SUMMARY

• Total 7 years of experience in Privileged Access Management (PAM) which includes implementing CyberArk Password Vault, Web Access, Central Password Manager and Privileged Session Management.
• Troubleshooting and maintenance of the Password Vault, Central Password Manager (CPM), Privileged Session Manager (PSM), Application Identity Manager(AIM), DR Vault in DR Server.
• Configured Master Policies, EPV configuration files, CPM policy, Active directory OU auto detection and account discovery process.
• Implementing & Managing Master Policy, Directory Mapping, LDAP integration, Platform and Safe via Private Ark client & PVWA.
• Worked on Disaster Recovery Vault (DR) and CyberArk Enterprise vault.
• Good at understanding and communicate CyberArk's role in the privileged account security space.
• Developed and implemented processes and procedures for on - boarding users and Privilege Accounts to CyberArk.
• Performed health check of client’s CyberArk environment and worked on enhancing the existing CyberArk Environment.
• Extensive experience in implementation and deployment of Privileged Account Security solution for Windows, UNIX, Database servers, Networks and Websites.
• Good knowledge in Active Directory and managing Users, Groups, Computers, Organizational Units.
• Installation and configuration of CyberArk Vault, Password Vault Web Access (PVWA), Central Password Manager (CPM) and Privileged Session Manager (PSM) in Prod.
• Integration of Event Notification Engine (ENE) & Service now ticketing system to CyberArk in PVWA.
• Well experienced in CyberArk administration and troubleshooting.
• Planning on upgrading the environment from CyberArk version 9.7 to 10.4.
• Performed DNA scan to identify privileged unmanaged users across organization.
• Good communication skills and keen to learn new things.

PROFESSIONAL EXPERIENCE

Confidential, St. Louis, MO

CyberArk Engineer

Responsibilities:

• Perform as the subject matter expert for information security technology, processes and practices internally to the plan provided by the client. Providing access to shared drives and administrating the inactivity of the internal users through Active Directory.
• Privileged Access Management (PAM) project which includes implementing CyberArk Password Vault, Web Access, Central Password Manager and Privileged Session Management.
• Worked on EPM tools for improved operational efficiencies through an automated workflow approval and provisioning engine that integrates authorization and authentication.
• Experience in CyberArk Privileged Account Security product suite - Enterprise, Password Vault, Password Vault Web Access, Central Policy Manager, Privileged.
• Manage the day to day operations of CyberArk solutions including adding and deleting accounts.
• Managing policies and platforms.
• Planning on upgrading the environment from CyberArk version 9.7 to 10.4.
• Creating and assigning Safes, reconciling accounts, rotating passwords.
• Create AD users and groups for safe delegation and updates.
• Conduct workshops with application and infrastructure teams about on-boarding privileged accounts.
• Assist application teams with CyberArk application Identity Manager Integrations and linked accounts.
• On-board privileged accounts and application ids with CyberArk upload utility or PVWA
• Ensure ongoing CyberArk system Maintenance is scheduled and completed on time.
• Design build and support processes on Windows Servers and Cyber Ark Security Platform. Providing support to Server owners on the security Servers.
• Coordinate with CyberArk support teams for escalation and resolution issues
• Ensure that all Identity and access management services are secure, available, efficient and meet defined corporate services levels
• Co-ordination with the offshore support teams to address technical or business requirements related queries.
• Involved in both Sever System analyzes and Security support on CyberArk as well as Support on Security on Windows servers.
• Monitoring logs, analyzing logs and Troubleshooting issues with the server and the environment.
• Documenting the patterns for new configurations.

Confidential, Ashburn, VA

CyberArk Administrator

Responsibilities:

• Worked on Privileged Account Management with CyberArk PIM suite Administration.
• Installation and configuration of the EPV components (Central Policy Manager, Password Vault Web Access, High Availability Vault Cluster, Secure Zone Access, SAN storage, SSL certificates)
• Configured platforms, master policies, created Safes & On-Boarded 1000's of Privileged Accounts, connection components, transparent components, access control through AD Group Nesting's
• Daily administration and maintenance of company's E-Directory
• Creation of policies and reports in PVWA.
• Administration experience of CyberArk vault with Safe creation, integration with LDAP and other authentication methods.
• Integrated with Active Directory (LDAP), 2 Factor Authentications (RADIUS).
• Defined, developed, and documented IDAM services including Single Sign-on, Self-Service registration, workflows, user management, management dashboard, Role Base Access Control (RBAC), Attribute Base Access Control (ABAC), resource and business layers Provisioning, credentialing, federation, and auditing.
• Involved in application to application credential management.
• Defined user account settings through Active Directory and used Active Directory to create, modify, and manage user, computers, and group account.
• Experience in performing Privileged Account Management with fair understanding the underlying business processes.
• Responsible for determining the target Privileged Session Management (PSM) audience. Determine what infrastructure and systems PSM will target (servers, virtual servers, database)
• Performed internal configuration of PSM to the vault itself
• Installed, configured disaster recovery Vaults and DR services
• Maintain development, testing, and production systems. Coordinate maintenance with support teams
• Perform Penetration testing and vulnerability assessment to improve application security.

