording, monitoring, and auditing for compliance.
Assist with migrations from on-prem to Privilege Cloud (multi‑tenant).
Produce repeatable integration patterns and reference architectures; troubleshoot across PAM/IAM stacks.
Provide knowledge transfer, best practices, and governance recommendations.
Create clear, business‑ready documentation for technical and non‑technical audiences.
Must‑Have Qualifications
Degree or diploma in Computer Science, Information Security, or related field.
10+ years of IAM experience with a focus on PAM.
5+ years hands‑on with CyberArk (on‑prem and/or Privilege Cloud).
Deep expertise with Vault, PVWA, CPM, PSM, PTA, CCP, and web sessions.
Proven CyberArk migration experience (on‑prem to cloud, multi‑tenant).
Strong knowledge of SAML, OIDC, FIDO2/WebAuthn, PKI.
Experience designing RBAC for internally developed applications.
Solid technical footing in containers (Docker/K8s), networking, REST/SOAP, JSON/XML.
Excellent documentation, analysis, and stakeholder communication skills.
Nice to Have
Agile/DevOps delivery experience.
Security certifications (e.g., CISSP, GIAC).
Banking and/or government sector experience.
Identity governance with SailPoint or Microsoft Entra ID.
#J-18808-Ljbffr