Swapnil Mungekar

• Leading the IAM team: I will need to provide direction and leadership to my team, ensuring that they have the necessary resources, skills, and training to carry out their work effectively.
• Strategy development: I will need to develop an IAM strategy that aligns with the organization's overall objectives and goals. This may involve identifying and prioritizing the organization's critical assets, evaluating risks, and developing policies and procedures to mitigate them.
• Identity and access governance: I will be responsible for defining and implementing IAM governance policies and procedures. This includes defining roles and responsibilities, developing access control policies, and defining procedures for user account management, password policies, and access requests.
• Technology management: I will need to have a deep understanding of the technology landscape, including identity and access management systems, authentication protocols, and data security technologies. You will be responsible for selecting and implementing IAM technologies that are appropriate for the organization's needs.
• Compliance and audit: I will need to ensure that the organization's IAM practices comply with regulatory requirements, such as HIPAA or PCI. This may involve coordinating with auditors to ensure that IAM controls are in place and effective.
• Risk management: I will need to identify potential risks and vulnerabilities in the IAM system and develop risk mitigation strategies. This may include developing incident response plans and conducting periodic risk assessments.
• Collaboration: I will need to collaborate with other teams, such as IT Security, Network Operations, and Application Development, to ensure that IAM policies and procedures are integrated into the overall technology environment.
• Stakeholder management: I will need to manage relationships with internal stakeholders, such as business units and senior management, to ensure that IAM practices align with business objectives and priorities.
• Training and awareness: I will need to develop and deliver training and awareness programs to educate employees on IAM policies and procedures and ensure that they are followed.
• Endpoint Privileged Managed (EPM) engineer with demonstrable experience on managing CyberArk Privileged Access EPM Cloud for Server and endpoint devices management solutions.
• Secured and managed privileges on endpoints using CyberArk Endpoint Privilege Manager (EPM).
• Key Achievement: Led the operational support for CyberArk EPM by resolving tickets and troubleshooting technical issues.
• Created and managed the elevation of privileges on endpoints, providing temporary and controlled access to privileged accounts.
• Implemented, managed, and monitored application control by enforcing application policies.
• Managing support tickets and enforcing granular access control to limit privileged access to authorize individuals only. Implementing Just-In-Time (JIT) elevation, granting temporary access to privilege accounts when needed.
• CyberArk PSMP and PVWA Deployment via CICD tools.
• Dashboard creation for error analysis and troubleshooting related to CyberArk CPM (Central Policy Manager)
• PowerShell scripting for account management and operations in CyberArk
• Testing and implementation of CyberArk security bulletins and patches
• Cloud migration and server rebuilds for CyberArk components
• Vulnerability management and risk assessments for CyberArk infrastructure
• Integration of various platforms with CyberArk, including LDAP, servers, databases, and middleware
• Configuration and troubleshooting of CyberArk infrastructure monitoring using tools like Splunk, AppD, Datadog, Nagios, and Grafana
• Analysis and identification of gaps in user access management, privilege access management, and application access management
• Experience with CyberArk Web Service APIs/SDK and integrating CyberArk with monitoring tools and SIEM technologies
• Handling major incidents and restoring services, as well as working on root cause analysis (RCA)
• Integration experience with third party tools like, SIEM systems, MFA, ticketing systems
  such as ServiceNow, enterprise monitoring and alerting using SNMP.
• Setting up new policy configurations based on business requirements
• Shift-based, 24x7 infrastructure support for cloud-based applications

