We are looking for an experienced CyberArk PAM Architect to support a major enterprise security transformation programme within a global financial markets infrastructure organisation.
This organisation operates critical platforms used by banks, trading firms and financial institutions worldwide. As part of a large-scale identity and security modernisation initiative, they are implementing CyberArk SaaS/Privilege Cloud as the core Privileged Access Management (PAM) platform across a complex hybrid and multi-cloud estate.
This role requires someone who can design enterprise-scale PAM architecture, define integration patterns, and support governance within a highly regulated environment.
Key Responsibilities
Define the end-to-end CyberArk PAM target architecture using CyberArk SaaS.
Design privileged access models including Just-in-Time (JIT) access and session management.
Architect integrations with enterprise systems including Entra ID, ServiceNow, SailPoint IdentityNow, Splunk and DataDog.
Develop privileged access models across AWS and Azure environments.
Produce architecture artefacts including HLD, LLD, SDD and solution design documentation.
Define identity federation, MFA and authentication architecture.
Design automation and onboarding frameworks including CI/CD integration.
Define session recording, data retention and encryption models.
Support security governance, architecture review and audit processes.
Contribute to the implementation roadmap for the PAM transformation programme.
Technology Environment
CyberArk Privilege Cloud/CyberArk SaaS
Microsoft Entra ID (Azure AD)
ServiceNow
SailPoint IdentityNow
AWS & Azure
Splunk/DataDog
Enterprise IAM & PAM tooling
Required Experience
Strong experience working as a CyberArk Architect/PAM Architect.
Deep knowledge of CyberArk Privilege Cloud or CyberArk SaaS architecture.
Experience designing enterprise PAM solutions in large organisations.
Experience integrating CyberArk with IAM platforms and enterprise systems.
Strong knowledge of privileged access models, credential vaulting and session management.
Experience working in regulated enterprise environments such as banking, financial services, insurance or large global organisations.
Desirable
Experience delivering large-scale PAM transformation programmes.
Experience with automation frameworks and CI/CD onboarding for PAM.
Knowledge of security governance frameworks and audit requirements.
This is an opportunity to work on a high-profile enterprise security programme delivering a next-generation PAM capability within a complex global environment
Whilst advertised as remote working, there will be some requirement to attend site in London. It maybe required to attend a weekly meeting in London but even this maybe up for negotiation.
This is an Inside IR35 role. The indicative rate is advertised as £720 p/day but if you have the requisite skills and experience and are able to justify a higher day rate, still apply.