SUMMARY

• 8 plus years of experience in IT field including installation, configuration, development, deployment, administration, trouble shooting and network security, database systems, identity access management and enterprise document management in large scale organizations.
• Experienced in using IAM/PAM tools for deployment, configuration, integration and troubleshooting of CyberArk Privileged Account Security product suite - Enterprise Password Vault, Password Vault Web Access, Central Policy Manager, Privileged Session Manager, Application Identity Manager, Privileged Threat Analytics .
• Solid experience in the implementation and installation of CyberArk 7.0, 9. 5 and CyberArk 9. 6 Privileged Identity Management (PIM) Suite
• Performed Manage, Resume, Release Privileged Credential using Cyber Ark Privileged Management vault Administration, configuration, troubleshooting and installation of Windows 2003, 2008, 2008 R2 and 2012/R2.
• Hands-On experience in integrating and troubleshooting platforms with CyberArk Privileged Account Security, such as Windows / UNIX servers, VMware ESXi, Network Devices, Middleware and Databases.
• Experienced in the configuration including AD integration and management of CyberArk Enterprise Password Vault and managed safes and server/ host addresses in Enterprise Password Vault.
• Provided guidance in addition, removal, change and lifecycle of Privileged ID Management (PIM) in order to provide the highest quality levels of security.
• Installed, managed and troubleshot DNS in multiple zone environments. Troubleshot DNS integration with Active Directory. Installed, configured and administered WINS, DHCP, IIS and WSFTP, File and Print servers.
• Installation and capacity management of CyberArk Privileged Session Manager (PSM) including RDS Session host and licensing.
• Experienced with PAM Operational Tasks - defining access control, user entitlements, manage applications, credentials and user access policy management.
• Troubleshooting and maintenance of the Password Vault, CPM, PSM, AIM, DR Vault in DR Server and Migrating user accounts into Password Vault using Bulk upload utility.
• Knowledge in network security using ASA Firewall, Checkpoint, Juniper SRX, Palo Alto, Cisco IDS/IPS and IPSEC/SSL VPN and different LAN & WAN technologies.
• Knowledge of frame relay, sub-netting and DNS, WINS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP (Spanning tree Protocol), RTSP & Multicasting protocols.
• Good communication skills, strong decision making and organizational skills along with outstanding problem solving skills to undertake challenging jobs.
• Able to work well independently and also in a team by helping to troubleshoot technology and business related problem.

PROFESSIONAL EXPERIENCE

Confidential, Franklin Lakes, NJ

Sr. CyberArk Consultant

Responsibilities:

• Gathering technical requirements and worked as primary point of contact for clients CyberArk’s Operations and Maintenance Tasks.
• Experience in Implementation, installation and maintenance of CyberArk 9.6 & 9.8 PIM Suite
• Experience in CyberArk PAS suite which includes Enterprise Password Vault, Password Vault Web Access, Central Policy Manager, Privileged Session Manager, Proxy and PACLI.
• Responsible for PAM Operational tasks defining access control , user entitlements, managing applications credentials and user access policy.
• Developed and maintained the solution System Design Document that defined the solution’s architecture framework, component-level design, identity schema, user interfaces design, use cases and process flows.
• Managed CyberArk Security that offers wide range of services and support including implementation, consulting, training, maintenance, online support and vault.
• Knowledge of Implementing application account management by CyberArk on Windows, Data bases and Linux servers using AIM module.
• Experience in Linux and Windows systems to provision new ids and find the RCA in system level and troubleshooting .
• Troubleshooting and maintenance of the Password Vault, CPM, PSM, AIM, DR Vault.
• Migrated user accounts into Password Vault using Bulk upload utility.
• Knowledge in Active Directory mapping connection to provision users and groups into Cyber-Ark vault and e-mail notification failures.
• Configured Auto-Detection processes to provision and manage Windows service accounts.
• Good Experience in working with Ticketing system (Service Now) and Log management Tool (Splunk).
• Provided 24/7 On call remote support for Operations and Maintenance.

Environment: CyberArk 9.6 & 9.8, PAM, LDAD, AD Integration, UNIX, Firewall, SIEM, VMWare, DNS, TCP/IP, F5 Load Balancer, Network Security.

