CyberArk Architect (Contract)- Vendor & Workforce Access
Top Benefits
About the role
At KeyData Cyber, we're shaping the future of identity security. Recognized by Gartner and KuppingerCole as a leading IAM professional services firm, we specialize exclusively in designing, deploying, and managing end-to-end Identity and Access Management programs for organizations across North America.
With 20 years of experience, 50M+ identities managed, and 1,000+ successful deployments, our team is our strongest asset and is built by design to help clients protect critical infrastructure, enable digital transformation, and ensure compliance with confidence.
We deliver comprehensive solutions across IAM domains, including:
- Workforce IAM (Access Management, Identity Governance and Administration, Privileged Access Management)
- Consumer IAM (Identity Verification, Authentication and Access, Threat Detection) in highly regulated industries.
If you're ready to grow your career alongside some of the industry's best, come join us — you're key to our success
We are currently looking for a CyberArk Architect to join the Identity & Access Management (IAM) team. In this role, you will be responsible for designing, implementing, and supporting enterprise Privileged Access Management (PAM) solutions using CyberArk across complex environments. You will play a key role in architecting secure privileged access strategies, enabling cloud-based privileged access, and driving governance frameworks. This role will support enterprise CyberArk initiatives across privileged access, cloud PAM, and identity security domains. Current priorities include CyberArk Privileged Cloud, Workforce Password Management, and Vendor Privileged Access solutions, while also supporting broader PAM programs.
Location: Canada, Remote
Employment Type: 10-month contract
Working Hours: This role follows Pacific Standard Time (PST) hours, from 9:00 AM to 5:00 PM
Vacancy Status: Immediate Opening: This position is currently available, and hiring is underway.
What You'll Do:
- Act as the lead architect and SME for Privileged Access Management (PAM) solutions, including CyberArk Privileged Cloud, CyberArk Identity, and related privileged access capabilities.
- Design and implement secure solutions for privileged credential management, including Workforce Password Management, Vendor Privileged Access, session controls, and secure third-party access.
- Lead deployment of browser extensions, mobile applications, user onboarding, and phased adoption activities related to Workforce Password Management solutions.
Collaborate with clients, system administrators, and application owners to define PAM requirements and design scalable, secure architectures. - Develop end-to-end solution architecture, detailed technical designs, and support deployment and implementation activities.
- Define and implement PAM governance frameworks, policies, and operational processes.
- Assess client environments to identify security gaps, recommend improvements, and define target architectures and roadmaps.
- Lead implementation of CyberArk components including vault, CPM, PSM, Secure Web Sessions and cloud-native privileged access solutions.
- Support integration with cloud platforms and enterprise systems for privileged access use cases.
- Develop SOPs, runbooks, and implementation/deployment plans for privileged access and identity governance solutions.
- Provide technical leadership, mentor junior engineers/architects, and guide delivery teams.
- Conduct knowledge transfer sessions and educate stakeholders on PAM architecture, frameworks, and best practices.
- Collaborate with cross-functional teams to ensure seamless integration with infrastructure, applications, and security tools.
Who We're Looking For:
- Bachelor's or Master's degree in Computer Science, Computer Engineering, Information Systems, or equivalent experience.
- 3+ years of experience in Information Security / Cybersecurity.
- 3+ years of hands-on experience designing and implementingCyberArk PAM solutions, including CyberArk Privileged Cloud.- - Strong experience in CyberArk Workforce Password Management and Vendor Privileged Access Management implementations.
- Proven experience in gathering PAM business requirements and translating them into technical design documents.
- Experience defining PAM strategies, roadmaps, and governance frameworks for enterprise clients.
- Hands-on experience with CyberArk components (Vault, CPM, PSM) and cloud-based PAM deployments.
- Good understanding of infrastructure technologies including databases, LDAP, directory services, operating systems, and networking.
- Strong problem-solving skills with the ability to communicate complex technical concepts effectively.
