Job Description
- Designation
- Privileged access management (CyberArk)– Assistant Manager / Manager
- Language
>8 years of experience in Privileged access management
- English
- Arabic (added advantage)
- Certifications:
- CyberArk (Trustee/ Defender/ Sentry/ Guardian)
- SailPoint IIQ (Associate/ Professional/ Engineer/ Architect)
- SailPoint IDN (Professional/ Engineer)
- Additional recognized technical certification such as Oracle, SailPoint IIQ or IDN, One Identity, Azure AD, Ping Identity, OKTA, BeyondTrust, or similar
- CISSP
- CISM
Optional
- SC-300: Microsoft Identity and Access Administrator
- Certified Access Management Specialist (CAMS)
- Certifications in Architecture (e.g., TOGAF, SABSA)
- Skills
- Ability to lead the design and execution of end-to-end PAM programs, particularly with CyberArk, alongside other platforms like Delinea and BeyondTrust.
- Expertise in PAM solutions, focusing on CyberArk for the management of privileged accounts, including setup, policy configuration, and security controls.
- Hands-on experience in deploying CyberArk’s components such as Enterprise Password Vault, Central Policy Manager, Privileged Session Manager, and Application Access Manager.
- Ability to conduct advanced troubleshooting and performance optimization of CyberArk installations to ensure robustness and scalability.
- Hands-on experience with Identity Governance and Administration (IGA) solutions such as SailPoint and Saviynt, specializing in configuring workflows, access policies, and compliance controls relevant to privileged access.
- Proficient in integrating PAM solutions with various applications, services, and platforms, utilizing APIs, connectors, and identity federation protocols specific to privileged sessions.
- Demonstrated expertise in designing and implementing complex Role-Based Access Control (RBAC) models tailored for privileged account management.
- Experience working with firms like the Big 4 or leading Global Solution Integrators on PAM projects.
- Capable of independently driving and coordinating PAM initiatives to successful completion.
- Effective collaboration within global teams, particularly in projects involving privileged access management.
- Strong analytical skills with a focus on the details and security implications of privileged access.
- Outstanding communication, presentation, and report-writing skills, especially in contexts requiring explanation of technical PAM concepts.
- Experience
- Implemented PAM technologies including CyberArk, BeyondTrust, and Delinea, focusing on security configurations and policy enforcement.
- Configured CyberArk for seamless integration with Privileged Identity Management (PIM) solutions to enhance credential security and access controls.
- Integrated CyberArk Privileged Session Manager (PSM) with Security Information and Event Management (SIEM) systems like Splunk and IBM QRadar for real-time monitoring of privileged activities.
- Developed connectors and scripts for interoperability between CyberArk and various IGA platforms, ensuring consistent policy enforcement and identity synchronization.
- Utilized CyberArk to generate detailed reports on privileged access and audit logs, supporting compliance with regulatory standards.
- Developed PAM strategies to align with security protocols and infrastructure requirements.
- Engineered secure PAM architectures, integrating privileged account security solutions with enterprise systems.
- Conducted detailed technical evaluations of PAM vendors for system compatibility and security features.
- Utilized scripting languages like PowerShell and Python for automation of PAM tasks and integration processes.
- Set up and managed PAM environments for Testing, User Acceptance Testing (UAT), Production, and Disaster Recovery.
- Configured PAM systems to ensure operational continuity and secure synchronization of privileged account data.
- Executed User Acceptance Testing (UAT) for PAM systems, verifying functional and security specifications with end users.
- Developed RBAC models for PAM to delineate access controls and manage privileged accounts efficiently.
- Integrated PAM with security infrastructure including Firewalls, IDS/IPS, and SIEM systems for enhanced monitoring and threat detection.
- Implemented Federation technologies within PAM frameworks to support secure and scalable access management.
- Designed authentication and authorization architectures specific to PAM, employing multi-factor authentication and biometric verifications.
- Managed PAM security operations, overseeing service delivery, incident resolution, and compliance with security standards.
- Created technical documentation for PAM implementations, outlining system configurations, operational procedures, and compliance guidelines.
- Streamlined PAM processes and workflows to enhance efficiency and security in managing privileged access.
- Established PAM governance frameworks to ensure systematic oversight and adherence to security best practices.
- Responsibilities
- Support in installation, integration, and maintenance of one or more IAM / CIAM / PAM products such as Sailpoint, Saviynt, Okta, CyberArk, BeyondTrust, or ForgeRock.
- Deliver and manage major IAM programs, orchestrating the planning, implementation, and completion in alignment with established objectives and timelines.
- Provide post-implementation support and regular system maintenance and support which will periodically require evening, weekend, and on-call support.
- Take a leading role in evaluating the security capabilities and solutions of IAM, determining optimal ways to integrate them throughout the enterprise.
- Engage with clients, collaborating closely with both on-site and offshore delivery teams to ensure effective communication and strong coordination in the project execution process.
- Lead project management meetings including status updates, technical assessment reports and key stakeholder meetings.
- Develop, drive and review IAM frameworks including TOMs, policies, procedures, and templates.
- Develop comprehensive documentation, guidelines, and user manuals that explain IAM processes.
- Initiate onsite knowledge transfer and training sessions for end users, ensuring they are well-equipped to understand and utilize the IAM system effectively.
- Develop blueprints for Role-Based Access Control (RBAC), outlining the precise structure and guidelines for assigning access privileges based on roles and responsibilities within the organization.
- Develop IAM Reference Model for Low Level and High-Level Design documents to provide a structured framework for identity and access management implementations.
- Define IAM functional and non-functional design requirements, outlining the specific capabilities and performance characteristics required for effective IAM solutions.
- Review and enhance the IAM target operating model by refining KPIs, RACI, Policies, and Procedures, ensuring a streamlined and effective approach to IAM.
- Define Prioritization Strategy for the applications and systems in scope, determining the order and significance in which they should be addressed and integrated within the IAM framework.
- Monitor user activity and reporting on the IAM system and ensure that continuous monitoring tools and technologies access control is managed adequately.
- Provide subject matter recommendations related to the leading IAM products.
- Build working relationships with IAM vendor product management, development, and engineering teams.
- Lead and respond to client Request for Proposals (RFP) and pitches.
- Support Thought Leadership and Webinar initiatives for Identity and Access Management.
