Meet our professionals CGI: A place to build an IT career Position Description: CGI Federal has an exciting opportunity for a PAM Engineer with experience in CyberArk and/or CA PAM tools. You will enhance the cyber security posture of seven (7) civilian government agencies through improved implementation and enhancement of network monitoring and control tools and processes. You will actively identify and mitigate a wide range of cyber risks and will also work closely with a variety of agency stakeholders, supporting their mission, priorities, organization and unique challenges. This opportunity will support a dynamic, fast-paced and energetic project focused on improving federal cybersecurity at the seven target agencies over the next six (6) years. * The PAM Engineer will be supporting a strategic federal cyber security client(s). * Primary mission of the project will be in implementing a proactive risk management solution to enhance the customer's defense posture. * Candidate will work with a highly skilled and experienced team focusing on next generation security solutions, specifically leveraging CyberArk and CA PAM to lock down and effectively managed privileged user accounts. * Additionally, this individual will serve as a trusted advisor, technical leader and cyber security expert for the organization and drive future growth capabilities from existing engagements. * This candidate will function as a security advisor and consultant for customers on people, policy, processes and technology issues surrounding security engagements while helping scope and design multi-vendor security solutions for large networks and supporting customers in their risk and threat mitigation solutions. Your future duties and responsibilities:* Day-to-day activities include working with customer teams and supporting current tasks and activities. * Responsibilities include leading and supporting engineering teams focused on Identity Access Management (IAM). * Work closely with customer delivery managers to prioritize daily tasks. * Participate in technical meetings with customers' technical specialists. * Provide Tier 2/3 support for incidents relating to security tools/solutions. * Continuously improve customers' security deployments, identify opportunities to enhance the client's cyber security posture, and integrate new technologies and services. Required qualifications to be successful in this role:* Due to the nature of the government contract requirements and/or clearance requirements, US citizenship is required. * Bachelor's degree and 5-7 years of experience working in Identity and Access Management (IAM). Candidates with a Master's degree must have at least 4 years of experience. * At least 2.5 years of working experience in deploying CA PAM and / or CyberArk to large enterprises * Practical experience with PKI solutions, including SSL * Hands on experience in deploying backup, high-availability and DR environments (cold, warm and hot) * Working experience with Microsoft Internet Information Services (IIS) and Active Directory (AD) * Proven ability to work closely with customer's network and operations team to resolve issues or security concerns of tools/services. * Proven ability to work with vendors in troubleshooting and resolving issues related to identified security tools * Practical, "field" experience with installing, configuring, and testing PAM solutions. * Extensive experience working with clients to provide design & architectural guidance and best practice recommendations for safe design, access control policies, and other related security requirements or needs * Experience with integrating PAM solutions to Splunk and/or IAM tools such as SailPoint. * Experience integration PAM solutions with multi-factor authenticators, namely PIV cards * Must be able to obtain and maintain a government security clearance/investigation to start employment. * Must be able to pass a CGI background check to start employment. - Day-to-day activities include working with customer teams and supporting current tasks and activities. * Responsibilities include leading customer engineering teams. * Work closely with customer delivery managers to prioritize daily tasks. * Participate in technical meetings with customers' technical specialists. * Provide Tier 2/3 support for incidents relating to security tools/solutions. * Continuously improve customers' security deployments and integrate new technologies and services. Desired: * Experience with Microsoft Certificate Authority * Linux administration experience * Windows PowerShell experience * Basic knowledge of networking and firewalls * Basic Splunk Knowledge * Basic SailPoint IIQ knowledge * Relevant PAM tool certifications, eg CyberArk level 3 (Sentry) certification or higher * Security relevant certifications: CISSP, CISM, CISA, Security +, CEH. * Understanding of databases and vaulting technologies * Basic programming experience (Python and Java preferred) * Understanding of federal cyber security guidance such as NIST SP 800-37 - Guide for Applying the Risk Management Framework to Federal Information Systems: a Security Life Cycle Approach and NIST 800-137 - Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations. Understanding of the DHS Continuous Diagnostics and Mitigation Program (CDM)* LI-MC3 #CGIFEDERALJOB What you can expect from us: Build your career with us. It is an extraordinary time to be in business. As digital transformation continues to accelerate, CGI is at the center of this change-supporting our clients' digital journeys and offering our professionals exciting career opportunities. At CGI, our success comes from the talent and commitment of our professionals. As one team, we share the challenges and rewards that come from growing our company, which reinforces our culture of ownership. All of our professionals benefit from the value we collectively create. Be part of building one of the largest independent technology and business services firms in the world. Learn more about CGI at www.cgi.com. No unsolicited agency referrals please. CGI is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to their race, ethnicity, ancestry, color, sex, religion, creed, age, national origin, citizenship status, disability, medical condition, military and veteran status, marital status, sexual orientation or perceived sexual orientation, gender, gender identity, and gender expression, familial status, political affiliation, genetic information, or any other legally protected status or characteristics. CGI provides reasonable accommodations to qualified individuals with disabilities. If you need an accommodation to apply for a job in the US, please email the CGI US Employment Compliance mailbox at US_Employment_Compliance@cgi.com. You will need to reference the requisition number of the position in which you are interested. Your message will be routed to the appropriate recruiter who will assist you. Please note, this email address is only to be used for those individuals who need an accommodation to apply for a job. Emails for any other reason or those that do not include a requisition number will not be returned. We make it easy to translate military experience and skills! Click here to be directed to our site that is dedicated to veterans and transitioning service members. All CGI offers of employment in the US are contingent upon the ability to successfully complete a background investigation. Background investigation components can vary dependent upon specific assignment and/or level of US government security clearance held. CGI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with CGI's legal duty to furnish information.