Job
Description
About The Role
Project Role :Security Architect
Project Role Description :Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills :CyberArk Privileged Access Management
Good to have skills :NA
Minimum 5 year(s) of experience is required
Educational Qualification :15 years full time education
Summary:We are seeking a highly skilled CyberArk professional who can provide L2/L3 operational support for CyberArk Privileged Access Security (PAS) environments and lead migration projects from Self-Hosted (CorePAS) to CyberArk Privilege Cloud (P-Cloud). This role combines day-to-day platform administration with strategic migration responsibilities, ensuring system performance, security, and compliance. Roles & Responsibilities:-Provide daily support for CyberArk components:PVWA, Vault, CPM, PSM, PTA.-Monitor servers, services, and overall system health.-Troubleshoot issues such as:-CPM password rotation failures-PSM session connectivity problems-Authentication failures (LDAP/SAML/MFA)-Vault communication issues-Perform Safe & platform maintenance, patching, and upgrades.-Handle onboarding requests for privileged accounts, platforms, and safes.-Incident & Problem Management-Provide L2/L3 support for CyberArk incidents and service requests.-Perform Root Cause Analysis (RCA) and implement permanent fixes.-Manage password rotation failures, CPM issues, and PSM connection problems.-Access Management-Configure new platforms, workflows, and password policies.-Manage Safe permissions, roles, and user provisioning.-Configure Dual-Control, session recording, and access approvals.-Support application onboarding with AppID/AIM/Credential Providers.-Migration Planning & Execution-Assess existing Self-Hosted CyberArk CorePAS environment.-Perform gap analysis, readiness assessment, and architecture review.-Develop migration roadmap, timelines, runbooks, and success criteria.-Execute migration from on-prem to CyberArk Privilege Cloud (P-Cloud):-Safe migration & recreation-Account and platform migration-CPM policy mapping-PSM connector replacement-SSH key & password rotation migration-Integrate applications, service accounts, and privileged users into P-Cloud.-Technical Responsibilities-Reconfigure platforms, Safe structures, and authentication methods (LDAP, SAML, MFA).-Rebuild workflows for password rotation, access approvals, and session initiation.-Work with network, IAM, DevOps, and application teams for successful cutover.-Testing & Validation-Conduct UAT, functional testing, and post-migration validations.-Validate CPM/PSM performance, platform compatibility, and session connectivity.-Maintenance & Security-Conduct periodic health checks, patching, and software updates.-Ensure compliance with audit requirements and generate audit reports.-Review logs, session recordings, and anomalous activity alerts.-Automation & Scripting-Develop PowerShell/Python scripts for:-Bulk onboarding-Audit reports-Safe/platform automation-Use CyberArk REST APIs for integration and automation.-Documentation & Governance-Maintain runbooks, SOPs, and knowledge base articles.-Create detailed migration documentation, architecture diagrams, and SOPs.-Train support teams on P-Cloud operations and troubleshooting.
Professional & Technical Skills:
6–10 years of hands-on experience in CyberArk PAM implementation and administration.-Expertise in PVWA, Vault, CPM, PSM, PTA.-Proven experience in CorePAS ? Privilege Cloud migration.-Familiarity with AAM, AIM, Conjur (added advantage).-Strong troubleshooting and monitoring skills.-Knowledge of Windows, Linux, Active Directory, SAML, MFA integrations.-Hands-on experience with CyberArk REST APIs.-PowerShell/Python scripting knowledge is a plus.-Certifications (Preferred)-CyberArk Defender (CAU201)-CyberArk Sentry (CAU301)Deep understanding of privileged access security, least privilege, and compliance
Additional Information:The candidate should have minimum 5 years of experience in CyberArk Privileged Access Management.This position is based at our Bengaluru office.A 15 years full time education is required.
Qualification 15 years full time education
