Share this job
Cyber ark
Gosselies, WHT
Apply for this job

Mission Details

A full-time mission (estimated duration: 4 months), ideally starting 1 January 2026.

Partial remote work is possible depending on agreement with the mission lead.

A physical presence of at least 2 days per week on the client site is required. Additional onsite presence may occasionally be requested.

Because the site is not easily accessible via public transport, a driving licence and personal vehicle are recommended.

Context & Mission Objective

Ensure a secure, complete and fully documented migration of an existing on-premises PAM platform to a SaaS-based PAM solution, while ensuring continuity of existing PAM operations and seamless integration with the client’s technical environments and internal processes.

Responsibilities

1. Analysis & Scoping

  • Full assessment of the existing on-prem PAM environment.
  • Identification of privileged accounts, safes, policies, session flows and dependencies.
  • Analysis of organisational and operational constraints.
  • Definition of the migration perimeter (privileged accounts, sensitive systems, integrated applications).

2. Target SaaS Architecture

  • Analysis of the existing PAM SaaS architecture.
  • Definition of integration patterns (connectors, gateways, bastions).
  • Assessment of functional differences between on-prem and SaaS components.

3. Migration Strategy

  • Creation of the migration roadmap: phasing, prioritisation, risks, rollback plans.
  • Selection and configuration of relevant PAM tools:
  • Discovery & audit tooling
  • Application access components
  • Migration scripts / API automation
  • Connector builder
  • Definition of onboarding workflows for the SaaS environment.

4. Migration Execution

  • Configuration of connectors between on-prem systems and SaaS platform.
  • Progressive onboarding of privileged accounts.
  • Migration of PSM policies, session recording and access paths.
  • Migration of password management mechanisms.
  • End-to-end testing: access, sessions, secret rotation, audit & reporting.

5. Documentation & Processes

  • Creation of operational documentation:
  • Target architecture
  • Onboarding/offboarding procedures
  • Migration guide
  • Access & incident handling procedures
  • Runbooks for operations
  • Update of documentation for all relevant technical teams.

6. Knowledge Transfer & Support

  • Training workshops for internal teams.
  • Post-migration support, stabilisation and optimisation.

Expected Deliverables

  • Assessment of the existing platform
  • Validated migration strategy
  • Implemented scripts, configurations and connectors
  • Complete documentation (processes, runbooks, procedures)
  • Final report & recommendations

Required Technical Skills

(All must-have)

  • Proven experience in PAM migration projects
  • Experience with discovery/classification, connector deployment, secure sessions, and related technologies
  • Strong experience in privileged account provisioning/onboarding
  • Proven hands-on experience with PAM SaaS platforms
  • Strong background in risk analysis, compliance and security audits
  • Expertise in CyberArk (on-prem components such as PVWA, PSM, CPM, Vault)
  • Automation experience: REST APIs, PowerShell/Python scripting
  • Proven experience in PAM project management & change management
  • Expertise in hardening, segmentation, Zero Trust, bastion architectures
  • Integration experience with AD, Azure AD, SIEM, IAM
  • Excellent technical documentation & runbook writing skills

Soft Skills

  • Clear communication with internal and external teams
  • Strong analytical mindset in sensitive environments
  • Ability to navigate critical organisational constraints (multi-entity environments)
  • Experience working in regulated or high-security sectors (finance, pharma, industry)



Apply for this job
Powered by