Senior Information Security Engineer - CyberArk
Want to be part of global talented team working with Information Security technologies? As CyberArk technical lead engineer you will be an instrumental part of our team to successfully lead the technical design and delivery of initiatives related to Privileged Access Management best practices and technology solutions for the global enterprise.
In this role, you will actively participate in providing technical leadership, expertise and direction of on-going development, implementation and operational activities while working in a highly collaborative team environment to deliver Privileged Management capabilities for the global Technology organization using an Agile-based approach. This role works closely with Information Security and Architecture to design and deliver effective privileged management tools, processes and best practices for the organization. Responsibilities
•Provide technical leadership on CyberArk platform.
•Partners with Architecture and Information Security on technical design and design considerations to maintain and improve CyberArk platform, while supporting organization strategic plans. Provides technical mentorship to other team members
•Provide new capabilities in the global CyberArk privileged access management platform to meet security requirements, processes, and best practices. Work with Technology users to configure privileged IDs to leverage appropriate CyberArk services, including Vault, AIM, PSM, APIs or DAP.
•Ability to assess user's use case, provide recommendation on service offering to meet use case, and implement and troubleshoot solution for configuring privileged IDs.
•Partner with Technology users to educate on best practices to ensure IDs are configured in CyberArk and compliant to meet security requirements and standards. Participate in Proof of Technology (POT) and Proof of Concept (POC) to help identify the right solution and recommend the most efficient and cost-effective solution.
•Identify opportunities and develop scripts to automate tasks where possible to minimize any manual work.
•Improve operational environment of global CyberArk platform to provide robust platform and streamline team's processes through automation tools and processes. Partner with Information Security to deliver effective privileged management tools, processes and best practices that addresses privileged management use cases.
•Provide timely and effective operational support for global CyberArk privileged access management platform to meet security requirements, processes, and best practices.
•Partner with Technology teams to resolve problems with effective troubleshooting skills or implement new products or services.
•Use standard technology monitoring tools to monitor assigned environments and/or technical assets and identify/detect behavior outside of established standards. Share on-call responsibilities with teammates. Required Qualifications
•Bachelors degree in Computer Science, MIS, Technology Forensics, or related technical field; or equivalent work experience.
•5-7 years of relevant experience required.
•Exhibits strong passion for continuous improvement of technical skills, CyberArk/IAM/Security knowledge.
•In-depth knowledge with at least 3-5 years of proven engineering experience working in CyberArk suite of Privileged Identity Management solutions.
•Extensive knowledge in CyberArk PIM information security tools in a large, complex, global, multi-platform environment. Experience supporting both new development and operational related items for CyberArk platform.
•Installation and configuration of CyberArk PAS solution, including the Enterprise Password Vault (EPV), Central Policy Manager (CPM), Password Vault Web Access (PVWA), Privileged Session Manager (PSM) and Application Identity Manager (AIM)
•Configuration of the Application Identity Manager (AIM) and Application Service Credential Provider (ASCP)
•Hands-on engineering responsibilities including build, install, configuration, upgrade, test, deployment, performance tuning and optimization of CyberArk PIM product. Engineering development includes documenting procedures/instructions for other team members to follow.
•Expertise in analysis, design, and development of new features for the CyberArk PIM product suite focusing on expanding the capabilities.
•Experience in Java, Python and Ansible, including ability to create or edit scripts for automation/reporting and API development.
•Strong experience in Shell, PowerShell, Bash
•Administer and engineer CyberArk for integrating privileged accounts to meet user requirements.
•Create and manage safes, policies, roles, and permissions to access various systems including Windows servers, UNIX servers, Databases, Networking Devices, and applications.
•Diagnose, isolate, debug problems and perform problem resolution. Participate in troubleshooting and root cause analysis efforts to help identify the solutions and determine next steps to address the issues. Preferred Qualifications
•Knowledge of Containers including Kubernetes, Docker.
•Experience with CI/CD pipelines and tools including, BitBucket, Jenkins, Ansible
•Knowledge on Application Architecture, App servers/ Webserver IIS/Tomcat
•Good understanding of Active Directory.
•Experience in creating automation scripts using PACLI and REST API
•Experience in developing Custom connectors / plugins to various applications.
•Experience in customizing through code CyberArk product when needed and provide guidance to end users and team.
•Strong communication skills working with users across globe on Information Security best practices for privileged management
•Demonstrated experience contributing and collaborating effectively in a high-functioning team.
•Effective organizational, analytical and independent problem solving skills.
•Successful experience coordinating and completing multiple tasks within established and changing deadlines.
•Experience working in the financial services industry or other highly regulated/compliance oriented environments. About Our Company
With the right company, life can Be Brilliant®. The Ameriprise Financial Technology team mission is to create innovative technology solutions and engaging digital experiences for our clients, advisors, and employees. We embrace an inclusive and collaborative culture that allows us to partner across the business and lend our expertise in the areas of corporate computing, network infrastructure and security. We celebrate the unique qualities and reward the contributions of our talented, passionate employees. If you're motivated and want to work for a strong, ethical company that cares about you and your community, take the next step with Ameriprise Technology and we can Be Brilliant® together.
Ameriprise Financial is an equal opportunity employer. We consider all qualified applicants without regard to race, color, religion, sex, national origin, genetic information, age, sexual orientation, citizenship, gender identity, disability, veteran status, marital status, family status or any other basis prohibited by law.