Project Role : Security Architect
Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills : CyberArk Privileged Access Management, Identity Access Management (IAM)
Good to have skills : NA
Minimum
5 year(s) of experience is required
Educational Qualification : 15 years full time education
Summary:
As a CyberArk L3 Engineer / PAM Specialist / SME, a typical day involves in Owning advanced PAM engineering and L3 escalation support for CyberArk, including platform design decisions, complex troubleshooting, integrations, upgrades, automation, audit support, and continuous improvement of PAM services and controls.
Roles & Responsibilities:
- Expected to be an SME, collaborate and manage the team to perform.
- Responsible for team decisions.
- Lead L3 investigation and resolution for complex PAM incidents including non-compliance events (rotation failures, reconciliation issues), session failures, platform defects, and multi-system issues.
- Drive PAM platform engineering across environments (Dev/UAT/Prod) including hardening, stability improvements, and health check automation for
CPM/PSM/CCP/WPM
- Own advanced safe design, policy design, account management policy tuning, and permission model governance for enterprise PAM adoption.
- Lead onboarding for new integrations and complex onboarding patterns, including privileged account discovery and automation-assisted onboarding workflows.
- Integrate CyberArk with upstream/downstream systems and security tooling (e.g., SIEM) where in scope, and support troubleshooting of integration points and
connectors
- Provide audit support and evidence for internal/external reviews (SOX/External) and define remediation plans for control gaps.
- Lead problem management (RCA, permanent fixes, trend reduction) and drive SOP/KB modernization based on operational learnings and repeat patterns.
- Mentor L1/L2 engineers, provide technical governance, and act as the escalation point or PAM technical decisions and delivery quality.
Professional & Technical Skills:
- Must To Have Skills: Proficiency in CyberArk Privileged Access Management.
- 8+ year of experience in privilege access management with minimum 4 plus years of experience in CyberArk
- Good To Have Skills: Experience with Identity Access Management (IAM).
- Deep expertise in CyberArk PAS / Privilege Cloud components including Vault, PVWA, CPM, PSM/PSMP, CCP, and WPM.
- Strong capability in advanced troubleshooting for password management, session management, policy configuration, and enterprise onboarding patterns.
- Proficiency in scripting/automation for PAM operations (PowerShell, Python, REST APIs) to enable operational automation and repeatable fixes.
- Experience supporting or implementing integrations with identity platforms and security monitoring tooling as required for operational monitoring and audit trails.
Additional Information:
- CyberArk Sentry (Level 3) / CyberArk Defender (Level 2)
- CyberArk CDE (Certified Delivery Engineer)
- Cloud Service Provider (CSP) certification
- The candidate should have minimum 5 years of experience in CyberArk Privileged Access Management.
- This position is based at our Bengaluru office.
- A 15 years full time education is required
