Cyber Security Consultant

CyberArk PAM Consultant\n\nRole Type-Full Time\nExperience - 3+ Years\nNotice Period - 10–15 Days\n\nPAM Deployment & Administration\nDeploy, configure, harden, and upgrade all CyberArk components: Vault, PVWA, CPM, PSM, PSMP, PTA, AAM/AIM, and Privilege Cloud.\nImplement and maintain High Availability (HA) and Disaster Recovery (DR) architectures for on-prem and hybrid deployments.\nExecute Vault failover/failback DR drills and maintain updated DR runbooks and compliance documentation.\nPerform routine health checks, patching, backup & restore operations, and capacity planning.\nImplement and enforce RBAC, granular access controls, and least-privilege password policies across cloud and on-prem environments.\n\nAccount Migration & Onboarding\nLead end-to-end privileged account migration activities – discovery, classification, onboarding, and reconciliation.\nDesign and execute bulk account onboarding workflows using REST APIs, PACLI, and CyberArk automation tools.\nDevelop and maintain Safe structures, platform configurations, and account management policies aligned to project and compliance requirements.\nValidate migrated accounts post-onboarding through credential verification and access testing.\nCoordinate with application and infrastructure teams to minimize downtime during migration windows.\n\nConnector & Plugin Development\nDesign, develop, and customize CPM plugins for non-standard target systems using INI-based and scripted plugin frameworks.\nBuild and integrate PSM/PSMP connectors for diverse platforms including web apps, cloud consoles, mainframes, and custom applications.\n\nIntegrations & Ecosystem\nIntegrate CyberArk with enterprise systems: Active Directory / LDAP, SIEM platforms (Splunk, QRadar), MFA solutions, SSO/SAML providers, and ITSM ticketing tools (ServiceNow, Jira).\nMaintain integration with cloud platforms (AWS, Azure, GCP) leveraging Privilege Cloud and Dynamic Privileged Access controls.\n\nOperational Support & Automation\nProvide L2/L3 production support for CyberArk platform issues, troubleshooting failures in CPM password management, PSM session recording, and Vault connectivity.\nAutomate account reconciliation, platform health monitoring, and compliance reporting pipelines.\nProduce daily, weekly, and monthly operational dashboards and status reports for stakeholders.\nManage and update knowledge base articles, runbooks, SOPs, and operational documentation continuously\n\nSecurity & Compliance\nApply CyberArk security hardening baselines in line with CyberArk Blueprint recommendations and organizational security standards.\nSupport internal and external audits by providing access logs, session recordings, and compliance evidence from CyberArk.\n\nCertifications\nCyberArk Certified Delivery Engineer – PAM and/or Privilege Cloud; or CyberArk Sentry certification.\n\nSkills / Tools\nCyberArk Core\nVault, PVWA, CPM, PSM, PSMP, PTA, AAM/AIM, Privilege Cloud\nOS & infra\nWindows Server, RHEL/CentOS/Ubuntu Linux, Networking basics (DNS, TCP/IP, Firewall)\nIdentity & Directory\nActive Directory, LDAP, Azure AD, SAML/SSO, MFA (Okta, RSA)