Manager, Privileged Access Management Solutions Architect

About KPMG Advisory

The KPMG Advisory practice is a leader in transformation, providing outstanding opportunities for individuals eager to advance their careers within a dynamic environment. We prioritize personal and professional development, creating pathways for growth in a rapidly evolving market. Our team-oriented culture fosters adaptability and collaboration. At KPMG, our employees are our top priority. With numerous learning and development opportunities, a premier training facility, and access to cutting-edge tools, we support our team members in their continuous growth. If you are seeking a workplace where you can be your authentic self, make an impact, enhance your skills, and explore new areas of interest, consider joining our Advisory team.

KPMG is on the lookout for a Manager, Privileged Access Management Solutions Architect to be part of our Advisory Services practice.

Responsibilities

• Architect, design, and spearhead the implementation of Privileged Access Management (PAM) solutions to support comprehensive Identity & Access Management (IAM) initiatives.
• Act as the technical lead engineer for PAM deployments, including CyberArk On-Prem and SaaS solutions, focusing on privileged account management, session management, just-in-time access, and endpoint management.
• Collaborate with IT and Security Architecture teams to design PAM solutions that align with project requirements and industry best practices, integrating PAM capabilities across hybrid and multi-cloud environments.
• Manage end-to-end PAM lifecycle activities, including discovery, testing, onboarding, access workflows, break glass processes, policy design, and integration with enterprise controls such as IdP, SIEM, ITSM, and IGA platforms.
• Develop automation strategies to enhance deployment efficiency, including onboarding, policy deployment, and reporting by utilizing industry-standard tools/methods (e.g., Terraform, Ansible, PowerShell, Python, REST APIs).
• Implement automated integrations with adjacent security solutions (e.g., Crowdstrike, SIEM solutions, ServiceNow) and conduct privileged access risk assessments while developing aligned remediation strategies.
• Lead client-facing delivery, encompassing scope estimation, risk/issue/dependency management, technical workshop facilitation, and oversight of technical workstreams while providing guidance and mentorship to engineering teams.
• Exhibit integrity, professionalism, and personal responsibility to maintain a respectful work environment at KPMG.

Qualifications

• Minimum five years of relevant experience in IT security, IAM, or Privileged Access Management roles.
• A Bachelor's degree from an accredited institution is required; CyberArk Certified Delivery Engineer (CDE) or CyberArk Endpoint Privilege Manager (EPM) Certification is preferred.
• Strong expertise in Privileged Access Management technologies, with hands-on experience deploying CyberArk solutions; additional experience with secrets management platforms (e.g., Conjur, HashiCorp) and other PAM solutions (e.g., Delinea, BeyondTrust) is advantageous.
• Experience integrating PAM solutions with cloud services (e.g., Azure, AWS, GCP) and solid knowledge in systems infrastructure administration (Windows, Linux, Databases, Cloud) along with networking principles; proficiency in automation scripting to improve deployment processes.
• Demonstrated understanding of IAM concepts, security controls, and regulatory requirements related to privileged access.
• Exceptional analytical, communication, and problem-solving skills with the ability to lead technical discussions and drive complex engineering projects.
• Willingness to travel as required.
• Applicants must have authorization to work in the U.S. without requiring employment-based visa sponsorship now or in the future.

Benefits

KPMG offers a comprehensive compensation and benefits package. We are an equal opportunity employer, complying with all applicable federal, state, and local laws regarding recruitment and hiring. All qualified applicants will be considered for employment without regard to any legally protected status.