Jan 2025 – Present · 1 yr 4 mos · Noida, Uttar Pradesh, India · On-site

Oct 2024 – Dec 2025 · 1 yr 2 mos · Noida, Uttar Pradesh, India · Remote

• As a PAM Leader
• Define and execute PAM strategies aligned with enterprise risk and compliance objectives
• Drive cross-functional stakeholder engagement across InfoSec, IT, audit, and compliance teams
• Lead PAM program governance, roadmap planning, maturity assessments, and reporting
• Establish and scale PAM Center of Excellence (CoE) and operating models
• Ensure alignment with regulatory requirements (e.g., ISO 27001, NIST, PCI-DSS, SOX)
• As a PAM Architect
• Design secure, scalable PAM solutions across on-prem, cloud, and hybrid infrastructures
• Develop vaulting strategies, session workflows, credential rotation policies, and access control models
• Architect PAM integrations with SIEM (Splunk, ArcSight), ITSM (ServiceNow), IGA (SailPoint), and DevOps tools
• Incorporate Zero Trust, least privilege, and just-in-time (JIT) access principles into designs
• Select, evaluate, and customize PAM tools like CyberArk, Delinea, HashiCorp Vault, BeyondTrust, etc.
• As a PAM Engineer / SME
• Lead end-to-end implementation, upgrade, migration, and support of CyberArk and related technologies
• Develop and troubleshoot PSM connectors, CPM plugins, API integrations, and automated onboarding scripts
• Implement and manage AAM (App2App), Conjur, PTA/SIEM integration, and high-availability setups
• Perform platform hardening, DR planning, patching, and secure configurations
• Create technical documentation, knowledge transfers, and L3 support processes

Feb 2023 – Oct 2024 · 1 yr 8 mos · Hybrid

• Hands-on deployment of CyberArk solutions, encompassing both on-premises and SaaS offerings.
• Utilise AWS deployment tooling (Terraform/ Containers) to enhance and optimise
• CyberArk in cloud environments.
• Contribute to the design and implementation of secure solutions, considering industry best practices.
• Deliver services into operations, ensuring the seamless integration and functionality of CyberArk solutions.
• Manage stakeholders effectively, providing clear communication and building strong working relationships.
• Work in a complex environment, adapting to changing requirements and collaborating with cross-functional teams.
• . Leading a team for CyberArk PAM , Sailpoint , HSM , ping SSO and Hashicorp vault
• . Cyberark Secure Cloud Access (SCA ) , Cyberark Cloud Entitlement (CEM) and Cyberark Dynamic privilege access for multi-tenant cloud architecture

Jun 2022 – Nov 2022 · 5 mos · Remote · Remote

• Subcontractors for cyberark to provide
• Cyberark PAM deployment and professional services
• Cyberark migration from on premises to privilege cloud
• Cyberark upgrades
• Connector and plug-in development
• Integration services

Jul 2021 – Feb 2023 · 1 yr 7 mos

May 2016 – Jun 2021 · 5 yrs 1 mo · London, United Kingdom · On-site

• Duestche Bank in Europe to provide financial and investment services. Bank’s CISO running the infrastructure access program to mitigate audit points in IAM area.
• Responsibilities:
• Part of the Bank’s CISO team for delivering the infrastructure program.
• Creating functional and non-functional requirements and converting into use cases for input in solution design
• Working with IAM team to help them mature process in regards to privilege identities and aligning with CyberArk PAS suite
• Taking inputs from security architecture board, Audit and compliance team to feed input in design documents for various key controls.
• Working on out of the box solutions for complex use cases and process driven use cases.
• Setting up the privilege eco-system to provide end to end implementation of privilege access , definitions , account model , assessment and setting up the proof-of-concept.
• Preparing project plans, defining delivery milestones, effort estimation and delivery acceptance criteria.
• Working with various IAM leader for defining role based access controls , segregation of duty (SoD) and implementation plans
• Engaging with various security team to provide integration path with privilege identity product & IAM
• Engaging with various infrastructure and application team to understand their use cases in regards to privilege access and demonstrating the proof of concept.
• Design; build the solution in development and hand over it to UAT and production teams.
• Wide implementation of application and identity management (AIM) module to protect hardcoded and embedded application passwords to meet CBEST requirements.
• Dell NetIQ implementation review and inputs to designing the solution
• Setting up the privilege threat analytics to ensure security controls are in place
• Upgrade of CyberArk 9.6 to latest CyberArk solution 9.9.5 on Windows 2012

