SUMMARY

• Extensive experience includes administration, engineering, installation, configuration, architecture, and design of CyberArk (PVWA, PSM, CPM, AIM/AAM, PSMP, PTA, Vault & DR) PAM Solution.
• Maintained Privileged Session Manager (PSM) recordings and monitor logs.
• Maintained Enterprise Privilege Vault for password authentication.
• Maintained the Central Policy Manager (CPM) for password rotation.
• Engineering/Administration of Privilege Vault Web Access (PVWA) for users.
• Monitor CyberArk reports and logs. Respond to failed password verification alerts and work with system account owners to resolve failure alerts.
• Extensive knowledge of Active Directory administration and LDAP authentication.
• Worked with vendor/s, Security Engineers, IAM engineers, Infrastructure Teams, and or Network Security Engineers to make sure that CyberArk is developed, installed, and configured correctly in the system.
• Appropriate understanding of CyberArk's role in the organization’s privileged account security.
• Implementing & Managing Master Policy, LDAP integration, Platform, and Safe via Private Ark client & PVWA.
• Installation and configuration of CyberArk Enterprise Password Vault, Password Vault Web Access (PVWA), Private Ark Client, Endpoint Privilege Manager (EPM), Central Password Manager (CPM), and Privileged Session Manager (PSM) in Production Environment.
• Troubleshooting and maintenance of Disaster Recovery Vault (DR) and CyberArk Enterprise Vault.
• Experience in Linux and Windows systems. Experience working with Shell script and Windows PowerShell for automation.
• Developed and implemented processes and procedures for onboarding users and Privilege Accounts to CyberArk.
• Experience integrating applications and tools with CyberArk.
• Manage the issues for user accounts such as account lockout, password reset, user creation, modification, and deletion.
• Experience with IAM processes across the enterprise
• Ran Reports from the PVWA and Private Ark Client
• Implemented the CyberArk Vault and PVWA in Cloud Environment. Maintained Connector Servers for CPM, PSM, Secure Tunnel, and PSM for SSH.

TECHNICAL SKILLS

• Java
• R Language
• Git
• Microsoft Excel
• OBIEE
• MATLAB
• C and C++
• NI Multisim
• Cadence IC Design Tool
• Python
• CyberArk
• Splunk
• HP ILO
• PowerShell
• Bash
• Eclipse
• Xcode

PROFESSIONAL EXPERIENCE

Confidential

CyberArk SME

Responsibilities:

• Bulk onboard Accounts in Vault using Password Upload Utility.
• Integrated Splunk with CyberArk to monitor Vault, PSM, and CPM logs.
• Integration of Secure AUTH Application with CyberArk using AAM Credential Provider.
• Managing PAM’s Primary and Disaster Recovery Infrastructure.
• Managing issues for user accounts such as account lockout, password reset, user creation, modification, and deletion.
• Assist application teams with CyberArk Application Identity Manager integrations and linked accounts.
• SSO authentication methods using CyberArk. AIM provider Installations on PSM and testing for Installation Qualification and Involved in AD integration and adding a user to with their privileges.
• Run Entitlement and Safe - specific filtered Reports from the PVWA and Private Ark Client.
• Created PowerShell scripts to bulk create safes and assign permissions to user accounts, AD groups, and Safes for automation.
• Wrote PowerShell scripts to perform a health check of the Vault.
• Create and maintain system documentation (End User Guide and Architecture diagrams) for domain technologies, including installation, configuration, and appropriate troubleshooting steps.
• Installation and configuration of CyberArk Vault and Password Vault Web Access (PVWA), on Cloud Environment.
• Installation of Password Manager (CPM), Privileged Session Manager (PSM), Privilege Session manager for SSH (PSMP), and Secure Tunnel on Prem.
• Solve day-to-day operational issues that occurred in CyberArk due to ill-usage.
• Monitor, access and modify Vault, CPM, PVWA, PSM configuration, and log files to troubleshoot issues with the server and the environment.
• Resolved issues in Cyber Ark's Central Password Manager to communicate with hosts to reconcile credentials.
• Automated Identity Management tasks such as user provisioning and application access based on each user's role within our organization.
• Managing policies and platforms. Creating and assigning Safes, reconciling accounts, rotating passwords
• Appropriate understanding of CyberArk's role in the organization’s privileged account security.
• Worked on Privileged Account Management with CyberArk PIM suite Administration.
• Implementing & Managing Master Policy, Policy by Platforms.
• Creating & Managing Safes via Private Ark client & PVWA.
• Successfully upgraded CyberArk PIM suite.
• Installation and configuration of CyberArk Enterprise Password Vault, Password Vault Web Access (PVWA), Central Password Manager (CPM) in Production Environment.
• Manage the issues for user accounts such as account lockout, password reset, user creation, modification, and deletion of user permissions.
• Developed and implemented processes and procedures for onboarding users and Privilege Accounts to CyberArk.
• Identity Access Management tasks such as user provisioning and application access based on each user's role within our organization.
• Managing policies and platforms. Creating and assigning Safes, reconciling accounts, rotating passwords.
• Solve day-to-day operational issues that occurred in CyberArk due to ill-usage.
• Experience with Windows systems and servers. Experience working with Windows PowerShell.
• Monitored and Maintained Windows Servers, troubleshooting if necessary.
• Monitor, access and modify Vault, CPM, PVWA configuration, and log files to troubleshoot issues with the server and the environment.

