Job Description

Title

IAM Architect PAM

Location

Remote

Start Date

11-24-2025

Language

English

Salary

Negotiable

Security Clearance

Secret Clearance (Level II)

Duration

12 Months

Date Posted

10-03-2025

Job ID

13960

Recruiter Email

info@maplesoftgroup.com

Maplesoft Group is currently seeking an IAM Architect PAM for our Federal Government client.



Tasks and Responsibilities include, but are not limited to the following:



Support the design and implementation of PAM architecture for internal applications leveraging

containerized environments.

Collaborate with application development and infrastructure teams to deliver highly available credential

retrieval services using CyberArk Central Credential Provider (CCP) and/or Azure Key Vault.

Define and document Role-Based Access Control (RBAC) frameworks and integration patterns for

internally developed applications.

Assist in the modernization of the client's Privileged Access Management (PAM) platforms, focusing on

CyberArk (on-premises and Privilege Cloud).

Analyze the current CyberArk solution environment to identify deficiencies and opportunities for

simplification, scalability, and alignment with Zero Trust principles.

Assist with the design and deployment of CyberArk components, including PSM, PVWA, PTA, CPM,

Vault, and web sessions.

Support secure authentication integration with Microsoft MFA, FIDO2, and certificate-based methods. Provide expertise in session recording, monitoring, and auditing privileged access for compliance

purposes.

Assist with migration activities from existing CyberArk on-premises deployments to Privilege Cloud where

applicable.

Develop and document repeatable integration patterns and architectural reference models for

application teams.

Troubleshoot and resolve complex PAM and IAM issues across cross-functional environments in a timely

manner.

Provide knowledge transfer, best practices, and recommendations to strengthen PAM governance and

operational efficiency.

Other related activities and deliverables as required.



Required Qualifications & Skills

The Consultant should have the following qualifications and skills:

University degree or college diploma in Computer Science, Information Security, or a related field. Minimum of ten (10) years of relevant work experience in Identity and Access Management (IAM) with a

focus on Privileged Access Management.

Minimum of five (5) years of direct hands-on experience designing, implementing, and operating

CyberArk Privileged Access Management solutions (on-premises and/or Privilege Cloud).

Demonstrated expertise with CyberArk components, including Vault, PVWA, CPM, PSM, PTA, CCP, and

web session management.

Demonstrated experience with CyberArk migration projects (on-prem to cloud, or multi-tenant

deployments).

Demonstrated knowledge of secure authentication methods including SAML. OIDC, FIDO2/WebAuthn,

and PKI.

Demonstrated understanding of privileged session recording, monitoring, and compliance requirements. Demonstrated ability to design and implement Role-Based Access Control (RBAC) frameworks,

particularly for internally developed applications.

Demonstrated technical knowledge of containers (Docker/Kubernetes), networking, and web services

protocols such as REST and SOAP, as well as API design and integration using JSON/XML.

Demonstrated expertise to produce clear, concise, and business-ready documentation tailored to

technical and non-technical audiences.

Demonstrated strength in analysis and problem-solving, paired with strong negotiation and interpersonal

communication skills.



Additional Qualifications

The following will also be considered:

Demonstrated experience with Agile and DevOps Demonstrated knowledge of Cyber Security certifications (CISSP, GIAC, etc.) Demonstrated experience in the banking industry and/or government organizations Experience with identity governance and integration with SailPoint or Microsoft Entra ID






Maplesoft Group prides itself on its distinct corporate culture and recognizes that success is a direct reflection of our most valuable asset - our people. Therefore, attitude and ambition are key personality traits we seek out, along with skill and aptitude, in potential employees.



Maplesoft Group is committed to having a diverse, representative workforce and continuing to build an inclusive environment. We encourage applications from all qualified individuals. Maplesoft Group is an equal opportunity employer committed to diversity and inclusion. We are pleased to consider all qualified applicants irrespective of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veterans' status, Aboriginal peoples or any other legally protected factors.



All employment decisions are made based on business needs, job requirements, and individual qualifications.



We are committed to developing inclusive, barrier-free recruitment and selection processes, and a work environment that supports our diverse workforce. Please let us know if you require accommodations at any stage of the recruitment process. We can be reached at Maplesoft Info at info@maplesoftgroup.com.



We thank you for your interest in Maplesoft Group and wish to advise you, that only candidates under consideration will be contacted.