- Ability to work independently as well as collaboratively within a team environment.
- Excellent verbal and written communication skills.
Nice-to-Have Skills:
- CyberArk certifications such as Certified Delivery Engineer (CDE), Sentry, Certified Delivery Engineer (CDE), Privilege Cloud, or Identity certifications.
- Experience in consulting or client-facing roles.
- Knowledge of programming/scripting languages such as Java, Python, or PowerShell.
- Familiarity with cloud platforms (AWS, Azure, GCP) and their privileged access models.
- Security certifications such as CISSP, CISM, or equivalent.
Compensation:
The hourly rate for this position is $70–$77 CAD per hour. This is a 10 month, full-time contract role, working 40 hours a week. At KeyData Cyber, we are committed to fair and competitive compensation. We regularly benchmark across positions, industries, sectors, and experience levels, ensuring our approach recognizes each person's unique strengths, contributions, and the value they bring to the organization.#LI-AS1
Why You'll Love Working Here
At KeyData Cyber, we put people first, valuing learning, growth, and work-life balance. We offer extensive opportunities to advance your career through leading digital identity projects across North America. Our culture is built on respect, inclusion, and equal opportunity for everyone.
Accessibility & Accommodations
If you require accommodation due to a disability at any time during the recruitment and/or assessment process, please contact Talent Acquisition , and we will make all reasonable efforts to accommodate your request.
BrightHire technology is used during the preliminary interview stage for recording, transcription, and candidate evaluation as part of our hiring process.
Apply now to join the KeyData Cyber team and be part of our mission to secure the future of digital identity across North America.
Not the right fit? Search for CyberArk Architect jobs in Toronto, ON
About Keydata Associates
At KeyData, our vision is to be the Global Leader in delivering identity strategies and solutions to protect and secure our clients and their digital transformation initiatives.
We are committed to providing the best customer experience with every interaction. We strive to offer pragmatic advice that will help organizations protect their assets and maintain a safe and secure environment in which to operate.
Similar jobs you might like
CyberArk Architect (Contract)- Vendor & Workforce Access
Top Benefits
About the role
At KeyData Cyber, we're shaping the future of identity security. Recognized by Gartner and KuppingerCole as a leading IAM professional services firm, we specialize exclusively in designing, deploying, and managing end-to-end Identity and Access Management programs for organizations across North America.
With 20 years of experience, 50M+ identities managed, and 1,000+ successful deployments, our team is our strongest asset and is built by design to help clients protect critical infrastructure, enable digital transformation, and ensure compliance with confidence.
We deliver comprehensive solutions across IAM domains, including:
- Workforce IAM (Access Management, Identity Governance and Administration, Privileged Access Management)
- Consumer IAM (Identity Verification, Authentication and Access, Threat Detection) in highly regulated industries.
If you're ready to grow your career alongside some of the industry's best, come join us — you're key to our success
We are currently looking for a CyberArk Architect to join the Identity & Access Management (IAM) team. In this role, you will be responsible for designing, implementing, and supporting enterprise Privileged Access Management (PAM) solutions using CyberArk across complex environments. You will play a key role in architecting secure privileged access strategies, enabling cloud-based privileged access, and driving governance frameworks. This role will support enterprise CyberArk initiatives across privileged access, cloud PAM, and identity security domains. Current priorities include CyberArk Privileged Cloud, Workforce Password Management, and Vendor Privileged Access solutions, while also supporting broader PAM programs.
Location: Canada, Remote
Employment Type: 10-month contract
Working Hours: This role follows Pacific Standard Time (PST) hours, from 9:00 AM to 5:00 PM
Vacancy Status: Immediate Opening: This position is currently available, and hiring is underway.
What You'll Do:
- Act as the lead architect and SME for Privileged Access Management (PAM) solutions, including CyberArk Privileged Cloud, CyberArk Identity, and related privileged access capabilities.
- Design and implement secure solutions for privileged credential management, including Workforce Password Management, Vendor Privileged Access, session controls, and secure third-party access.