Confidential, Tampa FL

Responsibilities:

• Primary responsibilities include Installation and configuration of CyberArk Vault, Vault Client, Active CPM, Network load-balanced CyberArk PVWA, Clustered CyberArk PSM, and PSM SSH proxy, and design and creation of a new application on board are documented and implemented.
• Developed and implemented a complete CA IAM solution which includes Federation, Host Access Management, Password Management, Single Sign-On, User Provisioning, and Web Access Management.
• Configuration of multiple Privilege accounts across the organization and Administration of CyberArk, Integration of window accounts, Unix accounts, Database, Network, and Security Device and Migrate user accounts into Password Vault using Bulk upload utility.
• Monitor CyberArk reports and respond to failed password verification alerts and work with system account owners to resolve failure alerts.
• Installed and configured PVWA in the load-balanced mode for High Availability
• Deployed SAML 2-factor Authentication for CyberArk PVWA.
• CreateCyberArkSafe and add systems and applications IDs to specify Safe vaults.
• Creating safes and adding users and groups to them for privileged access inCyberArk
• Installed and configured Private Ark Client to manage Vault server, assigned permission, create safes, onboard accounts, and define policies.
• Created bulk accounts on boarding passwords.CSV files to run with password upload utility
• On-boarded privileged accounts using CyberArk Password Upload Utility.
• Onboarded UNIX root accounts and successfully managed them with CyberArk.
• Performed day-to-day activities related to maintaining and troubleshooting CyberArk.
• Used the bulk upload utility to onboard new privileged accounts and reconcile failing accounts.
• Administer and Configure Jenkins for managing weekly Build, Test and Deploy chain as a CI/CD process, and SVN/GIT, Created Jenkins jobs for executing the JavaScript through npm and Grunt.
• Used Ant, and Maven as build tools on java projects for the development of build artifacts on the source code
• Configured Jenkins for integrated source control, builds, testing, and deployment. Created Jenkins jobs for executing the JavaScript through npm and Grunt.
• Automated UNIX and Windows Deployments using Shell and Pythons/Perl scripts.
• Using Amazon Web Services (AWS) console and AWS CLI to launch and manage VM's with Public/Private subnet and set up load balancing, security groups, etc.
• Setting up and administering a DNS system in AWS using Route53.
• Launching Amazon EC2 Cloud Instances using Amazon Images (Linux/ Ubuntu) and configuring launched instances with respect to specific applications.
• Creating snapshots and Amazon machine images (AMIs) of the instances for backup and creating clone instances.
• Scripting infrastructure and (Linux) machine provisioning from scratch using tools such as Terraform, bash
• Provided 24 / 7 support on-call rotation.