Confidential, Atlanta, GA

Sr. CyberArk Consultant

Responsibilities:

• Involved in gathering technical requirements and establish clear definition of clients CyberArk’s responsibilities and Maintenance.
• Experience in Implementation, installation and maintenance of CyberArk 9.5 PIM Suite .
• Primary point of contact for CyberArk Operational and Maintenance Tasks ..
• Experience in CyberArk PAS suite which includes Enterprise Password Vault, Password Vault Web Access, Central Policy Manager, Privileged Session Manager.
• Managed CyberArk Security that offers wide range of services and support including implementation, consulting, training, maintenance, online support and vault.
• Responsible for PAM Operational tasks defining access control , user entitlements, managing applications credentials and user access policy.
• Developed and maintained the solution System Design Document that defined the solution’s architecture framework, component-level design, identity schema, user interfaces design, use cases and process flows.
• Knowledge of Implementing application account management by CyberArk on Windows and Linux servers using AIM module.
• Experience in Linux and Windows systems to provision new ids and find the RCA in system level and troubleshooting .
• Upgraded to latest version of CyberArk on the Production and DR vaults and pertaining CPM/PSM and PVWA.
• Troubleshooting and maintenance of the Password Vault, CPM, PSM, AIM, DR Vault.
• Migrated user accounts into Password Vault using Bulk upload utility.
• Knowledge in Active Directory mapping connection to provision users and groups into Cyber-Ark vault and e-mail notification failures.
• Configured Auto-Detection processes to provision and manage Windows service accounts.
• Good Experience in working with Ticketing system (Service Now) and Log management Tool (Splunk).
• Provided 24/7 On call remote support for Operations and Maintenance.

Environment: CyberArk 9.5, PIM, LDAD, AD Integration, UNIX, Firewall, SIEM, Cisco ASA Firewalls, VMWare, DNS, TCP/IP, F5 Load Balancer, Network Security.

Confidential, West Chester, PA

CyberArk Security Consultant

Responsibilities:

• Involved in gathering technical requirements from the client and worked closely with network team for requirements.
• Implementation and installation of different versions of CyberArk Suite 7.0, 8.1.0 and 9.3.
• Used CyberArk Privileged Account Security product suite which includes Enterprise Password Vault, Password Vault Web Access, Central Policy Manager , Privileged Session Manager .
• Performed vulnerability assessments of systems/network device. Knowledge of Security tools like CyberArk, IDS/IPS, SIEM, PIM, Cisco ASA Firewalls, ACS, NMAP, Nessus and Wire shark etc.
• Managed CyberArk Security that offers any enterprise a wide range of services and support options to making digital vault solution a success; these services include implementation, consulting, training, maintenance, online support and vault.
• Worked on PAM Operational tasks defining access control , user entitlements, managing applications credentials and user access policy.
• Performed Privileged Access Reviews, Compliance Reporting, Access Control Processes and other associated tasks with Privileged User Management.
• Designed, developed, and documented IAM services including single sign-on, self-service registration, workflows, user management, management dashboard, Role-Based Access Control , Attribute-Base Access Control, resource and business layers provisioning, credentialing, federation, and auditing.
• Developed and maintained the solution System Design Document that defined the solution’s architecture framework, component-level design, identity schema, user interfaces design, use cases and process flows.
• Implemented application account management by CyberArk on Windows and Linux servers using AIM module.
• Upgraded CyberArk software version on the Production and DR vaults and pertaining CPM/PSM and PVWA.
• Troubleshooting and maintenance of the Password Vault, CPM, PSM, AIM, DR Vault.
• Migrated user accounts into Password Vault using Bulk upload utility.
• Involved in Privileged Identity Management , Identity & Access Management , Single Sign On, SAML, OAuth, ADLDS, ADFS, OKTA, TLS/SSL, Active Directory.
• Fixed Active Directory mapping connection to provision users and groups into Cyber-Ark vault and e-mail notification failures.
• Configured Auto-Detection processes to provision and manage Windows service accounts.

Environment: CyberArk 7.0, 8.1.0, 9.2.1, PIM, LDAD, AD Integration, UNIX, Firewall, SIEM, VMWare, Routers, DNS, TCP/IP, F5 Load Balancer, Network Security.

