CyberArk PAM Self-Hosted Architect

CyberArk PAM Self-Hosted Architect\\n\\n+6 months +\\n\\n+Fully remote working \\n\\n+SC cleared role – must be elligible for clearance\\n\\nAre you an experienced CyberArk Architect who can define and deliver enterprise-grade PAM and secrets-management platforms in secure, complex environments? We are seeking a highly skilled CyberArk PAM Self-Hosted Architect to take ownership of architectural strategy, design and integration across a major organisation.\\n\\nThis role is ideal for a senior expert who thrives on shaping security platforms, influencing stakeholders, and guiding delivery teams through best-practice implementation.\\n\\nResponsibilities:\\n\\nOwn the end-to-end architecture and high-level design for CyberArk PAM Self-Hosted and CyberArk Conjur, defining these as strategic platforms for privileged access and secrets management.\\n\\nEstablish and maintain reference architectures, patterns, and standards for onboarding infrastructure, applications, DevOps platforms and third parties into CyberArk.\\n\\nArchitect CyberArk PAM Self-Hosted components-Vault, PVWA, PSM, CPM, PSMP, PTA, DR-ensuring resilience, scalability, operational segregation and regulatory compliance.\\n\\nDesign CyberArk Conjur / Secrets Manager Enterprise & Credential Provider for secure management of application, machine and DevOps secrets, integrating with:\\n\\nCI/CD pipelines\\n\\nContainers and Kubernetes/OpenShift\\n\\nMulti-cloud platforms\\n\\nCollaborate with security, DevOps and infrastructure teams to integrate CyberArk with AD/LDAP, SAML/OIDC identity providers, SIEM (e.g. Splunk), ITSM, and MFA solutions.\\n\\nLead installation, configuration, testing and handover of CyberArk secrets-management solutions into Run & Maintain teams.\\n\\nProvide architectural leadership on privileged access risk reduction through threat modelling, control selection and adherence to security policies.\\n\\nAct as a trusted advisor to senior stakeholders (CISO, security architects, platform owners, programme leadership), translating complex PAM/secret-management designs into clear business outcomes.\\n\\nRequired skills:\\n\\nTypically 7+ years' experience in cybersecurity architecture, with strong PAM expertise in complex and regulated environments.\\n\\nProven hands-on architectural experience with CyberArk PAM Self-Hosted, including most of: Vault, PVWA, PSM, CPM, PSMP, PTA, DR.\\n\\nStrong experience designing and integrating CyberArk Conjur / Credential Provider for application and DevOps secrets.\\n\\nDemonstrable experience integrating CyberArk with:\\n\\nAD/LDAP\\n\\nSAML/OIDC identity providers\\n\\nSIEM tools\\n\\nITSM/ticketing systems\\n\\nAt least one MFA platform\\n\\nSolid understanding of DevOps and cloud-native ecosystems, including Kubernetes, OpenShift, containers, Jenkins, CI/CD and IaC, and embedding CyberArk Conjur into these pipelines.\\n\\nStrong awareness of security and audit standards (NCSC, ISO 27001, NIST, FCA/financial, government).\\n\\nExcellent communication and stakeholder management skills, able to articulate PAM and secrets architecture to both technical and non-technical audiences.\\n\\nExperience working in or with secure, classified or national security environments.\\n\\nStrong documentation skills (HLDs, LLDs, design patterns, architecture decisions).\\n\\nProven track record leading and delivering multiple CyberArk PAM and secrets-management projects.\\n\\nIf you'd like to discuss this CyberArk PAM Self-Hosted Architect in more detail, please send your updated CV to (url removed) and I will get in touch