TC-CS-IAM-CyberArk Delenia-Senior

PAM (Delinea Secret Server) – Senior

Job Summary: 

The role will be primarily responsible for managing, engineering and enhancing Delinea Secret server operations within the enterprise environments. This includes new integrations, automation, and ongoing improvements to Privileged Access Management (PAM) processes. The candidate will ensure adherence to SLAs, maintain high-quality documentation, and contribute to secure, scalable PAM solutions with organizational compliance standards.

Key Responsibilities: 

Operations and Administration:

• Manage the day-to-day operations of Delinea Secret Server, including credential vaulting, health of the component servers, access provisioning, role-based access control and policy enforcement.
• Monitor system health, performances and logs to maintain high availability and proactively detect anomalies.
• Maintain and update operational documentation, knowledge base articles, architecture diagrams, and runbooks to streamline and support audits, compliance and knowledge transfers.

Engineering and Integration:

• Design and Implement PAM solutions by leveraging Delinea Secret Server.
• Integrate PAM with enterprise systems such as Active Directory, SIEM, ITSM, Cloud platforms to streamline privileged access governance.
• Develop and automate workflows for credential lifecycle management (Check-In/Check-Out, password rotation, expiration), policy enforcement.

Support and Troubleshooting:

• Provide L2/L3 support for incidents related to PAM operations, ensuring timely resolution and minimal business disruption.
• Collaborate with vendors, clients and internal teams to resolve issues and escalations.

Qualifications:

Education:

Bachelor or master’s degree in related field or equivalent work experience

.                   

Work Experience:                           

4-6 Years’ Experience

Skills Expertise

• Experience in implementing and managing Delinea Secret Server PAM solutions, including requirements gathering, design, deployment, testing, and ongoing support. 
• Strong knowledge of Distributed Engine configuration and management for scalable, multi-site deployments. 
• Expertise in Site Connectors (e.g., RabbitMQ) for secure replication, synchronization, and high-availability across distributed environments. 
• Experience in maintenance, upgrades, and patching of Delinea Secret Server environments, ensuring stability, security, and adherence to change management processes. 
• Hands-on use of Discovery features to identify unmanaged privileged accounts and bring them under PAM governance.
• Practical experience with advanced Delinea Secret Server features such as Approval Workflows, Event Subscriptions, Event Pipelines and Proxy (RDP/SSH).
• Knowledge of session monitoring and recording configuration, including alerting, audit log management, and compliance reporting. 
• Hands-on experience with certificate management, including installation, renewal, and troubleshooting of SSL/TLS certificates for secure communications. 
• Proficiency in PowerShell scripting to automate credential rotation, reporting, onboarding workflows, and policy enforcement. 
• Hands-on experience with Rest API integrations, leveraging Delinea Secret Server APIs for automation, reporting, and custom applications connectors. 
• Strong troubleshooting skills for integration issues with Active Directory, LDAP, databases, UNIX/Linux servers, Windows servers, middleware, and custom applications. 
• Familiarity with multi-factor authentication (MFA) integrations such as RADIUS, RSA, and SAML for enhanced privileged access security. 
• Integration expertise with ticketing systems (e.g., ServiceNow), SIEM tools (e.g., Splunk), and enterprise monitoring solutions (SNMP, Syslog).
• Good knowledge of Web/application servers (IIS, WebSphere, WebLogic, JBoss, Apache).
• Strong knowledge of network security protocols (Kerberos, SSL/TLS, OAuth) and their application in PAM environments. 
• Advanced communication and documentation skills, with the ability to collaborate across IT, security, and compliance teams. 
• Ability to create and maintain operational documentation, including runbooks, KB articles, architecture diagrams, and compliance evidence logs.

Certifications (preferred):

• Delinea Secret Server Certifications – Associate, Engineer and Consultant
• Cloud Platform Certifications - Microsoft Azure Security Engineer Associate, AWS Certified Security Specialist
• ITIL or equivalent
• Experience on multiple PAM solutions in addition to Delinea – like CyberArk, BeyondTrust, Hashicorp Vault, etc.

Work Requirements:

• Willingness to travel as required
• Willingness to be on call support engineer and work occasional overtime as required
• Willingness to work in shifts as required