Description

Main Responsibilities:

  • Participating in all phases of the project lifecycle to support the design and implementation of PAM modernization and secrets management architecture for internal applications
  • Collaborating with application and infrastructure teams to deliver highly available credential retrieval services using CyberArk Credential and Central Credential Provider (CP/CCP) and/or Azure Key Vault
  • Acting as the primary technical authority and performing planning activities leading to the solution architecture of the Privileged Access Management (PAM) platforms, focusing on CyberArk Privilege Cloud
  • Analyzing current privileged identity solution environments to identify deficiencies and opportunities for simplification, scalability, and alignment with Zero Trust principles
  • Defining and documenting the solution architecture structure and deployment of PAM components for session isolation, auditing, recording, JIT, risk, and secret rotation
  • Supporting secure authentication integration with Microsoft MFA, FIDO2, and certificate-based methods
  • Developing and documenting repeatable integration patterns and architectural reference models for application teams
  • Troubleshooting and resolving complex PAM and IAM issues across cross-functional environments in a timely manner
  • Providing knowledge transfer, best practices, and recommendations to strengthen PAM and secrets management governance and operational efficiency

Required Qualifications & Skills:

  • University degree or college diploma in Computer Science, Information Security, or a related field
  • Minimum of ten (10) years of relevant work experience in Identity and Access Management (IAM) with a focus on Privileged Access and Secrets Management
  • Minimum of five (5) years of direct hands-on experience architecting, implementing, and operating CyberArk Privilege Cloud
  • Minimum of five (5) years of direct hands-on experience architecting, implementing, and operating Azure Privileged Identity Management and Azure Key Vaults
  • Strong expertise across CyberArk components, including Vault, CPM, PSM, SIA, CP/CCP
  • Experience with CyberArk migration projects (on-prem to cloud, or multi-tenant deployments)
  • Strong knowledge of secure authentication methods including SAML, OIDC, FIDO2/WebAuthn, and PKI
  • Strong understanding of privileged session recording, monitoring, and compliance requirements
  • Ability to design and implement Role-Based Access Control (RBAC) frameworks, particularly for internally developed applications
  • Strong technical knowledge of containers (Docker/Kubernetes), networking, and web services protocols such as REST and SOAP, as well as API design and integration using JSON/XML
  • Ability to produce clear, concise, and business-ready documentation tailored to technical and nontechnical audiences
  • Strong analytical and problem-solving skills, combined with effective negotiation and communication skills

ACCESSIBILITY

We’re committed to fostering an inclusive, equitable, and accessible workplace where every team member feels valued, respected, and supported, and has the opportunity to reach their full potential. We welcome and encourage applications from people with disabilities.

Accommodations are available on request for candidates taking part in all aspects of the selection process. For a confidential inquiry, simply email your recruiter directly or accessibility@fxinnovation.com to make arrangements.

If you have questions regarding accessible employment at Ateko please email our Human Resources team at accessibility@fxinnovation.com.

Ateko

Derek Weber – Senior Recruiter

derek.weber@ateko.com