Job Title: T&T | Cyber: D&R I Assistant Manager | L2 CyberArk PAM Operations & Support Engineer | Bengaluru
T&T | Cyber: D&R I Assistant Manager | L2 CyberArk PAM Operations & Support Engineer | Bengaluru
• Job requisition ID : 107079
• Location: Bengaluru
• Entity: Deloitte Touche Tohmatsu India LLP
The team
Deloitte helps organizations prevent cyberattacks and protect valuable assets. We believe in being secure, vigilant, and resilient—not only by looking at how to prevent and respond to attacks, but at how to manage cyber risk in a way that allows you to unleash new opportunities. Embed cyber risk at the start of strategy development for more effective management of information and technology risks. Learn more about Cybersecurity
Your work profile
L2 CyberArk PAM Operations & Support Engineer
The L2 CyberArk PAM Operations & Support Engineer is responsible for advanced administration, troubleshooting, onboarding, and operational support for the CyberArk Privileged Access Management platform. The role involves handling complex incidents, implementing solutions, ensuring system stability, and supporting audit/compliance requirements while working closely with L1 and L3 teams.
Key Skills required:
3–6 years of experience in CyberArk PAM / IAM / Security Operations.
Strong understanding of CyberArk architecture (Vault, PVWA, CPM, PSM).
Hands-on experience in:
- Account onboarding and platform configuration
- Troubleshooting CPM/PSM/Vault issues
- Safe and access management
Knowledge of:
- Windows & Linux administration
- Active Directory (LDAP, group policies)
- Networking concepts (ports, firewall, load balancer)
Familiarity with:
- CyberArk logs and debugging
- PowerShell scripting (basic)
- ITSM tools (ServiceNow, Jira, Remedy)
Ability to perform RCA and handle escalations.
Strong communication and stakeholder management skills.
1. CyberArk PAM Administration & Operations
Administer and manage CyberArk components including Vault, PVWA, CPM, PSM, and PTA.
Perform advanced health checks and troubleshoot issues across CyberArk infrastructure.
Manage and optimize password management processes (verification, reconciliation, rotation).
Ensure high availability and performance of CyberArk systems.
2. Account Onboarding & Platform Configuration
Onboard privileged accounts using:
- Password management (PM) onboarding
- Service accounts, application accounts, and domain accounts
Configure:
- Platforms
- Policies
- Safe design and permission models
Customize CPM plugins or templates where required (basic level).
3. Advanced Incident Troubleshooting
Handle complex incidents such as:
- CPM failures and reconciliation issues
- PSM connection/session failures
- Vault connectivity/performance issues
Perform root cause analysis (RCA) and provide permanent fixes.
Work closely with L3/vendor support for unresolved issues.
4. Privileged Session & Access Management
Manage and troubleshoot PSM sessions (RDP/SSH) issues.
Ensure session recordings are captured and accessible.
Implement secure access workflows and access controls.
5. Compliance, Audit & Reporting
Support audit requests and provide CyberArk reports for:
- Access logs
- Session recordings
- Password management activities
Ensure compliance with internal security policies and regulatory standards.
Maintain proper documentation and SOP updates.
6. Integration & Automation
Integrate CyberArk with:
- Active Directory (LDAP)
- SIEM tools (Splunk, QRadar, Sentinel)
- Ticketing tools (ServiceNow etc..)
Basic scripting/automation using PowerShell or REST APIs.
7. Change & Release Management
Support CyberArk upgrades, patching, and DR activities.
Implement changes through change management processes.
Validate post-change system stability and functionality.
Preferred Certifications: -
- CyberArk Defender / Sentry Certification
- ITIL Foundation
- Any IAM / Security certification
Education : B.tech, BCA, B.E, or any relevant qualifications
