*** Full-time hours: 37.5 hours a day, Monday through Friday ***

*** 24 month contract to start ***



Advantages
•Access to top CyberArk and IAM talent without geographic limits.
•Greater flexibility and work-life balance for improved productivity.




Responsibilities
•Support the design and implementation of PAM architecture for internal applications leveraging containerized environments.
•Collaborate with application development and infrastructure teams to deliver highly available credential retrieval services using CyberArk Central Credential Provider (CCP) and/or Azure Key Vault.
•Define and document Role-Based Access Control (RBAC) frameworks and integration patterns for internally developed applications.
•Assist in the modernization of the client’s Privileged Access Management (PAM) platforms, focusing on CyberArk (on-premises and Privilege Cloud).
•Analyze the current CyberArk solution environment to identify deficiencies and opportunities for simplification, scalability, and alignment with Zero Trust principles.
•Assist with the design and deployment of CyberArk components, including PSM, PVWA, PTA, CPM, Vault, and web sessions.
•Support secure authentication integration with Microsoft MFA, FIDO2, and certificate-based methods.
•Provide expertise in session recording, monitoring, and auditing privileged access for compliance purposes.
•Assist with migration activities from existing CyberArk on-premises deployments to Privilege Cloud where applicable.
•Develop and document repeatable integration patterns and architectural reference models for application teams.
•Troubleshoot and resolve complex PAM and IAM issues across cross-functional environments in a timely manner.
•Provide knowledge transfer, best practices, and recommendations to strengthen PAM governance and operational efficiency.
•Other related activities and deliverables as required.

Qualifications
The Consultant should have the following qualifications and skills:

•University degree or college diploma in Computer Science, Information Security, or a related field.
•Minimum of ten (10) years of relevant work experience in Identity and Access Management (IAM) with a focus on Privileged Access Management.
•Minimum of five (5) years of direct hands-on experience designing, implementing, and operating CyberArk Privileged Access Management solutions (on-premises and/or Privilege Cloud).
•Demonstrated expertise with CyberArk components, including Vault, PVWA, CPM, PSM, PTA, CCP, and web session management.
•Demonstrated experience with CyberArk migration projects (on-prem to cloud, or multi-tenant deployments).
•Demonstrated knowledge of secure authentication methods including SAML. OIDC, FIDO2/WebAuthn, and PKI.
•Demonstrated understanding of privileged session recording, monitoring, and compliance requirements.
•Demonstrated ability to design and implement Role-Based Access Control (RBAC) frameworks, particularly for internally developed applications.
•Demonstrated technical knowledge of containers (Docker/Kubernetes), networking, and web services protocols such as REST and SOAP, as well as API design and integration using JSON/XML.
•Demonstrated expertise to produce clear, concise, and business-ready documentation tailored to technical and non-technical audiences.
•Demonstrated strength in analysis and problem-solving, paired with strong negotiation and interpersonal communication skills.

Additional Qualifications

The following will also be considered:

•Demonstrated experience with Agile and DevOps
•Demonstrated knowledge of Cyber Security certifications (CISSP, GIAC, etc.)
•Demonstrated experience in the banking industry and/or government organizations
•Experience with identity governance and integration with SailPoint or Microsoft Entra ID.

Summary
If you're interested in learning more please submit your résumé and one of our senior Recruiters would be happy to give you a call to discuss further.

Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.

Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.