Confidential, Chicago IL

CyberArk Engineer

Responsibilities:

• Perform as the subject matter expert for information security technology, processes, and practices internally to the plan provided by the client.
• Providing access to shared drives and administrating the inactivity of the internal users through Active Directory.
• Privileged Access Management (PAM) project which includes implementing CyberArk Password Vault, Web Access, Central Password Manager, and Privileged Session Management.
• Upgradation of CyberArk from 9.1 to 9.8 in the process of slow migration
• Installed and configured Enterprise Password Vault, Password Vault Web Access, Central Policy Manager, and Privileged Session Manager in Prod and DR environments
• Designed the safe structure for the CyberArk authorization model
• Creating and assigning Safes, reconciling accounts, rotating passwords.
• Experience in supporting Microsoft Active Directory.
• Experience with Privileged Identity/access Products, CyberArk, NetIQ Identity Manager, and Secure Auth.
• Troubleshooting applications and scripts by accessing and analyzing logs on Windows servers.
• Good Experience with PVWA servers Managing Applications Credentials, Auto upload, and User Access Policy Management.
• Managing, monitoring, and Supporting systems hardware, software, and applications.
• Resolving CyberArk issues, the majority of the issue is with CPM related to changing passwords and reconciliation of credentials.
• Coordinating efforts with vendors for upgrades and system maintenance.
• Managed failed accounts synchronization and password rotations.
• Optimize and improve upon existing SAML, OpenID, and API integrations
• Initiate discussions with project teams in gathering applications requirements for Oracle Access integrations
• Assist development teams in understanding how OAM integrates with their applications in their environment
• Work with the development teams to develop, document, and demonstrate standards, tools, and best practices for OAM integrations on web-based, client-based, and other applications that have a built-in internal security module
• Translate project requirements into implementable Access Manager Policies
• Provide desktop Single Sign-On solutions for OAM with the setup of Integrated Windows Authentication technology using Kerberos
• Maintain LDAP Organizational Units, Groups, Schemas, password policies, and attributes in OID
• Install and configure OAM components/Webgates/Webpass on application workstations
• Configure OAM access policies - Authentication schemes, Host identifiers, Policy domains
• Configure OAM identity policies - Attribute Access controls, Search bases, Workflows
• Set up and manage Access Control Lists in OVD using Oracle Directory Services Manager
• Migrate the OAM components and Policies from Development to Staging to UAT to Production, as application components get migrated from one to the next level
• Support the applications related to OAM and environmental issues, on an ongoing basis

Environment: Oracle Access Manager (OAM), IIS Web Server, Microsoft Active Directory, Oracle Internet Directory (OID), Oracle Virtual Directory (OVD), Windows XP and 2003

Confidential, Bloomington, IL

CyberArk Engineer

Responsibilities:

• Initiate discussions with project teams in gathering applications requirements for Oracle Access integrations
• Assist development teams in understanding how OAM integrates with their applications in their environment
• Work with the development teams to develop, document, and demonstrate standards, tools, and best practices for OAM integrations on web-based, client-based, and other applications that have a built-in internal security module
• Translate project requirements into implementable Access Manager Policies
• Provide desktop Single Sign-On solutions for OAM with the setup of Integrated Windows Authentication technology using Kerberos
• Maintain LDAP Organizational Units, Groups, Schemas, password policies, and attributes in OID
• Install and configure OAM components/Webgates/Webpass on application workstations
• Configure OAM access policies - Authentication schemes, Host identifiers, Policy domains
• Configure OAM identity policies - Attribute Access controls, Search bases, Workflows
• Set up and manage Access Control Lists in OVD using Oracle Directory Services Manager
• Migrate the OAM components and Policies from Development to Staging to UAT to Production, as application components get migrated from one to the next level
• Support the applications related to OAM and environmental issues, on an ongoing basis

Environment: Oracle Access Manager (OAM), IIS Web Server, Microsoft Active Directory, Oracle Internet Directory (OID), Oracle Virtual Directory (OVD), Windows XP and 2003