Years of Experience
· 6+ years of relevant experience in CyberArk Implementation - Design & Architecture.
General Description
· Creating and implementing strategies for managing privileged access, designing solutions, and ensuring the secure storage and retrieval of sensitive credentials.
· Demonstrating in-depth knowledge of CyberArk products, including the Enterprise Password Vault, Privileged Session Manager, and other related tools.
· Overseeing the installation, configuration, and integration of CyberArk components to safeguard critical systems and data.
· Engage with different stakeholders via workshops, etc. for all the design level discussions and prepare design documents.
· Developing and enforcing security policies, access controls, and privileged access management procedures to mitigate risks.
· Identifying vulnerabilities and potential threats, and implementing measures to protect against unauthorized access.
· Maintaining detailed records, reports, and documentation of CyberArk configurations and activities.
· Ensuring that CyberArk solutions are up-to-date and providing support for system upgrades and maintenance.
· Interact with different teams to gather the required data for integration/ on-boarding of target systems /devices.
· Resolving technical issues and providing expert guidance to address security challenges.
Skills / Technical Requirements
· Expertise in providing PAM solutions using CyberArk.
· Should have experience on CyberArk from 11.xx onwards
· Design deploy & support high-performance, high-availability PAM environment with any number of target end points, creating workflows, custom connectors, policies.
· Perform enhancement in CyberArk Core PAS
· On-board target systems onto CyberArk Core PAS.
· Support migration from Centrify to CyberArk Core PAS.
· Integrate Legacy IDM instances with CyberArk to manage human accounts.
· Support Redhat migration
· Migrate CyberArk shared and pooled accounts.
· Create named tiered accounts model and onboard name tiered accounts in CyberArk and assign them to correct IDM User Groups
· Work on Migration model - Pooled Accounts to Named tiered account.
· Perform Centrify Access Data Analysis to yield the current access data model and merge into the new Tiered Access Model.
· Should be capable to deploy/install/configure CyberArk components Vault, CPM, PVWA, PSM, PSMP and AIM as per the client requirements.
· Hands-on experience or knowledge on Configuring PTA, EPM.
· Integrating various platforms with CyberArk such as Windows, UNIX, Databases and network devices, SSH Keys, SAP etc.
· Creating and managing Safes, platforms and owners.
· Should have knowledge on Password upload utility and PACLI.
· Experience on integrating CyberArk solution with LDAP, SIEM SNMP and other identity management systems.
· Strong scripting skills, often using languages like PowerShell, Python, or Shell scripting, to automate tasks and customize CyberArk solutions.
· Knowledge of regulatory requirements and industry standards related to privileged access management, such as NIST, CIS, and GDPR.
· Experience with security monitoring tools and integrating CyberArk with Security Information and Event Management (SIEM) systems.
Soft Skills
· Excellent Verbal and written communication skills in English.
· Ability to present solutions to clients remotely and in person if needed.
· Good documentation skills that will enable creation of design documents for the technical solutions proposed.
· Excellent problem-solving skills.
· Good collaboration skills in working with virtual and distributed teams.
Certifications
· Possession of relevant CyberArk certifications such as CyberArk Certified Delivery Engineer (CDE) or CyberArk Certified Trustee (CTP) can be a significant advantage.
Educational Qualifications
· University degree in IT or/and IT Security