Job Description: CyberArk
Core Skills
- Deploy, configure, and maintain CyberArk components including:
- EPV, PVWA, PSM, PSMP, CPM, Vault, AAM/Conjur, PTA, and Credential Providers.
- Implement CyberArk Privileged Account onboarding, password rotation policies, and access controls.
- Configure Session Recording, PSM connectors, workflow approvals, and secure remote access.
- Manage privileged accounts across servers, databases, network devices, cloud workloads, and applications.
- Enable Least Privilege, JIT (Just In Time) access, and Zero Standing Privileges.
- Conduct privileged access reviews, reconciliation, and clean-up of orphan/dormant accounts.
- Integrate CyberArk with enterprise systems: Active Directory, LDAP, SIEM, MFA/SSO, Identity Governance (IGA), ticketing systems, and cloud platforms (AWS/Azure/GCP).
- Develop automation using REST APIs, PowerShell, Python, etc., for bulk onboarding, reporting, and operational enhancements.
- Implement break glass procedures, vault hardening, DR setup, and HA configurations.
- Investigate and resolve CyberArk platform issues including Vault connectivity, CPM failures, PSM session errors, and credential injection failures.
- Monitor system health, logs, alerts, and ensure adherence to security baselines.
- Perform patching, upgrades, and lifecycle management for all CyberArk components.
Mandatory Certification
- CyberArk CDE (CyberArk Defender + Sentry) Certification
Additional Skills
- Strong problem‑solving, analytical, and troubleshooting capabilities.
- Ability to communicate security concepts to technical and non‑technical stakeholders.
- Excellent documentation, stakeholder management, and collaboration skills.