- Lead deployment of browser extensions, mobile applications, user onboarding, and phased adoption activities related to Workforce Password Management solutions.
Collaborate with clients, system administrators, and application owners to define PAM requirements and design scalable, secure architectures. - Develop end-to-end solution architecture, detailed technical designs, and support deployment and implementation activities.
- Define and implement PAM governance frameworks, policies, and operational processes.
- Assess client environments to identify security gaps, recommend improvements, and define target architectures and roadmaps.
- Lead implementation of CyberArk components including vault, CPM, PSM, Secure Web Sessions and cloud-native privileged access solutions.
- Support integration with cloud platforms and enterprise systems for privileged access use cases.
- Develop SOPs, runbooks, and implementation/deployment plans for privileged access and identity governance solutions.
- Provide technical leadership, mentor junior engineers/architects, and guide delivery teams.
- Conduct knowledge transfer sessions and educate stakeholders on PAM architecture, frameworks, and best practices.
- Collaborate with cross-functional teams to ensure seamless integration with infrastructure, applications, and security tools.
Who We're Looking For:
- Bachelor's or Master's degree in Computer Science, Computer Engineering, Information Systems, or equivalent experience.
- 3+ years of experience in Information Security / Cybersecurity.
- 3+ years of hands-on experience designing and implementingCyberArk PAM solutions, including CyberArk Privileged Cloud.- - Strong experience in CyberArk Workforce Password Management and Vendor Privileged Access Management implementations.
- Proven experience in gathering PAM business requirements and translating them into technical design documents.
- Experience defining PAM strategies, roadmaps, and governance frameworks for enterprise clients.
- Hands-on experience with CyberArk components (Vault, CPM, PSM) and cloud-based PAM deployments.
- Good understanding of infrastructure technologies including databases, LDAP, directory services, operating systems, and networking.
- Strong problem-solving skills with the ability to communicate complex technical concepts effectively.
- Ability to work independently as well as collaboratively within a team environment.
- Excellent verbal and written communication skills.
Nice-to-Have Skills:
- CyberArk certifications such as Certified Delivery Engineer (CDE), Sentry, Certified Delivery Engineer (CDE), Privilege Cloud, or Identity certifications.
- Experience in consulting or client-facing roles.
- Knowledge of programming/scripting languages such as Java, Python, or PowerShell.
- Familiarity with cloud platforms (AWS, Azure, GCP) and their privileged access models.
- Security certifications such as CISSP, CISM, or equivalent.
Compensation:
The hourly rate for this position is $70–$77 CAD per hour. This is a 10 month, full-time contract role, working 40 hours a week. At KeyData Cyber, we are committed to fair and competitive compensation. We regularly benchmark across positions, industries, sectors, and experience levels, ensuring our approach recognizes each person's unique strengths, contributions, and the value they bring to the organization.#LI-AS1
Why You'll Love Working Here
At KeyData Cyber, we put people first, valuing learning, growth, and work-life balance. We offer extensive opportunities to advance your career through leading digital identity projects across North America. Our culture is built on respect, inclusion, and equal opportunity for everyone.
Accessibility & Accommodations
If you require accommodation due to a disability at any time during the recruitment and/or assessment process, please contact Talent Acquisition , and we will make all reasonable efforts to accommodate your request.
BrightHire technology is used during the preliminary interview stage for recording, transcription, and candidate evaluation as part of our hiring process.
Apply now to join the KeyData Cyber team and be part of our mission to secure the future of digital identity across North America.
Not the right fit? Search for CyberArk Architect jobs in Toronto, ON
About Keydata Associates
At KeyData, our vision is to be the Global Leader in delivering identity strategies and solutions to protect and secure our clients and their digital transformation initiatives.
We are committed to providing the best customer experience with every interaction. We strive to offer pragmatic advice that will help organizations protect their assets and maintain a safe and secure environment in which to operate.