Voltar a Todos os Empregos
Bucharest, Romania
5 hours ago
PAM Operations - CyberArk Operations L3

Job Description & Summary

The Opportunity  

 

PwC is looking for an experienced CyberArk operations L3 support engineer, within our Privileged Enterprise Identity and Access Management (PAM) team. This team is part of our IT Services Company, an internal function, that provides support to all PwC firms that comprise the global network of PwC firms. In this role, you will provide hands on Level 3 design, deployment, upgrade and configuration support for CyberArk’s Privileged Access Manager solution. PwC maintains one of the largest deployments of CyberArk’s PAM solution across the globe, in terms of the number of instances deployed including both on-premises and cloud-based deployments. Our PAM team is at the forefront of designing, developing, testing and implementing identity solutions that control and minimize PwC’s attack surface, protect our client’s data and secure our intellectual property.  

 

What you will be doing 

Design, test, deploy, upgrade, configure and operate multiple instances of CyberArk’s Privileged Access Manager solution, hosted on-premises and in the cloud  

Ability to work in a fast-paced environment with changing and shifting priorities  

Ability to work non-standard hours including weekends and/or after business hours as required  

Participates in a shared on-call shift rotation  

Participate in Program Increment (PI) workshops as part of the Enterprise Identity Agile Release Train (ART)  

Adheres to operational and service level agreements for the team’s support/assignment queue in ServiceNow  

Identify and decommission underutilized infrastructure, cloud resources, configurations, policies, etc. Likewise identify where capacity/growth is required to support the service  

Support the building, migration and replacement of CyberArk component servers (inclusive of Vaults)  

Configure Vault integration with HSM partitions  

Joins troubleshooting and major incident calls as required  

Review system and application logs to identify errors and issues  

Identify and communicate non-standard or non-compliant configurations  

Opens and manages support cases on the CyberArk customer portal and bring to resolution  

Define and configure policies, platforms, safes and onboarded objects/accounts  

Contribute to and refine high level and detailed design documentation  

Quality review CyberArk infrastructure components deployments prior to entering service  

Define and configure monitoring scripts across infrastructure including configuration of alerts in Splunk  

Conduct and contribute to audits of system configurations and identify gaps for remediation   

Adheres to ITSM processes (Change, Incident, Problem, etc)  

Drafts and edits weekly end-user or service wide impact communications  

Migrates objects between different instances of CyberArk using established procedures and scripts  

Configure updated roll-based security models within CyberArk to meet regional compliance requirements  

Support adoption of an agile “DevOps” approach to CyberArk component and infrastructure deployment  

Follow appropriate release management practices from Development to Production environments  

Complete trainings required to operate in PwC operational tools, cloud and DevOps platforms  

Draft, publish and maintain comprehensive documentation required to design, deploy, configure and operate CyberArk’s PAM solution  

Draft detailed implementation and backout plans, identify dependencies and coordinate across multiple teams to implement complex changes  

Meticulously plan changes that minimize or eliminate impact to the CyberArk service  

Review and understand release notes for CyberArk’s PAM solution  

Support the remediation of monthly vulnerabilities across CyberArk infrastructure  

Implement security bulletins provided by CyberArk  

Supports the patching of physical vault server firmware/drivers and OS  

Request and replace certificates on CyberArk infrastructure prior to expiration  

Lead by example and inspire those around you  

Possess superior organization skills  

Demonstrate the ability to “manage self” and be independent  

Be collaborative and a team player   

Demonstrate strong analysis, critical thinking and problem-solving skills  

Compare and assess data across different sources and make observations from it  

Clearly communicate during meetings  

Articulate your point of view and ideas to improve processes  

Responsive to emails, chats and requests  

Escalate issues early before they become problems/blockers  

Possess clear and concise writing skills  

Ownership of your “space” (projects, tasks)  

Demonstrate a natural curiosity to understand PwC technologies and processes and resolve issues  

Makes a best effort to search for and use all available resources (i.e. knowledge bases, wikis, other staff) at your disposal  

Inspects and delivers quality work  

Has a willingness to share lessons learned and share knowledge across the team  

Builds upon expertise towards advancing the team’s goals and mission  

Differentiates themself within the team by establishing a “brand” and is seen as dependable and trustworthy  

Delivers sustained impacted and value  

Onboards and mentors new team members  

Provides and requests feedback in real time  

 

 

What we need from you  

Experience in deploying, upgrading, configuring, operating, administering and maintaining CyberArk’s Privileged Access Manager solution (full suite) 

University bachelor's degree 

4+ years combined experience in designing, deploying, upgrading, configuring, operating, administering and maintaining CyberArk’s Privileged Access Manager solution  

Experience in configuring logon sequences, CPM plug-ins and PSM connection components  

Possesses a superior attention to details  

Possesses interpersonal skills (has an ability to interact and work with customers directly)  

Experience in using the CyberArk API, PACLI, Export Vault Data utility, Reports, community developed PASReporter tool and psPAS (PowerShell Module for the API)  

Understands authentication and authorization concepts including LDAP, MFA, Active Directory, SAML and RADIUS  

Understands Microsoft Active Directory, groups, group policy objects and service accounts  

Understands identity and access management (IdAM) concepts (i.e. identity system of truth, user provisioning, accounts, entitlements, roles, access certifications, segregation of duties)  

Knowledgeable of the Network OSI Layers  

Knowledge of DNS  

Knowledge of Firewall policies  

Understanding of Load Balancing and/or Traffic management  

Understanding of Certificates  

Experience with Microsoft Windows Server OS and using diagnostic tools (process monitor, event viewer, debug) to troubleshoot  

Experience with Microsoft IIS  

Knowledgeable of SMTP  

Knowledgeable of NTP  

Knowledgeable of Syslog  

Familiar with ITIL concepts (i.e. incident, request, change, problem, configuration items)  

 

We appreciate the interest shown by all candidates. However, we wish to advise that only suitable candidates will be contacted. 

Mostrar Mais
Salvar & Candidatar-se depois Applying Later... Click to ApplyI AppliedDidn't Apply
Confirmar seu email: Enviar Email
Candidatar-se à essa vaga
Próxima Vaga »
Todos os Empregos de PwC Public Sector
Vagas de emprego de 44 PwC Public Sector em Bucharest
Próxima Vaga »
Pesquisar Vagas Pwc Public Sector Candidatar-se depois
Processando Empregos Exclusivos Para Você: