Job brief
The role holder will be responsible for installing, maintaining, and continuously improving Cyber Security Infrastructure services, specifically Privileged Access Management (CyberArk). This is a technical infrastructure role to onboard applications and infrastructure systems to CyberArk, maintain the ongoing reliability, performance, and support of the platform, respond to incidents and problems, monitor, test, troubleshoot, and plan for growth.
Manage, support, and continually develop and enhance the CyberArk Privileged Access Management service.
Onboard new applications and infrastructure systems to CyberArk, including building PSM and CPM connectors as required, and expanding and enhancing existing integrations.
Identify, plan, and implement regular and proactive maintenance and performance improvements to the CyberArk platform to ensure it remains fit for purpose.
Coordinate and lead technical implementation activities
Resolve complex service incidents in line with SLAs
Build strong relationships with internal and external stakeholders to maintain and improve service to business users and enhance knowledge and information sharing
Guide and advise others to ensure the sharing of knowledge and best practice throughout the team
Contribute to technical designs, technical delivery plans, and maintain operational documentation.
Requirements
- Work on EFTPS Build activities, Target System on-boarding, Single Point of Contact for support services.
- Lead the complete operations team on technical front
- Respond to the email’s for any advisory task.
- On-call support with the aligned support team member.
- Debugging the issues
- Provide the onsite support for Major/Minor upgrade.
- Perform RCA’s
- DR Failover drills, Define any new policies in the PAM Solution
- Break glass password retrieval
- Update documentation as and when required
- Any new server Account Addition /Deletion for existing types of integrations.
- Adding users in the group and opening of firewall port request.
- Troubleshooting of operational issues like:
- a. Authentication Failure (LDAP user’s/application Internal users like appuser and gwuser)
- b. End point target server connectivity issue
- c. Password change/verification failure
- i. Scheduled task ii. OS (Windows/Unix/Database) level Login accounts
- d. PAM Daily scheduled backup failure
- e. DC to DR data replication failure
- f. PAM Email notification related configuration
- In an unforeseen event or in case the issue is not resolved via L3 team, log PAM support ticket with OEM and follow up for timely resolution.
- To perform drills related to:
- a. DC-DR
- b. DR-DC Fall-back
- c. Vault Restoration
- Business continuity with DR environment
- Manage policies configured in the PAM solution
- Creating new policies
- Consider up to 50 target systems consisting of 25 Linux (Multiple Flavors), 10 Windows & 15 N/w or security devices
- Build and test framework for:
- New Server On-boarding
- User/ Admin Provisioning process for least privilege usage
- Create standard operating procedure documents that can be used as guides to continue onboarding of remaining systems
- Target system on-boarding onto EFTPS environment
- Reporting & Platform Maintenance:
- Response to performance alerts and warnings
- Log monitoring and analysis per instance
- Coordination with other resolver groups per instance
- Trend analysis
- Knowledge Management
- Health Monitoring Check-up
- Continuous Service Improvement
- Impact analysis report as & when required
- Reporting :
- ITSM Reporting
- Performance Reporting
- Executive Reporting
- Adhoc Reports
- Ticket Management:
- Incident Management
- Service Request Management
- Problem ticket Management
- Resolve Problems or liaise with CyberArk or Infrastructure teams for resolution