We provide IT Staff Augmentation Services!

Cyberark Consultant Resume

5.00 Rating

Carrollton, TX

SUMMARY

  • Software Engineering professional with over 7 years of experience with strong technical skills, security functions and a broad range of computer expertise.
  • Experience in Privileged Access Management solutions particularly CyberArk, network security and administration.
  • Experienced in implementing the market’s leading Privileged Access Management (PAM) solutions for enterprises.
  • Experienced in CyberArk installation and implementation of Cyber Ark 7.0 and most recent implementation of CyberArk 8.1.0. and CyberArk 9.2.1
  • Installation and configuration of CyberArk Vault, Password Vault Web Access (PVWA), Central Password Manager (CPM) and Privileged Session Manager (PSM) in Prod and DR.
  • Troubleshooting and maintenance of the Password Vault, Central Password Manager (CPM), Privileged Session Manager (PSM), Application Identity Manager(AIM), DR Vault in DR Server.
  • Configurations including AD integration and Management of Cyber Ark Enterprise Password vault.
  • Managed Safes ad Server/ host addresses in EPV. Resolved issues with CyberArk’s CPM to communicate with hosts to reconcile credentials.
  • Installation, configuration and troubleshooting of AIM clients for various teams.
  • Administration experience of Cyber Ark vault with Safe creation, integration with LDAP and other authentication methods.
  • Migrate user accounts into Password Vault using Bulk upload utility.
  • Experienced in performing Privileged Access Reviews, Compliance Reporting, Access Control Processes and other associated tasks with Privileged User Management.
  • Installed, managed and troubleshot DNS in multiple zone environments. Troubleshot DNS integration with Active Directory. Installed, configured and administered WINS, DHCP, IIS and WSFTP, File and Print servers.
  • Ensured that system security plan and contingency plans are developed and maintained for each system and applications, and ensured systems personnel are properly designed, and trained.
  • Installation, configuration and management of MS System Center Configuration Manager 2007/2012 (SCCM) infrastructure. Patched servers in pre - prod, Prod and DR environments for approved MS updates.
  • Administration and troubleshooting of VMware ESX Servers, vCenter, HA, DRS and V-Motion.

TECHNICAL SKILLS

  • CyberArk Tools: Cyber Ark 7.0/ 8.1.0 PIM
  • LDAP
  • AD Integration
  • OPM
  • AIM
  • LTM
  • GTM
  • UNIX (basics)
  • RDP
  • Firewall
  • IDS/IPS
  • Routers
  • ACS.

PROFESSIONAL EXPERIENCE

Confidential, Carrollton, TX

CyberArk Consultant

Responsibilities:

  • Responsible for Privileged Account Management with CyberArk PIM suite Administration with a good understanding of the underlying business processes.
  • Work daily with CyberArk's PVWA.CyberArkAdministration and Troubleshooting.
  • Work on the actual EPV servers using PrivateArk to administer the Acceptance (UAT) and Production Vaults.
  • Administration experience of Cyber Ark vault with Safe creation, integration with LDAP and other authentication methods.
  • Performed PAM operational tasks, defining access control, user entitlements, management of Applications Credentials and User Access Policy.
  • Worked on Privileged Access Reviews, Compliance Reporting, Access Control Processes and other associated tasks with Privileged User Management.
  • Creating safes and adding users and groups to them for privileged access inCyberArk
  • Administration of User accounts, Group memberships, and Organizational Units using Active Directory.
  • Installation, configuration and troubleshooting of AIM clients for various teams.
  • Worked on Application Identity manager to securely facilitate access to privileged passwords in applications or configuration files.
  • CreatedIdentityManagerAdmin Tasks/Roles. CreatedIdentityPolicies to set Member/Admin Roles, Group Policies
  • Created, modified and managed privileged user accounts throughActiveDirectoryfor both unclassified and classified networks.
  • Troubleshooting and maintenance of the Password Vault, CPM, PSM, AIM, DR Vault.
  • Migrate user accounts into Password Vault using Bulk upload utility.
  • MonitorCyberArkreports and respond to failed password verification alerts and work with system account owners to resolve failure alerts.
  • Ensure that allCyberArkaccounts communicate with Servers and correct any discrepancies or errors that are found.
  • CreateCyberArkSafe's and add system and application id's to specified Safe vaults
  • RetrieveCyberArksystem/application password's and assist Database, Linux, Wintel, and Core Application Support teams when passwords are needed.

Confidential, Minneapolis, MN

CyberArk Consultant

Responsibilities:

