Cyber Security Analyst

Role Overview

The Cyber Security Analyst will ensure the secure handling of privileged accounts, provide timely resolution of operational issues, manage efficient onboarding processes, and maintain compliance with audit requirements. You will serve as a second-level technical contact for CyberArk-related issues, collaborating with cross-functional teams to uphold a robust PAM environment.

Key Responsibilities

• Daily Operations & Monitoring: Monitor CyberArk Vault, PVWA, CPM, PSM, PSMP, and PTA components for system health. Design, install, configure, and deploy CyberArk PAM solutions. Implement and integrate CyberArk components with Active Directory, LDAP, and SIEM tools (Splunk, QRadar). Review password rotation jobs and analyze logs for potential issues.
• Incident & Problem Management: Provide L2 support for CyberArk incidents. Troubleshoot password rotation failures, CPM errors, PSM access problems, and platform connectivity. Perform root cause analysis and implement corrective actions. Escalate critical issues.
• Privileged Account Lifecycle Management: Onboard privileged accounts across various systems (Windows, UNIX, databases, network devices, applications). Configure safes, access control policies, and rotation schedules. Ensure password changes and reconciliations meet security policies.
• Access Management & User Support: Manage user access for CyberArk. Support end-users with credential checkout and PSM session access. Conduct periodic access reviews.
• System Maintenance & Housekeeping: Perform regular health checks and cleanup of CyberArk components. Monitor storage, logs, and backup status. Update platform configurations and policies.
• Compliance, Reporting & Audit Support: Generate operational, audit, and compliance reports. Support internal and external audit activities. Ensure CyberArk configuration aligns with security standards.
• Integration & Enhancement Support: Support integration of new applications and systems with CyberArk. Configure and troubleshoot CPM/PSM plugins. Collaborate with teams for automation use cases.
• Security Monitoring & Incident Response: Review PTA alerts and privileged activity anomalies. Assist SOC and IR teams with investigations. Report suspicious behavior.
• Documentation & Knowledge Management: Maintain SOPs, runbooks, and architectural diagrams. Prepare troubleshooting documentation. Provide knowledge transfer to L1 teams.

Required Skills & Qualifications

• Hands-on experience with CyberArk components (Vault, PVWA, CPM, PSM, PTA).
• Hands-on experience with DR drills and CP/CCP.
• Strong understanding of PAM concepts and privileged account security.
• Experience troubleshooting CPM/PSM issues and account onboarding.
• Knowledge of Windows, Linux, network devices, and database authentication.
• Familiarity with ticketing tools (ServiceNow, JIRA).
• Basic understanding of scripting/automation.