Confidential, Nashville, TN

CyberArk Admin

Responsibilities:

• Ensure that all CyberArk accounts communicate with Servers and correct any discrepancies or errors that are found.
• Create CyberArk Safe's and add system and application id's to specified Safe vaults.
• Retrieve CyberArk system/application password's and assist Database, Linux, Wintel, and Core Application Support teams when passwords are needed.
• Involved in complete CyberArk Infrastructure Setup i.e. Installation, Configuration and Management of components.
• Implementation and installation of Cyber Ark 7.0 and upgrade to CyberArk 8.1.0 and CyberArk 9.2.1
• Responsible for privileged account onboarding for Windows and UNIX Platform.
• Administration experience of CyberArk vault with Safe creation, integration with LDAP and other authentication methods
• Analyzed and discovered privileged and functional user accounts for risk, ownership and access appropriateness using various CyberArk tools or platforms.
• Establish a disaster recovery environment including the installation of CyberArk Disaster Recovery Modules installation/configuration.
• Privileged Access Management of CyberArk, including working with components such as vaults, CPMs, accounts
• Identifies security risks, threats and vulnerabilities of networks, systems, applications and new technology initiatives.
• Integrating Cyber-Ark with the wider eco-system in organization, including identity management, policy management, inventory management, ticketing systems and security logging and monitoring.
• Work in a fast-paced environment focusing on consistently producing high quality results.
• Work daily with CyberArk's PVWA CyberArk Administration and Troubleshooting.
• Provides technical support in the development, testing and operation of firewalls, intrusion detection systems, and enterprise anti-virus and software deployment tools
• On-boarded various platforms with Cyber-Ark, such as Windows, ESX, UNIX servers.
• Analyze requirements for the purposes of developing a CyberArk implementation plan.
• Conducts complex security architecture analysis to evaluate and mitigate issues
• Monitor logs and events for Windows, UNIX and User identity management platforms to provide views of misuse or malicious activities.
• Analyze new request in operation related to privileged access of servers, database, and network devices to manage policies of CyberArk.

Confidential, Dallas, TX

System Engineer

Responsibilities:

• Implemented the application of standard operating procedures and systems security in support of the organization's IT architecture and business needs.
• Configured, managed & maintained Windows, Linux systems (Windows 2008, RHEL, and Centos), Active Directory.
• Analyzed and mitigated security related threats. Monitored and assessed traffic & running reports.
• Provided post-implementation Network management, maintenance and support services, specifically on Cisco Switches and Routers.
• Planned and documented the process and the New Servers Builds in the environment.
• Provided 24x7 System Administration support for Red Hat Linux 3.x, 4.x servers and resolved trouble tickets on shift rotation basis.
• Provide the support of building the server, patching, user administration tasks, deployment, software installation, performance tuning and troubleshooting.
• Monitoring system performance, tune-up kernel parameter, adding /removing /administering hosts, users, disks on DNS / NIS domain.
• Configuration of Hardware and Software RAID on Digital & Sun Servers
• Installed and Configured Send Mail Utility on UNIX Servers. Administering NFS Mounts.
• Analyzed technologies, recommended vendors to address specific threat vectors such as Disk and Data encryption against physical theft and improper access, anti-malware to protect against malicious software and providing deep network control.
• Evaluated and recommended the implementation of and dissemination of IT security tools, procedures and practices to protect information assets.
• Responsible for setting up Web Application Firewalls (WAF) like SQL injection, http conversation.
• Configured VLAN, spanning tree, VSTP, SNMP on Juniper EX series switches, checkpoint firewall layers securing existing Data Center infrastructure.
• Responsible for the Windows environment, including backup, disaster recovery and network Security.