Job description

Company culture :

DXC – CDG stands out for a culture strongly focused on performance and competitiveness, where ambition, challenge and customer orientation shape priorities. This dynamic is balanced by a collaborative culture, fostering trust, empowerment and close managerial support. It also integrates an innovation dimension, encouraging initiative, adaptability and experimentation. Finally, a well-established organizational culture provides structure, ensuring process rigor, reliability and operational efficiency.

Architecture & Design

• Participate in defining and evolving the company's IAM/PAM architecture, in line with the Zero Trust strategy.
• Design integration schemes for CyberArk (EPV, PSM, PVWA, CPM, AAM/CCP, Conjur) within the existing IT system.
• Produce architecture documents, Technical Architecture Files (DAT), and contribute to security reviews.
• Advise on integration patterns for service accounts, CI/CD pipelines, and secrets management.

Integration & Deployment

• Deploy and configure CyberArk suite components (on-premises and cloud).
• Integrate PAM vaults with directories (Active Directory, LDAP), SIEM solutions, ITSM, and DevSecOps tools.
• Implement connectors for onboarding privileged accounts (Unix/Windows servers, databases, network equipment, SaaS applications).
• Support project teams in integrating secrets management within development chains.

Run & Operational Management

• Write and maintain procedures, policies, and runbooks related to privileged access management.
• Ensure the operational maintenance (MCO) and security maintenance (MCS) of the CyberArk platform.
• Manage level 2/3 incidents related to PAM and coordinate their resolution with internal teams and editors.
• Monitor platform performance indicators (KPI/KRI) and produce reports for the CISO.
• Conduct periodic reviews of privileged accounts, accesses, and password rotation policies.
• Supervise and mentor L1/L2 teams on CyberArk technical aspects.

Technical Skills

• CyberArk: EPV, PSM, PVWA, CPM, PSMP, AAM / CCP, Conjur Cloud.
• Solid experience in IAM: identity lifecycle management, RBAC, entitlement governance.
• Knowledge of authentication protocols: SAML, OAuth 2.0, OpenID Connect, Kerberos, LDAP.
• Experience with environments: Active Directory / Azure AD, AWS IAM, Azure RBAC, on-prem and cloud PAM.
• Experience with hybrid environments: Windows Server, Linux/Unix, databases (Oracle, SQL Server, PostgreSQL).
• DevSecOps awareness: integration of PAM into CI/CD pipelines (Jenkins, GitLab CI, Azure DevOps).

Soft Skills

• Ability to write architecture documents and lead technical workshops in French and English.
• Autonomy in managing complex topics, sense of prioritization, and results-oriented.
• Ability to communicate with non-technical stakeholders (CISO, Management, Business Units).
• Team spirit, rigor, and willingness to share knowledge.

Education & Certifications

• Master's degree (Bac+5) in computer science, cybersecurity, or equivalent.
• CyberArk Defender / Sentry, CISSP, CISM, SABSA, or equivalent.
• Cloud certification (AWS Security Specialty, AZ-500, etc.) is a plus.

Languages

• French: fluent.
• English: fluent — technical and written exchanges in English with international teams.