• Participating in the design and implementation of CyberArk suite for JP Morgan Chase.
• Installing, implementing, and integrating privileged access management solutions.
• Creating a risk register and implementing the required controls to mitigate risk and ensure there is no critical impact on business.
• Performing application risk assessments and gap assessments.
• Identifying gaps in the current logical access process and creating a risk and control matrix.
• Performing analysis and identifying gaps in user access management, privileged access management, and application access management.
• Working on backup and DR components of CyberArk PAS.
• Configuring, integrating, and troubleshooting CyberArk Privileged Account Security (PAS) Infrastructure.
• Administering privileged accounts of various Windows and UNIX accounts using CyberArk components.
• Integrating various platforms with CyberArk, such as different LDAP providers, Windows servers, UNIX servers, databases, networking devices, middleware, and custom applications.
• Integrating PAS with ticketing systems, Active Directory, security logging and monitoring, enterprise monitoring and alerting using monitoring tools.
• Using CyberArk Web Service APIs / SDK.
• Integrating CyberArk with monitoring tools and SIEM technologies.
• Handling complex changes and demand related to CyberArk.
• Supporting and managing major incidents and responsible for restoring the service and working on RCA.
• Setting up new policy configurations based on business requirements.
• Having good knowledge of SQL, PLSQL, UNIX, AD, and Windows platform to CyberArk Platform Management.
• Testing and implementing new security patches related to CyberArk Vault.
• Planning and managing major upgrades of CyberArk Vault and its components.
• Renewing SSL Cert for CyberArk Password Vault Web Access (PVWA) individual URL’s.
• Approving ITSM changes raised by other teams and ensuring there is no impact on the environment.
• Participating with the resiliency team to implement changes like Sustain resiliency test / High Availability Test / data center performance test twice a year.
• Responsible for PLM patching of CyberArk servers scheduled every weekend.
• Experience with CyberArk Web Service APIs/SDK and integrating CyberArk with monitoring tools and SIEM technologies
• Endpoint Privileged Managed (EPM) engineer with demonstrable experience on managing CyberArk Privileged Access EPM Cloud for Server and endpoint devices management solutions.
• Secured and managed privileges on endpoints using CyberArk Endpoint Privilege Manager (EPM).
• Key Achievement: Led the operational support for CyberArk EPM by resolving tickets and troubleshooting technical issues.
• Created and managed the elevation of privileges on endpoints, providing temporary and controlled access to privileged accounts.
• Implemented, managed, and monitored application control by enforcing application policies.
• Managing support tickets and enforcing granular access control to limit privileged access to authorize individuals only. Implementing Just-In-Time (JIT) elevation, granting temporary access to privilege accounts when needed.
• Providing 100% CAA (Critical Application Availability) for GIAM applications to ensure smooth delivery of business services to internal and external customers of the firm.

AAAS (Automation as a Service):

• Creating and managing multiple automations for component service restart/HA/DR/failover activities.
• Saving time and avoiding the use of passwordless connectivity, which helps with audit compliance.
• Ensuring that the automation workflows are functioning correctly and troubleshooting any issues that arise.
• Collaborating with other teams to understand their requirements and incorporate them into the automation workflows.

Beyond Trust:

• Implementing Privileged Access Management (PAM) solutions for Windows AD/UNIX/DBA platforms.
• Managing the infrastructure components of Beyond Trust, such as UVM/Terminal Servers.
• Monitoring tomcat instances and log activity across environments using AppDynamics/Splunk.
• Troubleshooting any issues related to PAM and ensuring that the solutions are functioning correctly.
• Collaborating with other teams to understand their requirements and incorporate them into the PAM solutions.

SSO (Single sign-on) SiteMinder:

• Offering SSO to new applications by onboarding them into the infrastructure.
• Creating, managing, and administering agents, authentication schemes, user directories, agent configuration objects, host configuration objects, logs, and cache management.
• Onboarding applications into SAML and working with vendors to update certificates and troubleshoot issues.
• Troubleshooting issues related to SSO, authentication, and authorization for achieving SSO and LDAP issues.
• Performing daily health checks of the applications, scripts, and infrastructure supporting these tools.
• Participating in audit support activities related to Information Security, for both internal and external audits.
• Evaluating service level issues and suggested enhancements escalated by Service Delivery Team to diagnose and address underlying system problems and inefficiencies.

