Technical Architect - Privileged Access Management
Jabil · 2 Locations
Job description
At Jabil (NYSE: JBL), we are proud to be a trusted partner for the world's top brands, offering comprehensive engineering, supply chain, and manufacturing solutions. With 60 years of experience across industries and a vast network of over 100 sites worldwide, Jabil combines global reach with local expertise to deliver both scalable and customized solutions. Our commitment extends beyond business success as we strive to build sustainable processes that minimize environmental impact and foster vibrant and diverse communities around the globe. Job Description As a Cybersecurity Technical Architect specializing in Privileged Access Management (PAM) at Jabil, Inc., you will be responsible for designing, implementing, and maintaining robust PAM solutions to protect critical assets and data across our global enterprise. You will play a key role in defining our PAM strategy, ensuring compliance, and integrating PAM technologies with existing security infrastructure. Job Responsibilities:** * Own and operate CyberArk PAM Suite globally — vault configuration, safe structure, session recording, JIT workflows, rotation schedules, and CyberArk for OT session gating * Develop and maintain the PAM roadmap, aligning it with overall cybersecurity strategy and business objectives. * Design and implement Just-In-Time privileged access for all Tier 0, Tier 1, and Tier 2 accounts — no standing privilege, all sessions vaulted and recorded * Own the Non-Human Identity governance program — service account vaulting, rotation automation, NHI inventory, and governance framework Govern PAM for OT alongside the OT Architect — vendor session gating, session recordings, and OT privileged account management. * Define and enforce PAM design standards — vault structure, safe naming conventions, rotation schedules, and session recording retention policies * Own the Privileged Access Management technical roadmap and vendor relationship — product roadmap briefings, TAM relationship, upgrade schedule * Integrate CyberArk Threat Analytics with MSSP and SIEM for privileged account anomaly detection. * Lead the design, architecture, and implementation of complex Privileged Access Management (PAM) solutions. * Translate business requirements and security policies into technical PAM solutions and configurations. * Collaborate with various IT teams (e.g., infrastructure, applications, network) to ensure seamless integration of PAM solutions. * Provide technical expertise and guidance on PAM best practices, security controls, and compliance requirements (e.g., NIST, ISO 27001, GDPR). * Conduct security assessments, vulnerability analyses, and penetration testing related to privileged access. * Develop and implement automation scripts and tools to streamline PAM operations and enhance security posture. * Create and maintain comprehensive documentation, including architectural designs, solution configurations, and operational procedures. * Support incident response activities related to privileged access breaches or anomalies. * Mentor junior security engineers and provide technical leadership within the cybersecurity team. * Stay current with emerging PAM technologies, threats, and industry trends. Job Qualifications:** * Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Master's degree preferred. * Minimum of 8 years of experience in cybersecurity, with at least 5 years focused specifically on Privileged Access Management (PAM) architecture and engineering. * Proven expertise in designing, implementing, and managing enterprise-grade PAM solutions (e.g., Delinea Secret Server, CyberArk, BeyondTrust). Certifications in these platforms are highly desirable. * Strong understanding of identity and access management (IAM) concepts, including directory services (Active Directory, LDAP), SSO, MFA, and federation. * In-depth knowledge of security protocols (e.g., Kerberos, OAuth, SAML, OpenID Connect) and cryptographic principles. * Experience with scripting languages (e.g., Python, PowerShell) for automation and integration. * Familiarity with cloud security principles and PAM in cloud environments (AWS, Azure, GCP). * Solid understanding of network security, operating systems (Windows, Linux), and database security. * Excellent analytical, problem-solving, and decision-making skills. * Strong communication and interpersonal skills, with the ability to effectively articulate complex technical concepts to both technical and non-technical audiences. * Relevant industry certifications such as CISSP, CISM, or vendor-specific PAM certifications are a plus. The pay range for this role is $100,100 - $180,200. Job-related, non-discriminatory factors used to determine the actual offered rate include qualifications and experience, geographic location, education, external market data, and consideration of internal equity. The anticipated close date of this job requisition is: August 28, 2026. As part of the total rewards package, this position is eligible for a short-term incentive based on performance. In addition, Jabil offers benefits to enhance your health, wealth, and resilient self. These include medical, dental, and vision insurance plans; paid time off accruing at a rate of 3.07 hours during your first year of employment; 4 weeks of paid parental leave; in 2026, 11 company-paid holidays (9 fixed holidays and 2 optional floating holidays), subject to change yearly; 401(k) retirement plan; and employee stock purchase plan. BE AWARE OF FRAUD: When applying for a job at Jabil you will be contacted via correspondence through our official job portal with a jabil.com e-mail address; direct phone call from a member of the Jabil team; or direct e-mail with a jabil.com e-mail address. Jabil does not request payments for interviews or at any other point during the hiring process. Jabil will not ask for your personal identifying information such as a social security number, birth certificate, financial institution, driver’s license number or passport information over the phone or via e-mail. If you believe you are a victim of identity theft, contact the Federal Bureau of Investigations internet crime hotline (www.ic3.gov), the Federal Trade Commission identity theft hotline (www.identitytheft.gov) and/or your local police department. Any scam job listings should be reported to whatever website it was posted in. Jabil, including its subsidiaries, is an equal opportunity employer and considers qualified applicants for employment without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, age, disability, genetic information, veteran status, or any other characteristic protected by law. Accessibility Accommodation If you are a qualified individual with a disability, you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or access Jabil.com/Careers site as a result of your disability. You can request a reasonable accommodation by sending an e-mail to Always_Accessible@Jabil.com or calling 727-803-7988 with the nature of your request and contact information. Please do not direct any other general employment related questions to this e-mail or phone number. Please note that only those inquiries concerning a request for reasonable accommodation will be responded to. #whereyoubelong #AWorldofPossibilities
Verified and listed by ActiveJobs. Applications are made directly on Jabil's own career page — we never sit in the middle.