Jun 2015 – Nov 2016 · 1 yr 5 mos · New Delhi Area, India

• Part of the company’s Cyber Security program for providing object identity management solutions.
• Develop, manage, and execute project plans and timelines for key deliverables of enterprise PAS/SIM implementations
• Assist with on-site implementations and customer communications
• Collaborate in the ongoing development of training materials and curricula
• Consult with enterprise level customers about network security and privileged account security
• Installation & Implementation of CyberArk 9.5 on cloud.
• Integration of CyberArk with Cloud technologies
• Integration of CyberArk with DUO two factor authentication
• Wide implementation of application and identity management (AIM) module to protect hardcoded and embedded application passwords
• Designing and implementation of CyberArk solution with technologies like CloudLake , Palo Alto Networks , Amazon Web Services (AWS), BOSH , Jenkins, Juniper , Cisco nexus, Infoblox, Cybertest , Nuester etc.

May 2014 – Jun 2015 · 1 yr 1 mo · Noida Area, India

• Architectural designing of Cyberark 8.2 solution to cover almost all privileged accounts.
• Involved in information gathering and understanding existing system of the organization and creating solution blueprint for solution and creating approach to onboard privileged entities.
• Integration with SIEM tools for security on monitoring e.g NimSoft and Qualys guard.
• Heavily involved in creating all the process and transitioning documents..
• Worked extensively in implementation and deployment of On demand privilege manager(OPM) , PSMP for UNIX servers and AIM for database servers.
• Creating BYOC to support existing IT framework.
• Involved in writing test cases and conditions.
• Troubleshooting the technical issues in the project during implementation.
• Customizations Cyber-Ark for supporting out of box application e.g. HP ILO , DRAC , Private Ark client, PVWA web interface for Cyberark admin.

Jul 2012 – May 2014 · 1 yr 10 mos

• . implementation and configuration of Identity management tools on production environment ..
• Installation, Integration and configuration of CyberArk PIM tool 7.1 and 8.1 with Windows and Unix servers
• Involved in information gathering and understanding existing system of the organization.
• Involved in planning and defining design approach.
• Worked extensively in implementation of Privileged Identity Management suite for Windows,UNIX and Database servers.
• Worked extensively in implementation of OPM for UNIX servers and AIM for database servers
• Involved in documentation for the project.
• Involved in writing test cases and conditions.
• Troubleshooting the technical issues in the project during implementation.
• Administration of Seclore – Information Right Management Application hosted in cloud.

Oct 2011 – Jul 2012 · 9 mos

• Categorize all incidents and alerts and preparing knowledge articles following ITIL best procedure
• Window Administration & UNIX/Linux User ID Administration
• FTP Creation
• HMC User ID Management
• Security implementation by using ACL's & special file permissions
• Creating File system and configure to available network through NFS
• Monitoring system logs and root's email for important messages such as errors and warnings or hardware fail errors
• Managing Disk File Systems, Server Performance, Users Creation and Granting file access Permissions
• Creation of groups, adding User ID to a group as a primary or secondary group, removing User ID from a group
• Configuring & Managing Printers
• Troubleshooting with start of daemons
• Mirroring of root disk in AIX and Linux
• Trouble shooting User's login & home directory related issues
• Managing (adding/removing) disks and partitions (LVM)
• Monitoring of All UNIX/Linux flavor like AIX, SunOS, Linux
• Samba Server configuration with Samba Clients
• Managing user and groups on NIS+, LDAP and Unix servers.
• SSH key management on UNIX servers and securing keys.
• Participated in on-call rotation to provide 24×7 technical support.