Job Description

Project Role :

Security Architect

Project Role Description :

Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.

Must have skills :

CyberArk Privileged Access Management

Good to have skills :

NA

Minimum

5

year(s) of experience is required

Educational Qualification :

15 years full time education



Summary: We are seeking a highly skilled CyberArk professional who can provide L2/L3 operational support for CyberArk Privileged Access Security (PAS) environments and lead migration projects from Self-Hosted (CorePAS) to CyberArk Privilege Cloud (P-Cloud). This role combines day-to-day platform administration with strategic migration responsibilities, ensuring system performance, security, and compliance. Roles & Responsibilities: -Provide daily support for CyberArk components: PVWA, Vault, CPM, PSM, PTA. -Monitor servers, services, and overall system health. -Troubleshoot issues such as: -CPM password rotation failures -PSM session connectivity problems -Authentication failures (LDAP/SAML/MFA) -Vault communication issues -Perform Safe & platform maintenance, patching, and upgrades. -Handle onboarding requests for privileged accounts, platforms, and safes. -Incident & Problem Management -Provide L2/L3 support for CyberArk incidents and service requests. -Perform Root Cause Analysis (RCA) and implement permanent fixes. -Manage password rotation failures, CPM issues, and PSM connection problems. -Access Management -Configure new platforms, workflows, and password policies. -Manage Safe permissions, roles, and user provisioning. -Configure Dual-Control, session recording, and access approvals. -Support application onboarding with AppID/AIM/Credential Providers. -Migration Planning & Execution -Assess existing Self-Hosted CyberArk CorePAS environment. -Perform gap analysis, readiness assessment, and architecture review. -Develop migration roadmap, timelines, runbooks, and success criteria. -Execute migration from on-prem to CyberArk Privilege Cloud (P-Cloud): -Safe migration & recreation -Account and platform migration -CPM policy mapping -PSM connector replacement -SSH key & password rotation migration -Integrate applications, service accounts, and privileged users into P-Cloud. -Technical Responsibilities -Reconfigure platforms, Safe structures, and authentication methods (LDAP, SAML, MFA). -Rebuild workflows for password rotation, access approvals, and session initiation. -Work with network, IAM, DevOps, and application teams for successful cutover. -Testing & Validation -Conduct UAT, functional testing, and post-migration validations. -Validate CPM/PSM performance, platform compatibility, and session connectivity. -Maintenance & Security -Conduct periodic health checks, patching, and software updates. -Ensure compliance with audit requirements and generate audit reports. -Review logs, session recordings, and anomalous activity alerts. -Automation & Scripting -Develop PowerShell/Python scripts for: -Bulk onboarding -Audit reports -Safe/platform automation -Use CyberArk REST APIs for integration and automation. -Documentation & Governance -Maintain runbooks, SOPs, and knowledge base articles. -Create detailed migration documentation, architecture diagrams, and SOPs. -Train support teams on P-Cloud operations and troubleshooting. Professional & Technical Skills: - 6-10 years of hands-on experience in CyberArk PAM implementation and administration. -Expertise in PVWA, Vault, CPM, PSM, PTA. -Proven experience in CorePAS ? Privilege Cloud migration. -Familiarity with AAM, AIM, Conjur (added advantage). -Strong troubleshooting and monitoring skills. -Knowledge of Windows, Linux, Active Directory, SAML, MFA integrations. -Hands-on experience with CyberArk REST APIs. -PowerShell/Python scripting knowledge is a plus. -Certifications (Preferred) -CyberArk Defender (CAU201) -CyberArk Sentry (CAU301)Deep understanding of privileged access security, least privilege, and compliance Additional Information: - The candidate should have minimum 5 years of experience in CyberArk Privileged Access Management. - This position is based at our Bengaluru office. - A 15 years full time education is required.




15 years full time education