Cyber Security Consultant

CyberArk PAM Consultant

Role Type-Full Time

Experience - 3+ Years

Notice Period - 10–15 Days

PAM Deployment & Administration

• Deploy, configure, harden, and upgrade all CyberArk components: Vault, PVWA, CPM, PSM, PSMP, PTA, AAM/AIM, and Privilege Cloud.
• Implement and maintain High Availability (HA) and Disaster Recovery (DR) architectures for on-prem and hybrid deployments.
• Execute Vault failover/failback DR drills and maintain updated DR runbooks and compliance documentation.
• Perform routine health checks, patching, backup & restore operations, and capacity planning.
• Implement and enforce RBAC, granular access controls, and least-privilege password policies across cloud and on-prem environments.

Account Migration & Onboarding

• Lead end-to-end privileged account migration activities – discovery, classification, onboarding, and reconciliation.
• Design and execute bulk account onboarding workflows using REST APIs, PACLI, and CyberArk automation tools.
• Develop and maintain Safe structures, platform configurations, and account management policies aligned to project and compliance requirements.
• Validate migrated accounts post-onboarding through credential verification and access testing.
• Coordinate with application and infrastructure teams to minimize downtime during migration windows.

Connector & Plugin Development

• Design, develop, and customize CPM plugins for non-standard target systems using INI-based and scripted plugin frameworks.
• Build and integrate PSM/PSMP connectors for diverse platforms including web apps, cloud consoles, mainframes, and custom applications.

Integrations & Ecosystem

• Integrate CyberArk with enterprise systems: Active Directory / LDAP, SIEM platforms (Splunk, QRadar), MFA solutions, SSO/SAML providers, and ITSM ticketing tools (ServiceNow, Jira).
• Maintain integration with cloud platforms (AWS, Azure, GCP) leveraging Privilege Cloud and Dynamic Privileged Access controls.

Operational Support & Automation

• Provide L2/L3 production support for CyberArk platform issues, troubleshooting failures in CPM password management, PSM session recording, and Vault connectivity.
• Automate account reconciliation, platform health monitoring, and compliance reporting pipelines.
• Produce daily, weekly, and monthly operational dashboards and status reports for stakeholders.
• Manage and update knowledge base articles, runbooks, SOPs, and operational documentation continuously

Security & Compliance

• Apply CyberArk security hardening baselines in line with CyberArk Blueprint recommendations and organizational security standards.
• Support internal and external audits by providing access logs, session recordings, and compliance evidence from CyberArk.

Certifications

• CyberArk Certified Delivery Engineer – PAM and/or Privilege Cloud; or CyberArk Sentry certification.

Skills / Tools

CyberArk Core

Vault, PVWA, CPM, PSM, PSMP, PTA, AAM/AIM, Privilege Cloud

OS & infra

Windows Server, RHEL/CentOS/Ubuntu Linux, Networking basics (DNS, TCP/IP, Firewall)

Identity & Directory

Active Directory, LDAP, Azure AD, SAML/SSO, MFA (Okta, RSA)