Security Architect
Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills : CyberArk Privileged Access Management
Good to have skills : NA
Minimum 5 year(s) of experience is required
Educational Qualification : 15 years full time education
Summary: We are seeking a highly skilled CyberArk professional who can provide L2/L3 operational support for CyberArk Privileged Access Security (PAS) environments and lead migration projects from Self-Hosted (CorePAS) to CyberArk Privilege Cloud (P-Cloud). This role combines day-to-day platform administration with strategic migration responsibilities, ensuring system performance, security, and compliance. Roles & Responsibilities: -Provide daily support for CyberArk components: PVWA, Vault, CPM, PSM, PTA. -Monitor servers, services, and overall system health. -Troubleshoot issues such as: -CPM password rotation failures -PSM session connectivity problems -Authentication failures (LDAP/SAML/MFA) -Vault communication issues -Perform Safe & platform maintenance, patching, and upgrades. -Handle onboarding requests for privileged accounts, platforms, and safes. -Incident & Problem Management -Provide L2/L3 support for CyberArk incidents and service requests. -Perform Root Cause Analysis (RCA) and implement permanent fixes. -Manage password rotation failures, CPM issues, and PSM connection problems. -Access Management -Configure new platforms, workflows, and password policies. -Manage Safe permissions, roles, and user provisioning. -Configure Dual-Control, session recording, and access approvals. -Support application onboarding with AppID/AIM/Credential Providers. -Migration Planning & Execution -Assess existing Self-Hosted CyberArk CorePAS environment. -Perform gap analysis, readiness assessment, and architecture review. -Develop migration roadmap, timelines, runbooks, and success criteria. -Execute migration from on-prem to CyberArk Privilege Cloud (P-Cloud): -Safe migration & recreation -Account and platform migration -CPM policy mapping -PSM connector replacement -SSH key & password rotation migration -Integrate applications, service accounts, and privileged users into P-Cloud. -Technical Responsibilities -Reconfigure platforms, Safe structures, and authentication methods (LDAP, SAML, MFA). -Rebuild workflows for password rotation, access approvals, and session initiation. -Work with network, IAM, DevOps, and application teams for successful cutover. -Testing & Validation -Conduct UAT, functional testing, and post-migration validations. -Validate CPM/PSM performance, platform compatibility, and session connectivity. -Maintenance & Security -Conduct periodic health checks, patching, and software updates. -Ensure compliance with audit requirements and generate audit reports. -Review logs, session recordings, and anomalous activity alerts. -Automation & Scripting -Develop PowerShell/Python scripts for: -Bulk onboarding -Audit reports -Safe/platform automation -Use CyberArk REST APIs for integration and automation. -Documentation & Governance -Maintain runbooks, SOPs, and knowledge base articles. -Create detailed migration documentation, architecture diagrams, and SOPs. -Train support teams on P-Cloud operations and troubleshooting. Professional & Technical Skills: - 6–10 years of hands-on experience in CyberArk PAM implementation and administration. -Expertise in PVWA, Vault, CPM, PSM, PTA. -Proven experience in CorePAS ? Privilege Cloud migration. -Familiarity with AAM, AIM, Conjur (added advantage). -Strong troubleshooting and monitoring skills. -Knowledge of Windows, Linux, Active Directory, SAML, MFA integrations. -Hands-on experience with CyberArk REST APIs. -PowerShell/Python scripting knowledge is a plus. -Certifications (Preferred) -CyberArk Defender (CAU201) -CyberArk Sentry (CAU301)Deep understanding of privileged access security, least privilege, and compliance Additional Information: - The candidate should have minimum 5 years of experience in CyberArk Privileged Access Management. - This position is based at our Bengaluru office. - A 15 years full time education is required.
Bengaluru
Equal Employment Opportunity Statement
All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.
Please read Accenture’s Recruiting and Hiring Statement for more information on how we process your data during the Recruiting and Hiring process.
We work with one shared purpose: to deliver on the promise of technology and human ingenuity. Every day, more than 775,000 of us help our stakeholders continuously reinvent. Together, we drive positive change and deliver value to our clients, partners, shareholders, communities, and each other.
We believe that delivering value requires innovation, and innovation thrives in an inclusive and diverse environment. We actively foster a workplace free from bias, where everyone feels a sense of belonging and is respected and empowered to do their best work.
At Accenture, we see well-being holistically, supporting our people’s physical, mental, and financial health. We also provide opportunities to keep skills relevant through certifications, learning, and diverse work experiences. We’re proud to be consistently recognized as one of the World’s Best Workplaces™.
Join Accenture to work at the heart of change. Visit us at www.accenture.com.
We have been alerted to the existence of fraudulent messages asking job seekers to set up payment to cover various costs associated with establishing employment at Accenture. No one is ever required to pay for employment at Accenture. If you are contacted by someone asking for payment, please do not respond, and contact us at india.fc.check@accenture.com immediately.