Confidential, Englewood, CO

Security/CyberArk Analyst

Responsibilities:

• Interacted with clients in gathering requirements, designed and delivered solutions to install and integrate with the existing CyberArk implementations and managed high privileged accounts to automate Privileges Access Management process.
• Involved with Identity & Access Management Services on deployment, implementation and operations of Privileged Identity tool, CyberArk .
• Designed access control, user entitlements, application credentials, user access policy management, session management related to Privileged Access Management.
• Performed daily operations, support and defined access control, user entitlements, applications credentials and user access policy management.
• Worked on Active Directory involving users, computers, groups, policies.
• Worked with CyberArk components such as vaults, CPMs, accounts, policies, safes, usages, PACLI and providers.
• Installation & configuration of components of CyberArk, like Vault, PVWA, PSM, AIM or CCP and Primary Vault, DR Vault, CPM, PVWAs, PSM, PTA, Secure Replicator, and Password Upload Utility.
• Knowledge of security and systems standards, access management, authorization/ permissions management, network protocols, system management applications, and system & network security.
• Worked with account management on various platforms such a Windows, Unix, Active Directory, LDAP, SNMP monitoring, databases and storage systems.
• Installation, configuration, deployment and maintenance of Siteminder components like the Policy Server, Web Agent, Policy Store and Federation Security Services for SAML 2.0 implementation.
• Troubleshot issues related to SSO, authentication and authorization.
• Configured CA Siteminder System objects like Agents, Agent Conf Objects, Host Conf Objects, User Directories, Domains, Administrators and Schemas.
• Responsible for the replication, chaining, load balancing and other administration task.
• Involved with AD related Services including DNS, Group Management, Group Policy Management, Domain Trusts and Kerberos.
• Involved in the areas of server log analysis and understanding of common analysis techniques and tools on Unix and Windows servers.
• Knowledge in AIM solutions to manage Windows and Linux application account passwords.
• Worked with Network Engineer's in the installation and configuration of firewalls.
• Knowledge of Scripting (VB script, Powershell).

Environment: CyberArk 7, 8, 9. PIM, LDAD, AD Integration, UNIX, Firewall, IDS/IPS, SIEM, IIS, IBM HTTP SERVER, PVWA, PSM, AIM or CCP, CPM, PTA ACS, DNS, TCP/IP, Security, VB script, Powershell.

Confidential, DC

Network Security Engineer

Responsibilities:

• Configured, managed & maintained Checkpoint & Cisco Firewalls, IDS, IPS devices, NAT.
• Analyzed and mitigated security related threats. Monitored and assessed traffic & running reports.
• Participated in security risk assessments of IT systems to identify areas of potential threat and document findings.
• Implemented the application of standard operating procedures and systems security in support of the organization's IT architecture and business needs.
• Provided post-implementation Network management, maintenance and support services, specifically on Cisco Switches and Routers.
• Provided users information related to security policies and procedures when using remote connectivity.
• Analyzed technologies, recommended vendors to address specific threat vectors such as; Disk and Data encryption against physical theft and improper access, anti-malware to protect against malicious software and providing deep network control.
• Evaluated and recommended the implementation of and dissemination of IT security tools, procedures and practices to protect information assets.
• Responsible for setting up Web Application Firewalls (WAF) like SQL injection, http conversation.
• Configured and maintained IPSEC and SSL VPN''s on Palo Alto Firewalls.
• Configured VLAN, Spanning tree, VSTP, SNMP on Juniper EX series switches.
• Configured Cisco ASA and Checkpoint firewall layers securing existing Data Center infrastructure.
• Responsible for the Windows environment, including backup, disaster recovery and network Security.
• Design, implementation and operational support of routing/switching protocols in complex environments including BGP, OSPF, EIGRP, Spanning Tree, 802.1q, etc.
• Analyzed, planned, tested, implemented, and trouble shot systems, wide area network and communications network systems.

Environment: Firewall (R65, R70, R71, R75, R7), TCP/IP, RIP, BGP, EIGRP, VLAN, VTP, WAP, VLSM, FLSM, VSTP, SNMP, Juniper EX Series, Mcafee DLP, Alto firewall.

Confidential, Bowie, MD

Network Engineer

Responsibilities:

• Installed and tested Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs.
• Worked on heterogeneous networks such as Frame Relay, Ethernet, Fiber, etc.
• Prepared Check Point firewall configurations for conversion to Cisco ASA 5585-series firewalls.
• Primary Network Security Engineer for Fiserv Firewall/VPN Support and Management on Checkpoint (Crossbeam and VSX), PIX, ASA.
• Monitored and analyzed Intrusion Detection Systems (IDS) & Intrusion Prevention System (IPS) to identify security issues for remediation.
• Configured routing protocols such as OSPF, BGP, static routing and policy based routing.
• Implementation and proactive monitoring of MPLS (MPLS-VPN), QoS (Layer2 and Layer3) and BGP technology.
• Managed project task to migrate from Cisco ASA firewalls to Check Point firewalls.

Environment: : TCP/IP, RIP, OSPF, BGP, EIGRP, VLAN, VTP, WAP, VLSM, FLSM, Cisco Routers and Switches, Access-lists.