Cyberark consultant

About Us:

At Tech Mahindra
(
Tech Mahindra | Connected World, Connected Experiences
), we live the philosophy of connected world and connected experiences. We thrive on change that is powered by the intelligent symphony of technology and humans designing meaningful and sustainable experiences. Consumer 'experiences' are driving and disrupting industries like never before. Businesses must build seamless yet simple enterprises that collaborate, synergize, and drive the change. Change that connects us all and empowers us to deliver experiences that span across the digital, the physical, the convergent, and everything in between. That's when truly connected experiences manifest.

Extraordinary is when experiences come together – a continuous convergence of digital technologies, touchpoints, and most importantly people. It's time to reimagine, reinvent, and revolutionize business models & operations as well as to transform enterprises into living, breathing, and connected businesses. We are the Digital Change makers who strive to change the way the world, communities, businesses, and humans interact digitally. We are harnessing the power of change, brought in by technologies, that makes it the most exciting time to be alive in the human history. Our universe, as we build it, disrupt it, and redesign it, is powering the digital change.

Tech Mahindra represents the connected world, offering innovative and customer-centric information technology experiences, enabling Enterprises, Associates, and the Society to Rise. It has 150,000+ professionals working for 1000+ Global Customers (including Fortune 500 companies) in 90 Countries. We're part of the esteemed Mahindra group, headquartered in Ind
ia. U
nder a new CEO, Tech Mahindra is committed to a transformative journey with 'Scale @ Speed' as our guiding principle.

About the role:

Job Description – PAM Engineer/ Consultant (8-10 Years Experience)

Role Overview

We are looking for a highly experienced CyberArk Operations & Development Engineer (with experience on Arcon preferred) with expertise in managing, enhancing, and securing enterprise CyberArk PAM environments.

The role involves platform review, hardening, implementation of best practices for PAM, compliance management, and audit support for CyberArk Privilege Cloud and associated modules and a similar review of Arcon setup.

Key Responsibilities

1. Cyberark design best practices alignment and remediation of gaps in the existing set up

2. Review the PSM, PVWA and CPM setup, master policies

3. Safe/ vault architecture and setup

4. Utilize consulting acumen to guide/ review the setup in the environment and implementation of missing controls

5. Review design architecture, Implement controls and provide CyberArk setup for the BAU teams to achieve the following:

6. Manage daily operations of CyberArk Privilege Cloud (ISPSS), including PVWA, PSM, CPM, Vault, CCP/CP components.

7. Handle BAU tasks such as safe creation, platform configuration, onboarding/offboarding of privileged and service accounts, and session monitoring, aligned with cyberark best practices
8. Maintain CPM password rotations, PSM connection stability, and ensure adherence to access policies.

2. Review and Configure API/ Third Party integrations, SIEM integration

• Develop and maintain PSM and CPM plugins for custom requirements and third-party integrations.
• Automate onboarding, reporting, and audit activities using PowerShell, Python, and REST APIs.
• Implement enhancements across SWS, SIA, SCA, Identity integrations, and platform workflows.
• Work closely with the SOC team to ensure testing of use cases for monitoring, privileged user movement and control are captured, support the log requirements from SOC team for SIEM integration

3. Hardening, Security & Compliance

• Perform CyberArk server hardening, patching, and configuration updates in alignment with industry standards (CIS, NIST, ISO
• Review and enhance access policies, certificates, TLS configurations, and session security.
• Ensure all privileged activities meet organizational compliance and governance mandates.

4. Audit Support & SOP Management

• Create SOPs to support audit evidence, log extracts, configuration details, and system reports during internal and external audits.
• Review and update SOPs, runbooks, operational documents, and ensure adherence to best practices – Implement Check the Checker
• Provide technical support in closing audit observations and implementing remediation measures

5. Troubleshooting & Platform Optimization
during implementation/ gaps remediation phase

• Analyze error logs, vault logs, PSM/CPM issues, and session failures to identify root causes.
• Work closely with Windows/Linux, AD/LDAP, network, and application teams for cross-platform troubleshooting.
• Perform regular performance reviews and optimize CyberArk components for stability and efficiency.

6. System & Infrastructure Management

• Review and install licensing/ requirements to enable Cyberark functionality
• Administer Windows Server and Linux systems supporting CyberArk components.
• Manage service accounts with dependencies across applications, databases, and OS.
• Integrate CyberArk with Active Directory/LDAP and Identity systems

equired Experience

• 8-10 years of hand on experience in CyberArk PAM operations, development, and administration, architecture reviews and cyberark configuration, master policy creation
• Strong expertise in CyberArk Privilege Cloud (ISPSS), SWS, SCA, WPM, SIA.
• Advanced scripting skills (PowerShell/Python) and REST API experience.
• Exposure to other PAM platforms. Arcon preferred.
• Strong troubleshooting skills with hands-on log analysis and issue isolation.
• Prior experience working with SOC/NOC or enterprise security operations teams.

Preferred Certifications

• CyberArk CDE-PAM
• CyberArk Certified Privilege Cloud (CPC) Delivery Engineer
• CyberArk Sentry – Privilege Cloud
• CISSP, CEH, CHFI, SSCP, CCSP (added advantage)

"Tech Mahindra is an Equal Employment Opportunity employer. We promote and support a diverse workforce at all levels of the company. All qualified applicants will receive consideration for employment without regard to race, religion, color, sex, age, national origin or disability. All applicants will be evaluated solely on the basis of their ability, competence, and performance of the essential functions of their positions with or without reasonable accommodations. Reasonable accommodations also are available in the hiring process for applicants with disabilities.