RSA Secure ID:-

• Maintaining the health of RSA Secure ID infrastructure by conducting regular health checks and ensuring the operational support and availability of the server.
• Ensuring that the RSA Server is up-to-date and patched to address any security vulnerabilities.
• Managing and maintaining RSA Token files, which includes uploading new tokens, maintaining existing token files, and troubleshooting any issues with tokens.
• Handling and resolving token errors, reporting requirements, and user access errors in a timely manner.
• Coordinating with vendors if the issue still persists and acting as a bridge between vendors and internal teams.
• Developing and maintaining documentation related to RSA Secure ID infrastructure and its processes.
• Collaborating with other teams to ensure the integration of RSA Secure ID into the overall security infrastructure.
• Participating in audit support activities, as they pertain to Information Security, for both internal and external audits.
• Evaluating service level issues and suggested enhancements escalated by Service Delivery Team to diagnose and address underlying system problems and inefficiencies.

• Providing level 1 and 2 assistance on CyberArk PIM privileged identity management
• Analyzing, designing, integrating, and deploying the privileged identity management solution set
• Onboarding of platforms and applications such as Windows and UNIX servers, VMware ESXi hosts, Services, Middleware and Databases.
• Leading and participating in privileged identity management design and implementation including automation, authorization and authentication, request and approval workflow, creation / disablement of target infrastructure.
• Liaising with Cyber-Ark engineering team for up-gradation and updating latest patches on EPV and EPV-AIM.
• Liaising with L2 and L3 Production support team for issues related to SSO authentication and authorization.
• Responsible for preparing test data, test scripts, client demo of the processes.
• Recommending enhancements to improve information security, including the evaluation and selection of security products and services.
• Interface with Information Risk Managers to identify potential access control risk issues.
• Following process and procedures to ensure compliance with policy. Report all suspicious activity or non-compliant access rights to management and IRM.
• Liaising with IT controls team to identify gaps in the current process which needs to address in order to manage the privileged access in conformance with the strategy.
• Analyzing how/whether Cyber-Ark can fill those gaps and whether changes in process are also required.
• Patterning with internal and external auditors to fulfill the regulatory requirements.
• Participating in implementation of security-related projects for new/enhanced technology.
• Performing required tasks to implement new or enhanced security products and tools on supported platforms.
• Engaging other technical support groups as deemed appropriate.
• Identifying process deficiencies and suggesting improvements.
• Coordinating with internal and external auditors to accomplish the regulatory requirements.
• Managing the research, develop systems and document solutions for intrusion detection, high-security networks, information protection strategies, user management and control systems, and ITSEC challenges.
• Troubleshooting CyberArk Privileged Account Security (PAS) Components for operational issues.
• Administering Active Directory Users & Groups /Computers.
• Performing general system administration duties on a Windows Active Directory environment.
• Managing the Active Directory Services & Creation of Domain ID’s.
• Responsible for Access Remediation on Shared Folders.
• Responsible for Change Management Support - ITSM Approval/Implementation.
• Updating Knowledge Objects to reduce Incident Tickets.
• Responsible for participating in RCA call and making sure it gets closed with proper information.
• Preparing shift schedules for the team.
• Responsible for attending Priority1 Calls/issues.
• Providing on-call support.

• Integrating Windows Active Directory with Mac OS using third-party software (Centrify).
• Troubleshooting all Apple products, including iPhone, iPad, iPod, Mac Notebook, and Desktop.
• Installing applications and performing OS upgrades on Apple products.
• Migrating Windows Server 2003 R2 to Windows Server 2012.
• Installing and managing Symantec Endpoint Protection Manager for servers and clients.
• Administering and troubleshooting Windows servers.
• Maintaining inventory of Apple products and related software licenses.
• Collaborating with other IT teams to ensure smooth operations and minimal downtime.
• Providing technical assistance and support to end-users via phone, email, or in-person.
• Resolving technical issues related to hardware, software, and network connectivity.
• Documenting and tracking all issues and resolutions using ticketing systems or other tools.
• Maintaining and updating knowledge base articles and standard operating procedures.
• Participating in on-call rotation and providing after-hours support as needed.
• Monitoring system performance and ensuring the availability of critical systems.
• Maintaining system security by implementing best practices and industry standards.
• Conducting system backups and recovery procedures as needed.
• Providing training to end-users on software and hardware usage.
• Assisting with procurement and asset management for Apple products and related software.