  • Implementation and installation of Cyber Ark 7.0 and latest implementation of Cyber-Ark 8.1.0. and CyberArk 9.2.1
  • Worked on Privileged Account Management with CyberArk PIM suite Administration.
  • Installation and configuration of the EPV components (Central Policy Manager, Password Vault Web Access, High Availability Vault Cluster, Secure Zone Access, SAN storage, SSL certificates and Load Balancing.
  • Configured platforms, master policies, created Safes & On-Boarded 1000's of Privileged Accounts, connection components, transparent components, access control through AD Group Nesting's
  • Daily administration and maintenance of company's E-Directory
  • Creation of policies and reports in PVWA.
  • Administration experience of CyberArk vault with Safe creation, integration with LDAP and other authentication methods.
  • Integrated with Active Directory (LDAP), 2 Factor Authentication (RADIUS).
  • Defined, developed, and documented IDAM services including Single Sign-on, Self-Service registration, workflows, user management, management dashboard, Role Base Access Control (RBAC), Attribute Base Access Control (ABAC), resource and business layers Provisioning, credentialing, federation, and auditing.
  • Involved in application to application credential management.
  • Defined user account settings through Active Directory and usedActiveDirectoryto create, modify, and manage user, computers, and group account.
  • Experience in performing Privileged Account Management with fair understanding the underlying business processes.
  • Responsible for determining the target Privileged Session Management (PSM) audience. Determine what infrastructure and systems PSM will target (servers, virtual servers, database)
  • Performed internal configuration of PSM to the vault itself
  • Installed, configured disaster recovery Vaults and DR services
  • Maintain development, testing, and production systems. Coordinate maintenance with support teams

Confidential, Chicago, IL

Network Security / Firewall Engineer

Responsibilities:

  • Configured, administered and troubleshot the Checkpoint and ASA firewall.
  • Configured Cisco ASA and Checkpoint firewall layers to secure the infrastructure for the Data Center.
  • Worked on the Juniper environment including SRX/Junos Space.
  • Configured Juniper NetScreen Firewall Policies between secure zones using NSM (Network Security Manager)
  • Configured and set up DMVPN, GRE based VPN on Cisco-IOS based router.
  • Responsible for setting up Web Application Firewalls (WAF) like SQL injection, http conversation.
  • Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls
  • Drafted, installed, and provisioned ASA and Checkpoint firewall rules and policies.
  • Involved in Data Center migrations. Handled proper management, maintenance, configuration, and altered management of firewall structure.
  • Worked on Cisco Wide Area Application Services (WAAS) that enhances/optimizes TCP base application performances which operate in Wide Area Network (WAN) environment.
  • Used Qualys Tool for network discovery and mapping, asset prioritization, vulnerability assessment and tracking.
  • Configured VLAN, Spanning tree, VSTP, SNMP on Juniper EX series switches
  • Involved in Qualys policy compliance in detecting internal and external threats and vulnerability
  • Tuned BGP internal and external peers with manipulation of attributes such as weight, local preference.
  • Defined and maintained Active Directory (LDAP) security models.
  • Worked on Check Point GAIA Firewalls R65, R70, R71, R75, R77.
  • Upgraded Checkpoint firewalls and management servers from Splat R75.30 to Gaia R77.20.
  • Worked on checkpoint provider R71, R75, R77.1, R77.30 GAIA and secured policies and blocked websites using URL filtering, application identification and threat prevention
  • Worked with client engineering groups to create, document, implement, validate, and manage policies, procedures, and standards that ensure confidentiality, availability, integrity, and privacy of information.
  • Configured Active Directory and LDAP over different forests and across multiple domains
  • Configured Cisco ASA and Checkpoint firewall layers securing existing Data Center infrastructure. Migrated information securityfrom Cisco PIX to ASA5500 with LAN-failover platform.
  • Responsible for the Windows environment, including backup, disaster recovery and network Security
  • Worked on McAfee Data loss prevention endpoint (DLP)
  • Installed and configured Checkpoint Firewall in Internet Edge
  • Worked on IP Address management tools and their allocations.

Confidential

Network Engineer

Responsibilities:

  • Configured RIP and EIGRP on 2600, 2900 and 3600 series Cisco routers
  • Implemented VTP and trunking protocols (802.1q and ISL) on 3560, 3750 and 4500 series Cisco Catalyst switches.
  • Upgraded Cisco 7200, 3600 Router IOS Software, backup Routers and Catalyst 3560, 4500 switch configurations.
  • Migration of RIP V2 to OSPF, BGP routing protocols.
  • Configured EIGRP for Lab Environment.
  • Implemented ISL and 802.1Q for communicating through VTP.
  • Worked with Client teams to find out requirements for their Networks.
  • Deployed the networkinfrastructure to meet the requirements.
  • Administered, maintained and troubleshoot Active Directory environment including replication, group policy and security.
  • Created VLAN and Inter-VLAN routing with Multilayer Switching.
  • Provided technical consultancy for better application response using QOS.
  • Monitored performance of networkand servers to identify potential problems and bottleneck
  • Performed RIP, OSPF, BGP EIGRP routing protocol administration.
  • Installed Wireless Access Points (WAP) at various locations in the company
  • Maintained redundancy on Cisco 2600, 2800 and 3600 routers with HSRP.
  • Real time monitoring and networkmanagement using Cisco Works LMS
  • Worked on installation, maintenance, and troubleshooting of LAN/WAN (ISDN, Frame relay, NAT, DHCP, TCP/IP)
  • Configured Access List (Standard, Extended, and Named) to allow users all over the company to access different applications and blocking others.
  • Configured STP for loop prevention and VTP for Inter-VLAN Routing.
  • Performed maintenance and troubleshooting of connectivity problems using PING, and Trace route.
  • Provided Networkand SecurityArchitecture and Operations support services for Windows 2008 based web, application and database servers

We'd love your feedback!