Meet our professionals
CGI: A place to build an IT career
CGI Federal has an exciting opportunity for a Privileged Access Management (PAM) Engineer with experience in CyberArk and/or CA PAM tools to support our DHS CDM DEFEND program. You will support a dynamic, fast-paced project focused on improving the cyber security posture of a civilian government agency through improved implementation and enhancement of network monitoring and control tools and processes. You will actively identify and mitigate a wide range of cyber risks and will work closely with a variety of agency stakeholders, supporting their mission, priorities, and unique challenges. You will provide technical knowledge and analysis of highly specialized applications and operational environments, high-level functional systems analysis, design, integration, documentation and implementation advice on exceptionally complex problems for effective implementation.
Your future duties and responsibilities:
- Primary mission of the project will be implementing a proactive risk management solution to enhance the customer’s cyber defense posture.
- Work with a highly skilled and experienced team focused on next generation security solutions, specifically leveraging CyberArk and CA PAM to lock down and effectively manage privileged user accounts. - Provide Tier 2/3 support for incidents relating to security tools/solutions and general technical support to customer teams and their prioritized activities. - Serve as a trusted advisor, technical leader, and cyber security expert to continuously improve customers’ security deployments, identify opportunities to enhance the client’s cyber security posture, and integrate new technologies and services. - Advise and consult the client regarding policy, processes, and technology issues, while helping to scope and design multi-vendor security solutions for large networks. - Support the client with their risk and threat mitigation solutions. - Work closely with service delivery managers to prioritize daily tasks. - Participate in technical meetings with customers’ technical specialists. - May lead an engineering team focused on Identity Access Management (IAM). - Participate as needed in all phases of software development with emphasis on the planning, analysis, testing, integration, documentation, and presentation phases.
Required qualifications to be successful in this role:
- Due to the nature of the government contract requirements and/or clearance requirements, US citizenship is required.
- Bachelor’s degree and 5-8 years of experience working in Identity and Access Management (IAM) or a Master’s degree with at least 4 years of experience. - At least 2.5 years of working experience deploying, configuring and testing CA PAM and/or CyberArk to large enterprises. - Experience with integrating PAM solutions with Splunk and/or other IAM tools such as SailPoint, as well as with multi-factor authenticators such as PIV cards. - Practical experience with PKI solutions, including SSL. - Extensive experience working with clients to provide design & architectural guidance and best practice recommendations for safe design, access control policies, and other related security requirements or needs. - Hands on experience deploying backup, high-availability and DR environments. - Proven ability to work closely with customer’s network and operations teams, as well as vendors, to resolve issues or security concerns of tools/services. - Working experience with MS Internet Information Services (IIS) and Active Directory (AD). - Must be able to pass a CGI background check to start employment as well as obtain and maintain a DHS EOD/Public Trust clearance. Desired: - Oracle IAM, Centrify, and/or Radiant Logic experience - Microsoft Certificate Authority experience - Linux administration experience - Windows PowerShell experience - Basic programming skills (Python or Java) - Basic knowledge of networking and firewalls - Basic Splunk knowledge - Basic SailPoint IIQ knowledge - PAM tool certifications, e.g. CyberArk level 3 (Sentry) certification or higher - Security certifications such as CISSP, CISM, CISA, Sec+, CEH. - Understanding of databases and vaulting technologies. - Understanding of federal cyber security guidance such as NIST SP 800-37 and NIST 800-137. - Understanding of the DHS Continuous Diagnostics and Mitigation Program (CDM). #CGIFederalJob #CDMDEFEND
What you can expect from us:
Build your career with us.
It is an extraordinary time to be in business. As digital transformation continues to accelerate, CGI is at the center of this change—supporting our clients’ digital journeys and offering our professionals exciting career opportunities.
At CGI, our success comes from the talent and commitment of our professionals. As one team, we share the challenges and rewards that come from growing our company, which reinforces our culture of ownership. All of our professionals benefit from the value we collectively create.
Be part of building one of the largest independent technology and business services firms in the world.
Learn more about CGI at
No unsolicited agency referrals please.
CGI is an equal opportunity employer.
Qualified applicants will receive consideration for employment without regard to their race, ethnicity, ancestry, color, sex, religion, creed, age, national origin, citizenship status, disability, medical condition, military and veteran status, marital status, sexual orientation or perceived sexual orientation, gender, gender identity, and gender expression, familial status, political affiliation, genetic information, or any other legally protected status or characteristics.
CGI provides reasonable accommodations to qualified individuals with disabilities. If you need an accommodation to apply for a job in the U.S., please email the CGI U.S. Employment Compliance mailbox at
US_Employment_Compliance@cgi.com. You will need to reference the requisition number of the position in which you are interested. Your message will be routed to the appropriate recruiter who will assist you. Please note, this email address is only to be used for those individuals who need an accommodation to apply for a job. Emails for any other reason or those that do not include a requisition number will not be returned.
We make it easy to translate military experience and skills! Click
here to be directed to our site that is dedicated to veterans and transitioning service members.
All CGI offers of employment in the U.S. are contingent upon the ability to successfully complete a background investigation. Background investigation components can vary dependent upon specific assignment and/or level of US government security clearance held.
CGI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with CGI’s legal duty to furnish information.