Key Responsibilities :
The L2 Network Security Operations & Infrastructure Engineer is responsible for advanced troubleshooting, configuration changes, policy management, incident response, and operational support across multiple cybersecurity and network technologies. The role acts as an escalation point for L1, performs RCA, drives change requests, and ensures secure and stable operations of firewalls, IDS/IPS, WAF, EDR/XDR, DLP, CASB, NAC, MDM, PAM, and related infrastructure.
Privileged Access Management (Primary)
- 3-6 years in identity/infrastructure security with hands-on PAM operations experience in enterprise environments.
- Operate and maintain PAM platform workflows (e.g., CyberArk, BeyondTrust, Delinea):
- Onboard privileged accounts and service identities into vaults.
- Configure and vali password rotation policies, session recording, and credential checkout workflows.
- Troubleshoot vault connectivity, credential injection failures, and rotation errors.
- Execute break-glass access procedures and periodic validation of emergency accounts.
- Monitor PAM health dashboards; remediate agent/service connector issues.
- Enforce least-privilege principles and JIT access for admins and service accounts.
- Implement access control policies for high-risk accounts; ensure compliance with tiered admin model (Tier0-Tier2).
- Support integration of PAM with identity providers (Entra ID, LDAP, Kerberos) and endpoint agents.
Secondary Responsibilities
- Investigate Conditional Access failures and risky sign-ins; remediate sign-in issues with platform teams.
- Apply/troubleshoot server baselines (Windows via GPO/MDM; Linux via Ansible/Chef) and measure compliance.
- Execute certificate renewals & rotations per SOP; triage issuance/chain problems.
- Remediate risky grants/privilege drift; enforce JML control gates and campaign-based access recertifications.
Primary Skills - Deep understanding of Privileged Access Management concepts: vaulting, credential rotation, session management, JIT access, and break-glass workflows.
- Familiarity with tiered admin models, PAW/SAW architecture, and credential hygiene best practices.
- Strong troubleshooting skills for PAM connectors, vault agents, and integration with OS and applications.
Secondary Skills - Conditional Access and MFA policy troubleshooting.
- PKI basics: certificate templates/profiles, auto-enroll, renewals, escrow.
- Baseline enforcement for Windows/Linux; scripting (PowerShell, Bash) for automation.
Certifications (Tool-Specific & Recommended) - CyberArk Defender (CAU201) or CyberArk Sentry (CAU301) - for PAM operations and advanced troubleshooting.
- BeyondTrust Certified Implementation Engineer or BeyondTrust Certified Administrator.
- Delinea (Thycotic) PAM Certification - for Secret Server operations.
- Microsoft SC-300 (Identity & Access Administrator) and SC-100 (Cybersecurity Architect).
- Optional: CompTIA Security+ for foundational security knowledge.
Preferred Qualifications:
- Bachelor s or Master s degree in Computer Science, Information Security, or a related field.
- Experience working with global clients and cross-functional teams.
- Ability to manage multiple opportunities and priorities in a fast-paced environment.
Location and way of working
- Base location: Bangalore
- Professional is required to work from office.
Your role as Assistant Manager
We expect our people to embrace and live our purpose by challenging themselves to identify issues that are most important for our clients, our people, and for society.
In addition to living our purpose, Senior Executive across our organization must strive to be:
- Inspiring - Leading with integrity to build inclusion and motivation
- Committed to creating purpose - Creating a sense of vision and purpose
- Agile - Achieving high-quality results through collaboration and Team unity
- Skilled at building diverse capability - Developing diverse capabilities for the future
- Persuasive / Influencing - Persuading and influencing stakeholders
- Collaborating - Partnering to build new solutions
- Delivering value - Showing commercial acumen
- Committed to expanding business - Leveraging new business opportunities
- Analytical Acumen - Leveraging data to recommend impactful approach and solutions through the power of analysis and visualization
- Effective communication - Must be well abled to have well-structured and well-articulated conversations to achieve win-win possibilities
- Engagement Management / Delivery Excellence - Effectively managing engagement(s) to ensure timely and proactive execution as well as course correction for the success of engagement(s)
- Managing change - Responding to changing environment with resilience
- Managing Quality & Risk - Delivering high quality results and mitigating risks with utmost integrity and precision
- Strategic Thinking & Problem Solving - Applying strategic mindset to solve business issues and complex problems
- Tech Savvy - Leveraging ethical technology practices to deliver high impact for clients and for Deloitte
- Empathetic leadership and inclusivity - creating a safe and thriving environment where everyones valued for who they are, use empathy to understand others to adapt our behaviours and attitudes to become more inclusive.
