| Title |
IAM Architect PAM |
| Location |
Remote |
| Start Date |
11-24-2025 |
| Language |
English |
| Salary |
Negotiable |
| Security Clearance |
Secret Clearance (Level II) |
| Duration |
12 Months |
| Date Posted |
10-03-2025 |
| Job ID |
13960 |
| Recruiter Email |
|
Maplesoft Group is currently seeking an IAM Architect PAM for our Federal Government client.
Tasks and Responsibilities include, but are not limited to the following:
• Support the design and implementation of PAM architecture for internal applications leveraging
containerized environments.
• Collaborate with application development and infrastructure teams to deliver highly available credential
retrieval services using CyberArk Central Credential Provider (CCP) and/or Azure Key Vault.
• Define and document Role-Based Access Control (RBAC) frameworks and integration patterns for
internally developed applications.
• Assist in the modernization of the client's Privileged Access Management (PAM) platforms, focusing on
CyberArk (on-premises and Privilege Cloud).
• Analyze the current CyberArk solution environment to identify deficiencies and opportunities for
simplification, scalability, and alignment with Zero Trust principles.
• Assist with the design and deployment of CyberArk components, including PSM, PVWA, PTA, CPM,
Vault, and web sessions.
• Support secure authentication integration with Microsoft MFA, FIDO2, and certificate-based methods.
• Provide expertise in session recording, monitoring, and auditing privileged access for compliance
purposes.
• Assist with migration activities from existing CyberArk on-premises deployments to Privilege Cloud where
applicable.
• Develop and document repeatable integration patterns and architectural reference models for
application teams.
• Troubleshoot and resolve complex PAM and IAM issues across cross-functional environments in a timely
manner.
• Provide knowledge transfer, best practices, and recommendations to strengthen PAM governance and
operational efficiency.
• Other related activities and deliverables as required.
Required Qualifications & Skills
The Consultant should have the following qualifications and skills:
• University degree or college diploma in Computer Science, Information Security, or a related field.
• Minimum of ten (10) years of relevant work experience in Identity and Access Management (IAM) with a
focus on Privileged Access Management.
• Minimum of five (5) years of direct hands-on experience designing, implementing, and operating
CyberArk Privileged Access Management solutions (on-premises and/or Privilege Cloud).
• Demonstrated expertise with CyberArk components, including Vault, PVWA, CPM, PSM, PTA, CCP, and
web session management.
• Demonstrated experience with CyberArk migration projects (on-prem to cloud, or multi-tenant
deployments).
• Demonstrated knowledge of secure authentication methods including SAML. OIDC, FIDO2/WebAuthn,
and PKI.
• Demonstrated understanding of privileged session recording, monitoring, and compliance requirements.
• Demonstrated ability to design and implement Role-Based Access Control (RBAC) frameworks,
particularly for internally developed applications.
• Demonstrated technical knowledge of containers (Docker/Kubernetes), networking, and web services
protocols such as REST and SOAP, as well as API design and integration using JSON/XML.
• Demonstrated expertise to produce clear, concise, and business-ready documentation tailored to
technical and non-technical audiences.
• Demonstrated strength in analysis and problem-solving, paired with strong negotiation and interpersonal
communication skills.
Additional Qualifications
The following will also be considered:
• Demonstrated experience with Agile and DevOps
• Demonstrated knowledge of Cyber Security certifications (CISSP, GIAC, etc.)
• Demonstrated experience in the banking industry and/or government organizations
• Experience with identity governance and integration with SailPoint or Microsoft Entra ID
Maplesoft Group prides itself on its distinct corporate culture and recognizes that success is a direct reflection of our most valuable asset - our people. Therefore, attitude and ambition are key personality traits we seek out, along with skill and aptitude, in potential employees.
Maplesoft Group is committed to having a diverse, representative workforce and continuing to build an inclusive environment. We encourage applications from all qualified individuals. Maplesoft Group is an equal opportunity employer committed to diversity and inclusion. We are pleased to consider all qualified applicants irrespective of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veterans’ status, Aboriginal peoples or any other legally protected factors.
All employment decisions are made based on business needs, job requirements, and individual qualifications.
We are committed to developing inclusive, barrier-free recruitment and selection processes, and a work environment that supports our diverse workforce. Please let us know if you require accommodations at any stage of the recruitment process. We can be reached at Maplesoft Info at info@maplesoftgroup.com.
We thank you for your interest in Maplesoft Group and wish to advise you, that only candidates under consideration will be contacted.