SUMMARY

• Experience in Installation, configuration and management of Cyber - Ark components (Enterprise Password Vault, PVWA, CPM, PSM, PSMP) globally.
• Extensive experienced with CyberArk's security products such as Enterprise Password Vault (ENTERPRISE PASSWORD VAULT), Privileged Identity Management including design and implementation of Disaster Recovery (DR).
• Experienced in setting up Multi Factor Authentication in LDAP, AD, ORACLE, and has managed sessions in Privileged Session Management (PSM).
• Experienced in implementation, deployment, and upgrade of various versions of CyberArk (PIM suite) including the components - Vault, PVWA, CPM, PSM, PSM, SSH Proxy (PSMP), and PTA.
• Good knowledge in installing, managing, and monitoring of CyberArk privileged account security tool modules.
• Experienced in CyberArk implementations and installations on ENTERPRISE PASSWORD VAULT 7.2, 9.5, and 10.4,11.3 and 12.x.
• Hands on experience with understanding of policies in CyberArk Components like CPM, PVWA, CPM and PSM.
• Experienced in implementing and administrating CyberArk (Password Vault).
• Integrate LDAP/S, Active Directory, oracle authentication methods using CyberArk.
• Managed and Released Privileged Credential using CyberArk Privileged Management Vault Administration, configuration, troubleshooting and installation of Windows 2008, 2012, 2016, 2019.
• Experienced in implementing and administrating CyberArk (Password Vault).
• Integrate LDAP/S, Active Directory, oracle authentication methods using CyberArk.
• Managed and Released Privileged Credential using CyberArk Privileged Management Vault Administration, configuration, troubleshooting and installation of Windows 2008, 2012, 2016 R2.
• Performed operational support in Active Directory such as creating security groups, creating users, assigning policies, maintaining password complexity rules. Commissioning and decommissioning computer objects, creating and maintaining service accounts.
• Upload the privilege accounts to CyberArk using Auto Detection, and Accounts Discovery.
• Perform bulk upload using Password Upload Utility.
• Integrated CyberArk with Splunk for logs on the dev environment.
• On-boarded Privilege Accounts to Cyber-Ark, Configured CyberArk to MySQL, Oracle databases.
• Identified and tested vulnerabilities and conducted research in the areas of information system and network security.
• Performed operational support in Active Directory such as creating security groups, creating users, assigning policies, maintaining password complexity rules.
• Worked on CyberArk AAM (CP and CCP) and CyberArk conjur to manage secrets across the various applications.
• Commissioning and decommissioning computer objects, creating and maintaining service accounts.
• Upload the privilege accounts to CyberArk using Auto Detection, and Accounts Discovery.
• Install AAM (CP and CCP) agent on the servers.
• Perform bulk upload using Password Upload Utility.
• Integrate CyberArk with SailPoint and ServiceNow.
• Integrated CyberArk with Splunk for logs on the dev environment.

TECHNICAL SKILLS

• PAM
• Enterprise Password Vault
• Privileged Identity Management
• Disaster Recovery
• Multi Factor Authentication
• LDAP
• AD (creating security groups creating users assigning policies maintaining password complexity rules)
• PSM
• CPM
• PVWA
• PSM SSH Proxy (PSMP)
• AAM (CP and CCP)
• Password Upload Utility
• Platform
• CPM logs
• PSM logs
• Vault logs
• Event Notification
• Firewall
• SIEM Config File
• Service Accounts
• Account Discovery
• Accounts Feed
• Discovery and Audit (DNA)
• Auto Detection
• Reports
• UNIX
• SSH keys
• One Time Passwords
• Check In Check Out
• Dual Control
• Custom Connector
• LDAP Authentication
• Radius Authentication.
• Microsoft Windows 95
• 2000
• 2003
• 2007
• (Perl
• Shell etc.)
• Window 7
• Unix/Linux

PROFESSIONAL EXPERIENCE

Confidential - Dallas, Texas

CyberArk Engineer

Responsibilities:

