Serves as an SME (Subject Matter Expert) for Privileged Identity Management domain and CyberArk.
- Work closely with the SMEs to assist in any activities that arise as part of new organizational initiatives, delivery of CyberArk related projects and initiatives.
- Lead/ assist in the development of a strategic tool roadmap for CyberArk.
- Design-level and hands-on skills with the following technologies:
o CyberArk Privileged Access Suite
o Secure Password Vault and Safes
o Central Policy Manager
o Privileged Session Manager
- Perform CyberArk Administration, including configuration of safes and platforms, as well as the on-boarding and off-boarding of privileged accounts.
- Liaise with Business Unit leads, end users and support teams for any new project/ initiatives related to Privileged Identity management.
- Assist with the deployment of CyberArk and integration of CyberArk with various applications e.g. Splunk for log monitoring.
- Analyse and manage resolution of CyberArk issues within limited time constraints to ensure end user/ projects operations.
- Create ad hoc and required reports in response to business needs.
- Maintain uptime targets and required functionality for CyberArk including incident and change management.
- Analyse and plan for new business project configuration and implementation and execute if required.
- Participate in and support capacity planning and disaster recovery testing.
- Attend to after-hours support and occasional on-call required to address incidents and work with regional and global team.
- Conduct the security surveillance access & activities monitoring for Privilege ID.
- Installation of application upgrades and patches as required.
- Conduct periodic attestation / recertification on Privileged ID access.
- Periodic review of Privileged ID access control and security monitoring standard procedures, policy and guidelines to ensure there are up-to-date.
- Develop, implement and maintain policies, procedures, training plans and other documentation. Provides relevant training as and when necessary.
- Ensure timely and effective identification, investigation, escalation (if any) and proper closure of detected anomalies / suspicious activities with concrete evidences.
- Able to collaborate with other teams to eliminate security threat / resolve security incident detected.
- Support and facilitate audit activities
- Develop recommendations for continuous improvement and support implementation.
- Maintain good working knowledge of industry trends, products, relevant laws and regulations.
- Adhere to all company policies as well as guidelines.
- Stay abreast of the information security, security threat environment, risk trends and technology developments related to your expertise.
- Degree qualified with at least 5+ years of relevant experience.
- Experience in CyberArk administration, including EPV, PSM, PVWA, CPM, and PTA.
- Detail-oriented individual with exception organization skills, including ability to work independently or as part of multiple teams.
- Detailed understanding of Privileged Identity and Access Management and Monitoring.
- Strong analytical and innovative problem solving skills with the proven ability to exercise flexibility and judgement in assessing business issues and risks in a dynamic environment.
- Good stakeholder management skills to collaborate with other departments.
- Good communication skills with ability to influence others and sell frameworks, processes and recommendations.
- Experience and have technical knowledge / skill in securing Privileged ID to operating system, database, application, security appliances and network devices.
- Experience in setting up and conducting security log monitoring & analysis on Windows,
- UNIX, Database & banking applications for detection of suspicious activities / attack.
- Experience using security monitoring tools such as CyberArk and Splunk.
- Preferably have system administration experience/skill on OS Windows, UNIX, Database and Banking applications.
- Good understanding of banking products and services.
We regret to inform that only shortlisted applicants will be notified.