Cyberark Engineer

The CyberArk Engineer shall be responsible for the following in the ATFMSI:
(a) Plan, manage, and monitor the CyberArk presence for the enterprise

(b) Review and maintain Active Directory, focusing primarily on password and account management

(c) Maintain operational, configuration, or other procedures

(d) Provide Tier III/other support per request from various business units; investigate and troubleshoot issues

(e) Extensive understanding and experience in implementing static/dynamic testing tools, web and database security assessment tools for example: SailPoint, CyberArk, CA PAM, Oracle IAM, Centrify, Radiant Logic and other and Continuous Diagnostics and Mitigation (CDM) approved products

(f) An extensive understanding and experience in implementing static/dynamic testing tools, web and database security assessment tools for example: IBM Appscan, Fortify, Checkmarx, BurpSuite, Appdetective, Guardium

(g) Experience with SIEM technologies and managing suite of tools to include Splunk Enterprise Security, QRadar, HP ArcSight, LogRhythm

CyberArk and IT SECURITY INCIDENT MANAGEMENT

CyberArk Tool Engineer shall take all necessary actions to ensure that all CyberArk/IT security incidents are handled and managed in accordance with the SIH Framework and the approved Technical SOP. The Contractor shall also implement measures to prevent the occurrence of CyberArk/IT security incidents. The Contractor shall support the Representative, Customer, Government-appointed Suppliers and Customer-appointed Suppliers in resolving IT security incidents when the need arises.

CyberArk Engineer informs the CyberArk/IT Security Incident Response Team, any other personnel or supplier appointed by the Representative, about the IT security incidents.

Responding, Initial Diagnosis and Escalation

(a) The CyberArk Engineer shall inform the parties listed in the Technical SOP within the Expected Response Timeline of the Incident Management.

(b) The information to be provided shall include the incident reference number, description, date and time and the impact (including who had been affected) of the incident.

Investigation, Diagnosis and Resolution

(a) The CyberArk Tool engineer shall resolve the CyberArk related incident or implement workaround within the Expected Resolution Timeline of the Incident Management process

Resolution for Preventing Recurrence of Security Incidents

(b) For cases where workarounds are implemented, the CyberArk Engineer shall identify the root causes and implement permanent resolutions according to the Problem Management process.

Closure

(c) The CyberArk Engineer shall be responsible to close all CyberArk/IT security incidents in accordance with the Incident Management process.

(b) For every IT security incident, the CyberArk Engineer shall submit to the Representative an incident report in draft within one (1) day and a final version within three (3) days of incident resolution, unless otherwise agreed by the Representative.

(d) The incident record shall be closed only when the incident report is accepted by the Representative. The Representative reserves the right to verify the details in the incident report against the associated incident record maintained by the CyberArk Engineer. The incident report shall be in the format defined by the Representative.

CyberArk Engineer Need to participate in following audit activities performed by 3rd party auditors or internal auditors:
(a) IT Security Review;
(b) IT Vulnerability Assessment;
(c) IT Security Penetration Testing; and

(d) IT Security Compliance Review.

**Requirements**:
(i) Minimally Five (5) years of experience in Implementation and Support of CyberArk Tools along with IT security governance and operation; and

(ii) CyberArk Certification, CISSP, CISM, CISA or Global Information Assurance Certification (GIAC) or equivalent

**Salary**: $4,000.00 - $8,000.00 per month

Work Location: In person