SUMMARY

• Over 7 years of experience as a Software Engineer and strongly providing technical and security functions to Multi - tasking companies and organizations
• Experienced in implementing the market’s leading Privileged Access Management (PAM) solutions for enterprises.
• Experienced in CyberArk installation and implementation of Cyber Ark 7.0 and most recent implementation of CyberArk 8.1.0. and CyberArk 9.2.1
• Experience in Privileged Access Management solutions particularly CyberArk, network security and administration.
• Installation and configuration of CyberArk Vault, Password Vault Web Access (PVWA), Central Password Manager (CPM) and Privileged Session Manager (PSM) in Prod and DR.
• Troubleshooting and maintenance of the Password Vault, Central Password Manager (CPM), Privileged Session Manager (PSM), Application Identity Manager(AIM), DR Vault in DR Server.
• Installation, configuration and troubleshooting of AIM clients for various teams.
• Migrate user accounts into Password Vault using Bulk upload utility.
• Configurations including AD integration and Management of Cyber Ark Enterprise Password vault.
• Managed Safes ad Server/ host addresses in EPV. Resolved issues with CyberArk’s CPM to communicate with hosts to reconcile credentials.
• Administration experience of Cyber Ark vault with Safe creation, integration with LDAP and other authentication methods.
• Experienced in performing Privileged Access Reviews, Compliance Reporting, Access Control Processes and other associated tasks with Privileged User Management.
• Installation, configuration and management of MS System Center Configuration Manager 2007/2012 (SCCM) infrastructure. Patched servers in pre-prod, Prod and DR environments for approved MS updates.
• Installed, managed and troubleshot DNS in multiple zone environments. Troubleshot DNS integration with Active Directory. Installed, configured and administered WINS, DHCP, IIS and WSFTP, File and Print servers.
• Ensured that system security plan and contingency plans are developed and maintained for each system and applications, and ensured systems personnel are properly designed, and trained.
• Administration and troubleshooting of VMware ESX Servers, vCenter, HA, DRS and V-Motion.

TECHNICAL SKILLS

• Cyber Ark 7.0/ 8.1.0 PIM
• LDAP
• AD Integration
• OPM
• AIM
• LTM
• GTM
• UNIX (basics)
• RDP
• Firewall
• IDS/IPS
• Routers
• ACS.

PROFESSIONAL EXPERIENCE

Confidential, Chicago, IL

CyberArk Consultant

Responsibilities:

• Responsible for Privileged Account Management with CyberArk PIM suite Administration with a good understanding of the underlying business processes.
• Work daily with CyberArk's PVWA.CyberArkAdministration and Troubleshooting.
• Work on the actual EPV servers using PrivateArk to administer the Acceptance (UAT) and Production Vaults.
• Administration experience of Cyber Ark vault with Safe creation, integration with LDAP and other authentication methods.
• Performed PAM operational tasks, defining access control, user entitlements, management of Applications Credentials and User Access Policy.
• Worked on Privileged Access Reviews, Compliance Reporting, Access Control Processes and other associated tasks with Privileged User Management.
• Creating safes and adding users and groups to them for privileged access inCyberArk
• Administration of User accounts, Group memberships, and Organizational Units using Active Directory.
• Installation, configuration and troubleshooting of AIM clients for various teams.
• Worked on Application Identity manager to securely facilitate access to privileged passwords in applications or configuration files.
• CreatedIdentityManagerAdmin Tasks/Roles. CreatedIdentityPolicies to set Member/Admin Roles, Group Policies
• Created, modified and managed privileged user accounts throughActiveDirectoryfor both unclassified and classified networks.
• Troubleshooting and maintenance of the Password Vault, CPM, PSM, AIM, DR Vault.
• Migrate user accounts into Password Vault using Bulk upload utility.
• MonitorCyberArkreports and respond to failed password verification alerts and work with system account owners to resolve failure alerts.
• Ensure that allCyberArkaccounts communicate with Servers and correct any discrepancies or errors that are found.
• CreateCyberArkSafe's and add system and application id's to specified Safe vaults
• RetrieveCyberArksystem/application password's and assist Database, Linux, Wintel, and Core Application Support teams when passwords are needed.

