Cyberark Consultant

We are currently seeking an identity and access management specialist with deep level expertise in CyberArk, Active Directory, Azure AD, SAML,
and OAuth, and Cloud Identity Solutions. As a member of the UMG Technical Services team, the CyberArk Engineer is responsible to ensure our
CyberArk environment, including Vault, CPM, PVWA, and PTA, functions at peak efficiency across UMG’s diverse global enterprise environment. The
position will be a team player working to expand and mature the integration of our CyberArk solutions for use with our enterprise applications, dev-ops, implementation, day-to-day administration, and operations teams.

In addition to having strong technical skills, you must be comfortable in effectively communicating with business end users, technical IT teams,
business partners, network providers, and business process outsourced vendors, all while being sensitive to a wide diversity of cultural and technical
backgrounds in a global business environment.

Job Functions:

• Using your expertise in CyberArk and background in identity and privilege access management, evaluate/update and make recommendation for UMG’s CyberArk installation.
• Review, update, install, and train others on the features and best practices of CyberArk, creating a secure, sustainable and highly automated environment that meets UMG’s requirements across all on-prem and cloud-based footprints.
  o Working with the team, identify the tools and techniques to translate UMG needs and future goals into a plan that will enable secure and effective solutions.
  o Apply expertise in the installation and configuration of the CyberArk platform, including conducting routine solution maintenance, monitoring the health of the platform, and conducting daily proactive monitoring of the CyberArk production environment.
  o Automate processes across the CyberArk products
• Monitor CyberArk and support any break/fix, upgrades, patches, and performance or integration related issues.
• Create automated periodic reports as required, and address any discrepancies found.
• Support critical CyberArk functions, including maintenance, patch identification and publication, and upgrades of CyberArk and related modules.
• Maintain responsibility for privilege user incident management support, user acceptance testing of privilege accounts, load testing, performance testing, and validation testing of the CyberArk solution.
• Maintain & support CyberArk on a daily basis, troubleshooting Vault, CPM, PTA, PSM/PSMP, PVWA, LCD/EPM issues as required
• Resolution of trouble tickets including password rotations, password malfunctions, account creations, account changes, scheduling.
• Installation of CyberArk vault including multiple CPMs, PVWAs, and as built documentation
• Collaborate to define access control, user entitlements, and user access policy management
• Collaborate to develop and execute overall project plan and timelines for key deliverables
• Work with development teams on integration with CyberArk

Job Requirements:

Essential:

• CyberArk Expertise
  o CyberArk administration, configuration, implementations, designs, and troubleshooting
  o Minimum of 4 years directly related experience in CyberArk toolset, including Vault, CPM, PVWA, PSM, and PTA
  o Experience in Privileged Account Management with CyberArk PIM Administration
  o Extensive experience in implementation and integration of Cyber-Ark’s Privileged Identity Management (PIM) Suite
• Advanced experience with script development (PowerShell/Python preferred)
• Experience with PAM tasks – Defining Access Control, User Entitlements, Manage Applications Credentials, User Access Policy Management.
• Able to work with confidential and sensitive information, maintaining confidentiality.
• A high level of technical ability for diagnosis, troubleshooting and problem analysis with the ability to clearly communicate the results of problem analysis to business stakeholders, IT support teams, and network providers to quickly and effectively resolve issues.
• Technical competence in the following:
  o PAM & PIM via CyberArk product suite
  o CyberArk Administration/Development
  o Security protocols such as LDAP-S, SAML, WS-Federation, SCIM, OAuth, and OIDC
  o Component services & areas: domain design, DDNS, DHCP, Directory Services including directory services
  replication/synchronization, Kerberos, Active Directory compliance for Schema Extensions, DEA (Directory Enabled
  Applications), LDAP-S, AD integration security, federation services and Forest system context management for
  application services
  o Adept at scripting in Python, PowerShell and/or one or more additional scripting languages
• Demonstrated current work experience engineering, customizing, and integrating IAM solutions such as Azure Active Directory, Active Roles, Duo, MIM, CyberArk, Duo, Okta, and Sailpoint/Saviynt
• Demonstrated organizational skills, attention to detail and ability to work both independently and as part of a team. As a senior member of the team, ability to work unsupervised, prioritize own workload, and mentor other team members as required is essential
• Comfortable in a global fast-paced enterprise team environment, with ability to adjust to changing priorities and schedules, and balance support and project work
• Customer service driven/focused with a proactive and positive can-do approach, demonstrating effective communication with multiple
  internal/external stakeholders in a global business environment

Desirable:

• Bachelor’s Degree in Computer Science, Engineering, Network Security or related field
• Demonstrated excellent technical writing skills and project/program management experience
• IT Certifications including CyberArk Sentry/Guardian, Microsoft Certification specialization in Identity Management, CISSP, and ITIL v3
  Foundations certifications. International experience beneficial; multiple language skills a plus