Additional recognized technical certification such as Oracle, SailPoint IIQ or IDN, One Identity, Azure AD, Ping Identity, OKTA, BeyondTrust, or similar
CISSP
CISM
Optional
SC-300: Microsoft Identity and Access Administrator
Certified Access Management Specialist (CAMS)
Certifications in Architecture (e.g., TOGAF, SABSA)
Skills
Ability to lead the design and execution of end-to-end PAM programs, particularly with CyberArk, alongside other platforms like Delinea and BeyondTrust.
Expertise in PAM solutions, focusing on CyberArk for the management of privileged accounts, including setup, policy configuration, and security controls.
Hands-on experience in deploying CyberArk's components such as Enterprise Password Vault, Central Policy Manager, Privileged Session Manager, and Application Access Manager.
Ability to conduct advanced troubleshooting and performance optimization of CyberArk installations to ensure robustness and scalability.
Hands-on experience with Identity Governance and Administration (IGA) solutions such as SailPoint and Saviynt, specializing in configuring workflows, access policies, and compliance controls relevant to privileged access.
Proficient in integrating PAM solutions with various applications, services, and platforms, utilizing APIs, connectors, and identity federation protocols specific to privileged sessions.
Demonstrated expertise in designing and implementing complex Role-Based Access Control (RBAC) models tailored for privileged account management.
Experience working with firms like the Big 4 or leading Global Solution Integrators on PAM projects.
Capable of independently driving and coordinating PAM initiatives to successful completion.
Effective collaboration within global teams, particularly in projects involving privileged access management.
Strong analytical skills with a focus on the details and security implications of privileged access.
Outstanding communication, presentation, and report-writing skills, especially in contexts requiring explanation of technical PAM concepts.
Experience
Implemented PAM technologies including CyberArk, BeyondTrust, and Delinea, focusing on security configurations and policy enforcement.
Configured CyberArk for seamless integration with Privileged Identity Management (PIM) solutions to enhance credential security and access controls.
Integrated CyberArk Privileged Session Manager (PSM) with Security Information and Event Management (SIEM) systems like Splunk and IBM QRadar for real-time monitoring of privileged activities.
Developed connectors and scripts for interoperability between CyberArk and various IGA platforms, ensuring consistent policy enforcement and identity synchronization.
Utilized CyberArk to generate detailed reports on privileged access and audit logs, supporting compliance with regulatory standards.
Developed PAM strategies to align with security protocols and infrastructure requirements.
Conducted detailed technical evaluations of PAM vendors for system compatibility and security features.
Utilized scripting languages like PowerShell and Python for automation of PAM tasks and integration processes.
Set up and managed PAM environments for Testing, User Acceptance Testing (UAT), Production, and Disaster Recovery.
Configured PAM systems to ensure operational continuity and secure synchronization of privileged account data.
Executed User Acceptance Testing (UAT) for PAM systems, verifying functional and security specifications with end users.
Developed RBAC models for PAM to delineate access controls and manage privileged accounts efficiently.
Integrated PAM with security infrastructure including Firewalls, IDS/IPS, and SIEM systems for enhanced monitoring and threat detection.
Implemented Federation technologies within PAM frameworks to support secure and scalable access management.
Designed authentication and authorization architectures specific to PAM, employing multi-factor authentication and biometric verifications.
Managed PAM security operations, overseeing service delivery, incident resolution, and compliance with security standards.
Created technical documentation for PAM implementations, outlining system configurations, operational procedures, and compliance guidelines.
Streamlined PAM processes and workflows to enhance efficiency and security in managing privileged access.
Established PAM governance frameworks to ensure systematic oversight and adherence to security best practices.
Responsibilities
Support in installation, integration, and maintenance of one or more IAM / CIAM / PAM products such as Sailpoint, Saviynt, Okta, CyberArk, BeyondTrust, or ForgeRock.
Deliver and manage major IAM programs, orchestrating the planning, implementation, and completion in alignment with established objectives and timelines.
Provide post-implementation support and regular system maintenance and support which will periodically require evening, weekend, and on-call support.
Take a leading role in evaluating the security capabilities and solutions of IAM, determining optimal ways to integrate them throughout the enterprise.
Engage with clients, collaborating closely with both on-site and offshore delivery teams to ensure effective communication and strong coordination in the project execution process.
Lead project management meetings including status updates, technical assessment reports and key stakeholder meetings.
Develop, drive and review IAM frameworks including TOMs, policies, procedures, and templates.
Develop comprehensive documentation, guidelines, and user manuals that explain IAM processes.
Initiate onsite knowledge transfer and training sessions for end users, ensuring they are well-equipped to understand and utilize the IAM system effectively.
Develop blueprints for Role-Based Access Control (RBAC), outlining the precise structure and guidelines for assigning access privileges based on roles and responsibilities within the organization.
Develop IAM Reference Model for Low Level and High-Level Design documents to provide a structured framework for identity and access management implementations.
Define IAM functional and non-functional design requirements, outlining the specific capabilities and performance characteristics required for effective IAM solutions.
Review and enhance the IAM target operating model by refining KPIs, RACI, Policies, and Procedures, ensuring a streamlined and effective approach to IAM.
Define Prioritization Strategy for the applications and systems in scope, determining the order and significance in which they should be addressed and integrated within the IAM framework.
Monitor user activity and reporting on the IAM system and ensure that continuous monitoring tools and technologies access control is managed adequately.
Provide subject matter recommendations related to the leading IAM products.
Build working relationships with IAM vendor product management, development, and engineering teams.
Lead and respond to client Request for Proposals (RFP) and pitches.
Support Thought Leadership and Webinar initiatives for Identity and Access Management.