Confidential, Minneapolis, MN

CyberArk Consultant

Responsibilities:

• Implementation and installation of Cyber Ark 7.0 and latest implementation of Cyber-Ark 8.1.0. and CyberArk 9.2.1
• Worked on Privileged Account Management with CyberArk PIM suite Administration.
• Installation and configuration of the EPV components (Central Policy Manager, Password Vault Web Access, High Availability Vault Cluster, Secure Zone Access, SAN storage, SSL certificates and Load Balancing.
• Configured platforms, master policies, created Safes & On-Boarded 1000's of Privileged Accounts, connection components, transparent components, access control through AD Group Nesting's
• Daily administration and maintenance of company's E-Directory
• Creation of policies and reports in PVWA.
• Administration experience of CyberArk vault with Safe creation, integration with LDAP and other authentication methods.
• Integrated with Active Directory (LDAP), 2 Factor Authentication (RADIUS).
• Defined, developed, and documented IDAM services including Single Sign-on, Self-Service registration, workflows, user management, management dashboard, Role Base Access Control (RBAC), Attribute Base Access Control (ABAC), resource and business layers Provisioning, credentialing, federation, and auditing.
• Involved in application to application credential management.
• Defined user account settings through Active Directory and usedActiveDirectoryto create, modify, and manage user, computers, and group account.
• Experience in performing Privileged Account Management with fair understanding the underlying business processes.
• Responsible for determining the target Privileged Session Management (PSM) audience. Determine what infrastructure and systems PSM will target (servers, virtual servers, database)
• Performed internal configuration of PSM to the vault itself
• Installed, configured disaster recovery Vaults and DR services
• Maintain development, testing, and production systems. Coordinate maintenance with support teams

Confidential, McLean, VA

Network Security/ Firewall Engineer

Responsibilities:

• Configured, administered and troubleshot the Checkpoint and ASA firewall.
• Configured Cisco ASA and Checkpoint firewall layers to secure the infrastructure for the Data Center.
• Worked on the Juniper environment including SRX/Junos Space.
• Configured Juniper NetScreen Firewall Policies between secure zones using NSM (Network Security Manager)
• Configured and set up DMVPN, GRE based VPN on Cisco-IOS based router.
• Responsible for setting up Web Application Firewalls (WAF) like SQL injection, http conversation.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls
• Drafted, installed, and provisioned ASA and Checkpoint firewall rules and policies.
• Involved in Data Center migrations. Handled proper management, maintenance, configuration, and altered management of firewall structure.
• Used Qualys Tool for network discovery and mapping, asset prioritization, vulnerability assessment and tracking.
• Configured VLAN, Spanning tree, VSTP, SNMP on Juniper EX series switches
• Involved in Qualys policy compliance in detecting internal and external threats and vulnerability
• Tuned BGP internal and external peers with manipulation of attributes such as weight, local preference.
• Defined and maintained Active Directory (LDAP) security models.
• Worked on Check Point GAIA Firewalls R65, R70, R71, R75, R77.
• Upgraded Checkpoint firewalls and management servers from Splat R75.30 to Gaia R77.20.
• Worked on checkpoint provider R71, R75, R77.1, R77.30 GAIA and secured policies and blocked websites using URL filtering, application identification and threat prevention
• Worked with client engineering groups to create, document, implement, validate, and manage policies, procedures, and standards that ensure confidentiality, availability, integrity, and privacy of information.
• Configured Active Directory and LDAP over different forests and across multiple domains
• Configured Cisco ASA and Checkpoint firewall layers securing existing Data Center infrastructure. Migrated information securityfrom Cisco PIX to ASA5500 with LAN-failover platform.
• Responsible for the Windows environment, including backup, disaster recovery and network Security
• Worked on McAfee Data loss prevention endpoint (DLP)
• Installed and configured Checkpoint Firewall in Internet Edge
• Worked on IP Address management tools and their allocations.

Confidential

Network Engineer

Responsibilities:

• Installation of Centrex-IP to Nortel CLEC customer for IP phones.
• Configuration, maintenance, operations of IP Gateway cards, Gatekeeper, LTCI. Setting up and provisioning of Nortel DMS 100/250/500 series switch.
• Installation and provisioning of CAT5 phone lines; guiding field Engineers digitally as they give customers services. Testing the installed cat5 phone lines to be sure the service is well installed.
• Configuration & utilization of Cisco Nexus Routers 1 and 2 to determine which router is the priority router while the other is a backup for good usage of MAC Addresses/ VLAN vise- visa.
• Worked on Cisco Wide Area Application Services (WAAS) that enhances/optimizes TCP base application performances which operate in Wide Area Network (WAN) environment.
• Other duties include: Plan, administers and oversees network design; implements, organizes, and troubleshoots problems on network; monitors underlying communication protocols and supports network hardware and software; maintains application data integrity and availability.
• Responsible for the aadministration and overseeing of network design; implementing, organizing, and troubleshooting of problems on network; monitoring underlying communication protocols and supporting network hardware and software; maintaining application data integrity and availability.
• Administration of networks. Provided system support. Identified and recommended computer system needs. Performed additional duties as needed. Tested the transportation of Data, Voice and Video from equipment to another in the school lab.
• Cleared the voice hung ups, routers malfunctioning and other maintenance duties like VOIP.
• Troubleshot school voice, data and video if problem occurred and resolved the problems. Maintained the smooth running of the company activities.
• Active Directory - maintained the DNS, LDAP in order to manage customers' account properly and provide secured, structured data storage in hierarchy order