CyberArk PAM IAM SME/Project Manager, BA

• Business Analysis & requirements gathering
• Ensure alignment on documentation and requirements
• Create PAM intranet user guide
• Define requirements for SailPoint, ITSM, Osirium, Nerm, AD Migration
• Create Raci
• Facilitate meetings and drive discussions
• Liaise with Vendors negotiate tool purchases/selection
• Conduct POC for PAM & IAM tools
• Create test scripts, test plan, manage & co-ordinate testing
• Create JML, PAM, ITSM, IAM Processes
• Operational readiness management
• Conduct gap analysis on SailPoint testing scenarios
• Guide teams on best practice
• Close audit requirement gaps
• Create onboarding plan
• Guide team on DNA scans
• Conduct workshops to capture data
• Create process documentation
• Create Visio flow diagrams
• Gap analysis
• Establish use cases
• Gather onboarding requirements
• Policies and procedure gap analysis
• Provide input and best practice on processes, policies
• Create onboarding plan
• Create safe designs
• Create comms templates
• Engage with application owners

• Management of technologies to be onboarded into CyberArk
• Provide CyberArk technical support & guidance
• Data cleansing
• Requirements gathering for onboarding of Emergency Accounts into CyberArk
• Review security policies in alignment with expectations on Emergency Accounts
• Support process vs gap analysis
• Create process documentation
• Gather uses cases from users and safe owners for show copy function usage
• Analysis of show copy password use cases
• Reduce the usage of show & copy password function
• Ensure monitoring of show & copy password usage to be up & running
• Produce daily monitoring reports on show copy usage for privileged accounts
• Stakeholder engagements
• Liaise with CyberArk engineers, Architect, Analysts, Auditors
• Attend weekly PAM meetings
• Manage people against the plan
• Ensure all milestones are met within strict timeframes
• Produce bi-weekly project status reports
• Create CyberArk low level designs for the onboarding of emergency accounts within Asia. This consisted of platform, policies, accounts following naming conventions, password policy

• Privileged Accounts Security 9.6
• Enterprise Password Vault Management
• CPM Management
• Configure Windows & Unix Centrify platforms, apply exceptions within master policy
• Administration of platforms, safes and accounts within CyberArk & Active Directory
• Create test scripts/run book
• Troubleshooting
• Testing in UAT environment
• Configuration & testing on psm, psmp, account migration
• Create user accounts, PAM security & functional groups within Active Directory
• On-board managed pooled accounts with PVWA for the Storage, Unix, Wintel, PSG, SQL, Oracle teams
• Administration within Private Ark
• Liaising with Project Managers and Teams
• Mentor teams to conduct knowledge transfer
• Reporting within PVWA
• Liaising with CyberArk engineers

CyberArk Engineer responsibilities:

• Privileged Accounts Security (PAS)
• Privileged Identity Management (PIM)
• Enterprise Password Vault Management
• Capture detailed requirements for the CyberArk solution based on input from platform owners, target architecture and high-level requirements
• Administration of platforms, safes and accounts within CyberArk & Active Directory
• Testing in UAT environment
• On-boarding privileged accounts with PVWA
• Liaising with Project Managers and Teams
• Producing Log & trace files for investigation
• Design & Architecture
• Mentor teams to conduct knowledge transfer
• System lock downs
• Incident management
• Policy Management
• Managing requests within Service Now
• Liaising with CyberArk engineers

PAM Project Coordinator responsibilities:

• Contact IT owners regarding service accounts that integrate into AD to establish the impact of moving each service to the new OU Structure
• Migrating user accounts and servers to new OU
• Contact line managers regarding expired users accounts and liaise with HR
• Attend weekly PAM project meetings
• Review list of users that are admins over all workstations and then raise RFCs to remove those where the permission is not required
• Provide administrative duties
• Cleanse of Active Directory administrator groups, service accounts contacting members within the groups and removing form accounts groups once the RFC has been approved

• Provide customer liaison support for the IAM Service
• Provide SME expertise to other offshore AC specialists based in Costa Rica
• Process requests limited to onshore execution
• Work with application support teams to resolve provisioning workflow issues
• Create quality practices to be shared with Access Control
• Support end user community by providing onsite support for transactions and escalations
• Create modify delete users within Unix
• Create modify users within Swift, Citi Direct, Euclid, Crest, Radius, Cascade, Gloss
• Creation online, TCMS Smart Card, Radius, Treasury Edge, HSBC
• Administer users within RSA server
• Deal with incidents within Remedy
• Action My Access requests in a timely manner
• Ensure agreed service level agreements are achieved and maintained

• Performing 1st & 2nd line fixes via remote services
• Install software
• Log incidents and service request via Hornbill application
• Create and modify Active Directory privileged accounts/generic and groups
• Action authorised requests to create/modify/delete/suspend accounts
• Create, and delete, modify Mailboxes & distributions lists within MS exchange console
• Assist with BAU application requests, approval, and implementation
• Creation/Deletions/modifications for remote access within RSA server
• Management of audio files to be burnt onto cd/usb

• Active Directory Administration including Exchange 2003 Mailboxes, Distribution lists
• User Account Creation/ Deletion/Modifications across multiple domains
• Permission user folder access
• Monitor and action my requests and queues and respond in a timely manner within remedy call logging system
• Ensure agreed service level agreements (SLA) are achieved and maintained

• Providing 1st/2nd line support on bespoke application, intranet, ms office, xp
• Run weekly reports within SAP application for Project Office
• Calling logging & call ownership via Remedy
• Remote application installations
• Password resets
• Work within strict SLA's
• Remote connect via terminal services to perform 1st time fixes
• Create/delete/modify accounts within Active Directory, Citrix, Intranet, Unix
• Call logging via Remedy for email and phone requests
• Create role id accounts in Active directory
• Create phone extensions for new users and visitors
• Manage people pages within intranet directory
• Rename accounts within intranet, active directory, Mitel
• Disconnect citrix sessions
• Organise moves and changes with facilities department
• Arrange & conduct I.T inductions for new users
• Manage the new user and leavers process
• Manage and update changes to new users spread sheet
• Administer secure id tokens in RSA
• Create shared mailboxes, distribution lists
• Organising, attending meetings, taking minutes, arranging venues
• Arrange laptop requests for permanent access & temporary use
• Input & assist in processes & writing procedures

• Providing first/second line support
• Connecting remotely to user's pc via Citrix
• Disconnect Citrix sessions
• Call logging phone & email request via Magic
• Manage incidents within Magic call logging system
• Reset passwords in Active Directory, Citrix, Clinical assessment software