• Installation and configuration ofCyberArkVault, CPM,CyberArkPVWA, AIM,CyberArk PSM, and PSM SSH proxy Architecture and design.
• Administration experience ofCyberArkvault with Safe creation, integration with LDAP and other authentication methods.
• Onboarding of various privileged accounts onCyberArkand automating the process by running password upload utility scripts.
• Maintaining Active Directory groups and policies as well as Backups.
• Manage application and service credentials developing Architecture and Design for implementingCyberArksolution in a distributed environment
• Ensure ongoingCyberArksystem Maintenance is scheduled and completed on time.
• Installation and configuration ofCyberArkVault, Password Vault Web Access (PVWA), Central Password Manager (CPM) and Privileged Session Manager (PSM) in Prod and DR.
• Managed Safes ad Server/ host addresses in ENTERPRISE PASSWORD VAULT and resolved issues withCyberArk's CPM to communicate with hosts to reconcile credentials.
• Troubleshooting and maintaining the Password Vault, Central Password Manager (CPM), Privileged Session Manager (PSM), Application Identity Manager (AIM), DR Vault in DR Server, Worked on Active Directory (AD) and group policy Management (GPO).
• Troubleshoot DNS integration with Active Directory, Installed, configured and administered WINS, DHCP, IIS and WSFTP, File and Print servers.
• Configure AD integration and manageCyberArkEnterprise Password Vault, Manage the day to day operations ofCyberArksolutions including adding and deleting accts, Exposure to Identity and Access Management concepts.
• Securing secrets across the Conjur using CI/CD pipeline. Use a standardized interface for injecting secrets, Create RBAC policies to manage secrets without disruption, Authenticate access with Machine Identities, Leverage security best practices to limit breaches, Audit access to secrets
• Install AAM (CP and CCP) agent on the servers.
• Perform bulk upload using Password Upload Utility.
• Integrate CyberArk with SailPoint and ServiceNow
• Worked on onboarding Linux servers toCyberArkand managing root password across different Linux servers. Implemented and onboard the mainframe privileged IDs toCyberArkfor password management.
• Patching & Monitoring Vault, Central Password Manager, Two-factor authentication, Privileged Session Manager, Password Vault Web Access servers and services.

Confidential, Irving

CyberArk Admin

Responsibilities:

• Great communication skills and ability to work independently with minimal supervision
• Extensive knowledge on establishing and executing procedures for onboarding privileged accounts and users onto CyberArk platform
• Installed and configured CyberArk components including Enterprise Password Vault (EPV), Password Vault Web Access (PVWA), Central Password Management (CPM), Privileged Session Manager (PSM), and Disaster Recovery (DR)
• Ability to manually onboard user and privileged accounts utilizing Bulk Onboarding and Account Discovery
• Management of Multifactor Authentication using the RSA infrastructure and integrating it with other environments
• Troubleshooting and maintaining components by the use of PrivateArk Client, logs, and Application Identity Manager
• Extensive knowledge on implementing and managing Master Policy, LDAP integration, Platform and Safe through the PVWA
• Adequate knowledge in Active Directory and managing users, groups, computers, and organization units
• Monitored CyberArk reports and logs and worked to resolve to failed password verification alerts with system account owners
• Extensive knowledge on working with Central Policy Manager for password rotation and communicating with hosts to reconcile credentials
• Performed regular health checks and maintenance of Disaster Recovery environment
• Management of user account issues related to password reset, account lockout, user creation, modification, and deletion
• Ability to manage Safes and Servers in EPV

Confidential, TX

Security/CyberArk Consultant

Responsibilities:

• Manage various types of credentials, both local and domain
• Ability to onboard Privileged Accounts into CyberArk
• Safe layout and creation
• Security group creation and association with safes
• Account storage in safes
• Lay out CyberArk safe design, roles and access groups
• Credential vaulting
• Credential management/rotation
• Session management/credential hiding
• Installing, Patching and upgrading cyberArk versions.
• Responsible for maintaining the critical server's data backups.
• Fixing the issues as per the SLA, priority of the tickets and routing them to other teams as required
• Assisting Information security officer for various IT audits and functions
• Assigning admin rights, group memberships, resetting account lockouts. Job responsibilities including hands-on solving of day-to-day operational issues, resolution of technical issues as they relate to system integration and support. Additional software package installation and updates on the system.

Confidential

Network/System Engineer

Responsibilities:

• Installation and configuration of the ENTERPRISE PASSWORD VAULT components (Central Policy Manager, Password Vault Web Access, High Availability Vault Cluster, Secure Zone Access, SAN storage, SSL certificates and Load Balancing
• Involved in investigating and respond to security incidents.
• Review Firewall & load balancer change requests
• Performed in the role of subject matter expert in the creation of use cases, project time-lines and infrastructure diagrams; Created acceptance testing plans for vault admin and user functions.
• Send out security newsletters and latest industry trends to the user community.
• Put together standards and hardening procedure document for various platforms.
• Weekly meeting with Directors to update the IT audit closure status.
• Identified and created operational efficiency within the server team utilizing ITIL methodology.
• Solving incident management, change management problems.
• Managed global configuration for Microsoft Exchange server.
• Configured, Managed, and troubleshot remote e-mail access using Outlook.
• Managed messaging and directory services technologies, including: LDAP (Active Directory), DHCP, DNS, SMTP, Internet.
• Performed daily system monitoring, verifying the integrity and availability of all hardware, server resources, systems and key processes, reviewing system and application logs, and verifying completion of scheduled jobs such as backups.
• Performed daily backup operations, ensuring all required file systems and system data are successfully backed up to the appropriate media, recovery tapes or disks are created, and media is recycled and sent off site as necessary.
• Created and performed backup of policies and Rules in Firewall.
• Creating multiple VLAN with cisco switch to manage network within the organizations.