• Windows server administration and basic troubleshooting: This may include tasks such as server installation, configuration, maintenance, and problem resolution.
• Application installation and upgrades: Installing and upgrading software applications on various systems.
• Customer support: Providing technical support to customers for a variety of hardware and software issues related to Windows and Apple products.
• Assessment of hardware and software products: Analyzing the functionality and limitations of various computer-related hardware and software products.
• Troubleshooting application and software problems: Diagnosing and resolving application or system issues as they arise.
• Technical documentation: Maintaining technical documentation to ensure the assigned systems are operational and efficient, and enhancing the documentation as needed.
• Vendor communication: Communicating with software and hardware vendors to request service regarding malfunctioning products.
• Active Directory user management: Creating and managing user accounts in Active Directory users and computers.
• Endpoint protection: Managing antivirus servers and ensuring endpoint protection for systems.
• Working with services: Working on services such as DHCP, DNS, and IIS.
• Firewall management: Working on Fortigate Firewall and taking backups on a daily basis.
• Backup management: Working on Symantec Backup Exec Server and managing mailbox backup and restore for Apple MAIL application.
• Mail configuration: Configuring mail and Entourage accounts and managing administration of POP3 mailboxes.
• FTP management: Creating and managing FTP for users.

• Installing and upgrading applications: You are responsible for installing software applications on the system and ensuring that they are up to date with the latest updates and patches.

• Troubleshooting and resolving application and software problems: You will be responsible for identifying and resolving technical issues related to hardware or software products.

• Maintaining technical documentation: You will be required to document technical information related to the systems and applications that you are responsible for.

• Communicating with vendors: You will be required to communicate with software and hardware vendors to request service regarding malfunctioning products and resolve any issues related to the products.

• Analyzing and enhancing technical documentation: You will be required to analyze and improve technical documentation to make the systems more efficient.

• Configuring new user mailboxes: You will be responsible for setting up new user mailboxes on local machines.

• Managing creation of new users in Active Directory: You will be responsible for creating and managing user accounts in Active Directory Users and Computers.

• Windows Server Administration: This involves managing and maintaining Windows servers to ensure their optimal performance and availability. You may be responsible for installing updates and security patches, configuring server roles, monitoring server performance, and troubleshooting server issues.
• Application Installation and Upgrades: This involves installing and upgrading applications on desktops and servers. You may be responsible for testing applications, managing software licenses, and ensuring that applications are compatible with the underlying operating system and hardware.
• Customer Support: This involves providing technical support to end-users who encounter hardware and software issues. You may be responsible for troubleshooting problems, answering questions, and resolving issues remotely or onsite.
• Product Evaluation: This involves researching, testing, and evaluating new hardware and software products to determine their functionality, limitations, and suitability for use in the organization.
• Troubleshooting: This involves identifying and resolving issues with software, hardware, and network systems. You may use a variety of diagnostic tools and techniques to troubleshoot problems, and may work with vendors to resolve more complex issues.
• Vendor Management: This involves communicating with vendors to request service for malfunctioning products, managing vendor relationships, and negotiating contracts for products and services.
• Endpoint Protection: This involves managing and maintaining antivirus servers to ensure that endpoints are protected against malware and other security threats.
• Networking Services: This involves configuring and managing DHCP, DNS, and IIS services to ensure that network systems are functioning properly.
• Operating System Installation: This involves installing and configuring operating systems on desktops and servers, including Windows and Mac OS.
• Data Backup: This involves managing and maintaining data backup systems, including using Time Machine to take regular backups of important data.
• Virtualization: This involves using virtualization tools like VMware and Parallels to install and run Windows on Mac machines. You may be responsible for configuring virtual machines and troubleshooting issues that arise.