Privileged Access Management / CyberArk Engineer (f/m)

Zurich  ‐ Vor Ort
Dieses Projekt ist archiviert und leider nicht (mehr) aktiv.
Sie finden vakante Projekte hier in unserer Projektbörse.

Beschreibung

Bosshard & Partner is looking with Mandate 2734 for a Privileged Access Management / CyberArk Engineer (f/m).

Project environment

The Identity and Access Management team within Security IT develops implements and supports a global suite of solutions to the global Swiss Bank. The team manages the vendor products CyberArk PIM and also OPM for Windows (a.k.a. Avecto Privilege Guard) for managing privileged access to infrastructure.

A self-driven, well-rounded Security Engineer with experience delivering UNIX and Windows solutions, is required to support ongoing design and engineering of existing privileged access management solutions, including bespoke firecall and break-glass products.

Tasks

• Understand the strategy for infrastructure privileged access control in the bank and the drivers in terms of risk and regulatory control.
• Pick up knowledge of existing privileged access management, firecall and break-glass tools.
• Transition reliance on legacy solutions to strategic products. Work with the CyberArk engineering team to determine how new privileged access requirements can be met using CyberArk's rules, policies, workflow features and integration points, instead of legacy tools.
• Facilitate decommissioning of legacy privilege access management solutions.
• Liaise with the system architect to understand the banking target architecture for infrastructure privileged access and the high-level requirements for the privileged access management solution.
• Understand the banking processes and tools that are part of the "eco-system" within which the solutions must operate, including entitlements management and review, inventory, problem ticketing, change management, security logging and monitoring, as well as various legacy privileged session management solutions that are in use.
• Design and implement solutions to address requirements relating to the management of privileged entitlements, authentication of privileged users, break-glass workflows, operational issues, availability and timeliness of the solution, monitoring and logging of privileged activities, platform lifecycle events such as the creating or decommissioning target servers and their impact on privileged accounts, retention of audit data, and regulatory constraints around the locations of privileged users and target systems.
• Be part of an engineering team that provides third-level support for owned services.
• Extend 3rd-lvel support of CyberArk and OPM for Windows vendor solutions into the Swiss environment.
• Help design and implement custom enhancements and components that augment CyberArk functionality and enable it to work in restricted locations and business areas where bespoke solutions are relied upon. This may involve some development work using a scripting language (such as PowerShell or Perl).

Requirements

• Strong technical IT background.
• Strong understanding of IT security, risk management, identity and access management and privileged access management.
• Knowledge of high availability and business continuity requirements of enterprise systems.
• Able and willing to learn the processes, systems and tools used in a large complex and organisation, including a varied and extensive landscape of legacy systems.
• Strong analysis skills from an IT perspective.
• Able to articulate complex problems and solutions in an engaging and understandable manner.
• Extensive experience working in a large and complex multinational corporation, preferably in financial services or similar IT service area.
• 5+ years of experience, programming using scripting and platform languages e.g. Perl, JAVA, C++, Python, .NET, Powershell.
• 5+ years engineering solutions with Oracle PL/SQL, Microsoft MSQL and Sybase back-end.
• Experience using CyberArk privileged session management product and/or Avecto Privilege Guard products.
• Fluent in English.

Nice to have

• Hands-on engineering experience with CyberArk, including Safe design, CPM and PVWA policy design in PIM/PSM version 7.x and/or the OPM for Windows / Avecto Privilege Guard solution is a big plus.
• Experience with developing solutions leveraging LDAP directories.
• Knowledge of Single Sign On Systems, SIEM systems, ticketing systems such as ServiceNow, enterprise monitoring and alerting using SNMP.
• Experience in IT Infrastructure service delivery. 3rd level application support.
• Good understanding of process design and implementation including good knowledge and experience of ITIL and incident management processes.
• Knowledge of regulatory issues facing large financial organisations.
• Understanding of Windows RDP.

Soft skills

• Motivated and self-driven. Able to chase down technical solutions and overcome procedural and process-based obstacles. Can find the respective subject matter experts in an environment and get answers.
• Confident and able to communicate effectively with staff with different levels of technical understanding.
• Ability to work effectively in an environment where English is the principal language of the business, and with colleagues whose first language is not English.

Workload: 100%
Start Date: 01.01.2015
Duration: 6 months
Workplace: Zurich

Did we gain your interest? Please do not hesitate to contact Mr Thomas Bigler at or
Start
01.2015
Dauer
6 Monate
Von
Bosshard & Partner Unternehmensberatung AG
Eingestellt
06.11.2014
Ansprechpartner:
Cloé Maglie
Projekt-ID:
803434
Vertragsart
Freiberuflich
Um sich auf dieses Projekt zu bewerben müssen Sie sich einloggen.
Registrieren