Onico Solutions

Exceptional IT Staffing

CyberArk Information Security Analyst

The CyberArk Information Security Analyst is a seasoned security analyst whose main area of responsibility is to work with business and technology stakeholders to develop and implement sustainable identity and access management capabilities using CyberArk PIM technology tools.

This role is responsible for the design, implementation and daily operation of PIM technology tools (such as CyberArk); as well as the development and execution of processes for discovering, vaulting, operating and monitoring privileged accounts across various technology platforms and applications. This also includes the development and maintenance of operational metrics, architecture and process documents.

This role is also responsible for managing Multi Factor Authentication solutions and Public Key Infrastructure (PKI) platform, including the full life-cycle management of digital certificates across different technology platforms.

This role is part of the Information Security team, and as such, they will assist in the identification, investigation and resolution of security events; provide support for other security solutions, and to be aware of the security goals.

JOB ACCOUNTABILITIES

  • Implement, maintain and support CyberArk PIM technologies across various technology platforms and applications used by the organization.
  • Develop and integrated solutions for managing Privileged Identities and provide operational support
  • Work with technology and business teams to configure CyberArk (and/or other PIM/PIAM tools) for discovery, onboarding and management of privileged accounts from different platforms and applications.
  • Standardize vault management across platforms; and automate PIM process where applicable.
  • Design, implement, and modify policies for digital safes in password vaulting tool and ensure compliance with existing security policies.
  • Develop and maintain privileged identity user onboarding workflows and provisioning, access certifications and onboarding of application and platform users.
  • Support CyberArk integration with Active Directory, Microsoft Identity Management and other identity tools.
  • Participate in design efforts for integration PIM solutions and processes into new platforms and applications, along with troubleshooting application issues related to PIM.
  • Participate in research, architecture, design, and implementation of security technology solutions involving data encryption, digital certification management, data masking, Multi Factor Authentication, etc.
  • Manage the PKI infrastructure and the full life-cycle of digital certificates; develop and enhance digital certificate management processes to ensure security and availability of dependent platforms and applications.
  • Participate in the creation and maintenance of Information Security documents (policies, standards, baselines, guidelines and procedures), and key performance indicators.
  • Maintain up-to-date detailed knowledge of the Information Security industry (with enhanced focus on PIM technologies), including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
  • Recommend new security solutions or enhancements to existing security solutions to improve overall enterprise security posture
  • Participate in the deployment, integration and security configuration of new IT solutions and of any enhancements to existing IT solutions in accordance with standard best operating procedures and the enterprise’s security standards.

SCOPE OF RESPONSIBILITY:

  • Reduce privileged identity risks across technologies by developing, implementing and supporting the daily operations of CyberArk and digital certification technologies and processes.
  • Identification, assessment, and monitoring of information security risks.
  • Development and maintenance of key performance indicators and other information security metrics
  • Support for security audits and remediation of identified gaps.
  • Creation and maintenance of standards, baselines, guidelines and procedures.
  • Collaboration with different stakeholders to manage information security risks and incidents in a timely matter

EDUCATION AND EXPERIENCE REQUIREMENTS:

  • Post-secondary education in Computer Science or equivalent combination of education and experience that satisfy the requirements of the position.
  • Minimum 5 years of progressive responsibilities in managing privileged identity management technologies, public key infrastructure platform, enterprise digital certificate management solution, multi factor authentication, and other security solutions.
  • CISSP is a strong asset

 CORE COMPETENCIES AND SKILLS:

  • Expert knowledge and strong hands on experience configuring and administering CyberArk Privileged Identity Management, including Central Policy Manager, Password Vault Web Access, Privileged Session Management, etc.
  • Extensive knowledge of information security concepts, information and system architecture concepts.
  • Strong hands-on experience implementing and supporting Microsoft Public Key Infrastructure and Duo Multi Factor Authentication.
  • Excellent working knowledge of data encryption schemes and hands-on implementing and managing data encryption technologies.
  • Other working knowledge of variety of security technologies is considered an asset, including End Point Protection, IPS/IDS, Mobile Device Management (Mobile Iron), SIEM, L7 Firewalls (Palo Alto), Digital Certificates, Patch Management, URL filtering, Identity and Access management (IAM), etc.
  • Strong understanding of TCP/IP, IPSEC, SSL/TLS and other network and encryption protocols.
  • Strong understanding of all currently supported Windows operating systems; knowledge of Linux distributions is an asset
  • Proven analytical and problem-solving abilities.
  • Ability to effectively prioritize and execute tasks in a high-pressure environment.
  • Excellent written, oral, and interpersonal communication skills.
  • Proven ability to conduct research into Information Security issues and security products as required.
  • Proven ability to present ideas in business-friendly and user-friendly language.
  • Highly self-motivated; able to work with minimal supervision.
  • Team-oriented and skilled in working within a collaborative environment.

This is a permanent position with an annual salary of $90,000.00 – $100,000.00 plus 17% bonus & benefits located in downtown Toronto, ON