Beschreibung
A global Swiss Bank is looking for an IT Security Specialist / CyberArk Privileged Access Management Engineer, to be part of a Security Engineering team.Workload 100%
Workplace Zurich
Start Date 03.10.2016
End Date 02.01.2017 (extension possible)
Reference Number 3716
Tasks
The Identity and Access Management team within Security Engineering, develops implements and supports a global suite of solutions. The team manages the vendor products CyberArk PIM for handling privileged access to infrastructure.
• Delivering UNIX and Windows solutions and support ongoing design and engineering of existing privileged access management solutions, including bespoke firecall and break-glass products.
• Pick up knowledge of existing privileged access management, firecall and break-glass tools.
• Transition reliance on legacy solutions to strategic products.
• Work with the CyberArk engineering team to determine how new privileged access requirements can be met using CyberArk's rules, policies, workflow features and integration points, instead of legacy tools.
• Facilitate decommissioning of legacy privilege access management solutions.
• Liaise with the system architect to understand the company target architecture for infrastructure privileged access and the high-level requirements for the privileged access management solution.
• Understand the company processes and tools that are part of the "eco-system" within which the solutions must operate, including entitlements management and review, inventory, problem ticketing, change management, security logging and monitoring, as well as various legacy privileged session management solutions that are in use.
• Design and implement solutions to address requirements relating to the management of privileged entitlements, authentication of privileged users, break-glass workflows, operational issues, availability and timeliness of the solution, monitoring and logging of privileged activities, platform lifecycle events such as the creating or decommissioning target servers and their impact on privileged accounts, retention of audit data, and regulatory constraints around the locations of privileged users and target systems.
• Be part of an engineering team that provides third-level support for owned services.
• Extend 3rd-lvel support of CyberArk solution.
• Help design and implement custom enhancements and components that augment CyberArk functionality and enable it to work in restricted locations and business areas where bespoke solutions are relied upon.
Requirements
• Min. 5 years of experience, programming using scripting and platform languages e.g. Perl, JAVA, C++, Python, .NET, Powershell.
• Min 5 years of experience engineering solutions with Oracle PL/SQL, Microsoft MSQL and Sybase back-end.
• Experience using CyberArk privileged session management product and/or Avecto Privilege Guard products.
• Extensive experience working in a large and complex multinational corporation, preferably in financial services or similar IT service area.
• Strong technical IT background.
• Good understanding of IT security, risk management, identity and access management, and privileged access management.
• Knowledge of high availability and business continuity requirements of enterprise systems.
• Able and willing to learn the processes, systems and tools used in a large complex and organisation, including a varied and extensive landscape of legacy systems.
• Strong analysis skills from an IT perspective.
• Hands-on engineering experience with CyberArk, including Safe design, CPM and PVWA policy design in PIM/PSM version 9.x.
• Experience with developing solutions leveraging LDAP directories.
• Knowledge of Single Sign On Systems, SIEM systems, ticketing systems such as ServiceNow, enterprise monitoring and alerting using SNMP.
• Experience in IT Infrastructure service delivery. 3rd level application support.
• Good understanding of process design and implementation including good knowledge and experience of ITIL and incident management processes.
• Knowledge of regulatory issues facing large financial organisations.
• Understand the strategy for infrastructure privileged access control in the company and the drivers in terms of risk and regulatory control.
Soft Skills
• Motivated, self-driven and well-rounded.
• Able to chase down technical solutions and overcome procedural and process-based obstacles.
• Ability to finde respective subject matter experts in an environment and get answers.
• Confident and able to communicate effectively with staff with different levels of technical understanding.
• Able to articulate complex problems and solutions in an engaging and understandable manner.
• Ability to work effectively in an environment where English is the principal language of the business, and with colleagues whose first language is not English.
Michael Wirz
Junior Business Consultant