Company Profile:
Founded in 1976, CGI is among the largest independent IT and business consulting services firms in the world. With 94,000 consultants and professionals across the globe, CGI delivers an end-to-end portfolio of capabilities, from strategic IT and business consulting to systems integration, managed IT and business process services and intellectual property solutions. CGI works with clients through a local relationship model complemented by a global delivery network that helps clients digitally transform their organizations and accelerate results. CGI Fiscal 2024 reported revenue is CA$14.68 billion and CGI shares are listed on the TSX (GIB.A) and the NYSE (GIB). Learn more at cgi.com.
CyberArk PAM:
We are looking for a mid-senior level CyberArk Privileged Access Management (PAM) Engineer typically requires 6 to 10 years of total IT experience, with 4 to 6 years of dedicated, hands-on experience designing, deploying, and managing CyberArk environments.
This role acts as a critical line of defense for safeguarding an organization's most sensitive credentials, designing robust vaults, and implementing least-privilege models across on-premises, hybrid, and cloud infrastructures.
Required Skills & Experience
. Up to 10 years of experience in IT Industry and Privilege Access Management.
. Minimum 4-year hands-on experience with Design, engineering, and support for CyberArk.
. Strong proficiency in core CyberArk components: Enterprise Password Vault (EPV), Central Policy Manager (CPM), Privileged Session Manager (PSM / PSMP), and Privileged Web Application (PVWA).
Hands-on experience with CyberArk Privilege Cloud (PCloud), secure cloud access integration, and managing secrets inside AWS, Azure, or GCP ecosystems.
. Familiarity with CyberArk Conjur / Application Access Manager (AAM) for application-to-application credentials, CI/CD pipelines, and secrets management.
Experience managing CyberArk Endpoint Privilege Manager (EPM) to control application elevations, least-privilege policies, and ransomware/credential theft protection.
Server administration in Windows Server (Active Directory, GPOs, LDAP) and Linux/Unix environments.
Strong scripting proficiency using PowerShell or Python alongside REST APIs to automate account onboarding, safe creations, and system health checks.
Integrating CyberArk with ServiceNow (ITSM), multi-factor authentication (MFA), Single Sign-On (SSO), and SIEM tools (e.g., Splunk, Elastic) for auditing.
Key Responsibilities:
Architecture & Deployment: Assist in designing, configuring, and upgrading CyberArk PAM infrastructures, including high availability (HA) and disaster recovery (DR) architecture.Account Onboarding: Oversee the bulk onboarding of privileged credentials (admin, root, service, and database accounts) and configure custom platforms or CPM plug-ins.
Policy & Safe Configuration: Design and structure Safes, define master policy controls, determine password rotation intervals, and enforce dual-control workflows.Troubleshooting & Support: Serve as a Tier-2/3 technical escalation point for resolving failed password rotations, PSM recording failures, and application integration errors.Compliance & Auditing: Maintain session recording configurations, monitor user activities, and pull precise access logs to satisfy external compliance and audit requests.Disaster Recovery: Participate in routine system patching, vault database upgrades, and annual disaster recovery/contingency tests.Collaboration & Consulting: Ability to coordinate across infrastructure, development, and cybersecurity business units to analyze workflow risks and enforce PAM governanceZero Trust Mindset: Deep understanding of identity security concepts such as least-privilege enforcement, session isolation, and JIT (Just-In-Time) elevation.Documentation & Training: Proven ability to create standard operating procedures (SOPs), run training sessions for CyberArk administrators, and produce technical design layouts.
Good to Have
. Advanced Automation & Developer Skill.
Advanced CyberArk Specialized Modules like Privileged Threat Analytics (PTA), Alero / Remote Access, Application Defend (EPM Application Control)
. Exposure to IGA tools like SailPoint IdentityIQ.
. Integrating CyberArk Vaults with physical or cloud HSMs (like SafeNet or Thales) to secure the master encryption keys.
. Experience integrating CyberArk syslog feeds with SIEM platforms like Splunk, IBM QRadar, or Microsoft Sentinel for advanced security auditing.
Certification:
. CyberArk Defender (Level 2) - Mandatory
. CyberArk Sentry (Level 3 - highly preferred)
. CyberArk Certified Delivery Engineer (CDE) – Good to have.
Life at CGI:
It is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because…
You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction
Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise
You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons
Come join our team, one of the largest IT and business consulting services firms in the world.
Your future duties and responsibilities
Required qualifications to be successful in this role
Together, as owners, let’s turn meaningful insights into action.
Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because…
You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction.
Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.
You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.
Come join our team—one of the largest IT and business consulting services firms in the world.
