Summary
Overview
Work History
Education
Skills
Certification
Personal Information
Timeline
Generic
SRIKAR THOTAKURA

SRIKAR THOTAKURA

ICT Security Consultant
Singapore

Summary

Results-driven Cybersecurity Specialist with over 9 years of expertise in Identity and Access Management (IAM), Privileged Access Management (PAM), and security operations. Experienced in designing, implementing, and managing enterprise-level security frameworks, specializing in CyberArk and AWS cloud environments. Proven track record of safeguarding critical infrastructure, optimizing privileged access control, and ensuring compliance within diverse IT ecosystems. Skilled at leading complex security projects and collaborating with cross-functional teams to enhance overall security posture.

Overview

8
8
years of professional experience
2016
2016
years of post-secondary education
4
4
Certifications
2
2
Languages

Work History

IAM & PAM Specialist (ICT Security Consultant)

Optimum Solutions Pte Ltd
12.2022 - Current
  • As a cybersecurity specialist, I serve as the Single point of contact and Subject Matter Expert (SME) for CyberArk, adeptly managing all facets of Privileged Access Management (PAM) operations.
  • End-to-End CyberArk Administration: Proficiently manage the entire CyberArk suite, ensuring optimal performance and security for privileged access management.
  • Component Upgrades & Patching: Lead and execute timely upgrades of CyberArk components (CPM, PSM, PSMP) in accordance with security bulletins and best practices.
  • Business-as-Usual (BAU) Operations: Expertly handle daily onboarding and offboarding of privileged accounts, maintaining meticulous records and adherence to security policies.
  • Advanced Troubleshooting & Resolution: Diagnose and resolve complex issues, including PSM session disconnections and CPM password rotation failures across diverse operating systems (Windows, Linux, Cisco Network devices, Palo Alto, Microsoft Entra, SD-WAN etc).
  • Privileged Account Lifecycle Management: Conduct periodic reviews of privileged accounts to ensure compliance, minimize risk, and optimize access.
  • End-User Support & SLA Adherence: Resolve end-user service requests and issues within defined Service Level Agreements (SLAs), ensuring high user satisfaction.
  • Privileged Account Discovery & Remediation: Conduct periodic scans for the discovery of privileged accounts across Windows and Unix operating systems, coordinating with server owners to onboard non-compliant accounts.
  • SOP Development & Management: Spearhead the creation of initial Standard Operating Procedures (SOPs) for CyberArk operations, ensuring comprehensive documentation of all PAM processes.
  • Policy Compliance & Best Practices: Periodically review and update CyberArk SOPs to ensure strict adherence to organizational policies and industry security best practices, including MAS TRM guidelines.
  • Security Posture Enhancement: Proactively identify and implement improvements to CyberArk operational procedures to strengthen the overall security posture and mitigate risks.
  • Disaster Recovery (DR) Management: Annually conducted comprehensive DR failover testing for CyberArk CPM and PSM components, validating the full functionality of both active and passive modules to ensure business continuity in disaster scenarios.
  • PAM Solution Evaluation & PoCs: Spearhead the evaluation of alternative Privileged Access Management (PAM) solutions (e.g., Delinea, BeyondTrust), including conducting Proofs of Concept (PoCs) to identify cost-saving opportunities.
  • Metrics & Reporting: Develop and present comprehensive PAM metrics for Technical Review Committee (TRC) meetings and providing data-driven insights.
  • License Management & Forecasting: Ensuring optimal PAM license utilization through routine reviews, provided detailed reports to the CISO, and managed budget forecasting for future renewals.
  • Cost-Effective Solutioning: Translate user requirements into cost-effective CyberArk solutions, such as deploying PSMP components to enhance user experience for Unix device connectivity.
  • Solution Evaluation & Decision Support: Evaluate new CyberArk solutions (e.g., Secure Web Sessions (SWS), Identity Security Platform etc) and provide recommendations to management on their suitability for the environment.
  • Benefit Projection & Approval: Project the benefits of non-cost involved CyberArk modules in monthly CGF calls and secure approvals from CGF members, including the CISO, Risk team, and Tech Operations Manager for implementing them in our environment.
  • Emerging CyberArk Solutions: Actively explore and plan for the adoption of new CyberArk solutions like Identity Security Platform Shared Services (ISPSS) and Secure Infrastructure Access, including developing upgrade roadmaps and coordinating cross-functional teams.
  • Infrastructure Optimization: Lead CyberArk server infrastructure upgrades (e.g., AWS c2x.large to c4x.large) to enhance user experience and system performance.
  • Certificate Management: Manage the renewal of SAML certificates/AWS cert manager certifications for CyberArk Single Sign-On (SSO) and html5 sessions, collaborating effectively with CyberArk support.
  • Ecosystem Integration: Integrate CyberArk with new components using marketplace plugins to enable seamless password rotation and session recordings, enhancing overall security posture.
  • Vendor Access Management (Alero): Manage vendor access using CyberArk Alero, including inviting vendors and conducting periodic PID recertification campaigns with manager approvals for auditability (e.g., OSPAR, SOC2 Type2).
  • Audit Compliance & Artefact Provision: Provide artefacts to auditors demonstrating PAM control compliance, such as regular password/key rotations adhering to access control policies.
  • Collaboration with CyberArk Support: Work closely with the CyberArk support team to resolve HTML5 GW-related issues for browser-based vendor sessions to target servers.
  • IAM Program Management: Managed and oversaw the organization's Identity and Access Management (IAM) security program under the CISO function, ensuring effective implementation and continuous improvement of security controls.
  • Policy Review & Least Privilege: Conducted thorough security reviews of IAM policies (specifically AWS IAM) requested by developers, focusing on implementing and enforcing least privilege principles.
  • Proactive Security Monitoring: Performed proactive security monitoring of access to critical network environments (Meraki, SD-WAN, Cisco ISE, Palo Alto), verifying the absence of unauthorized local accounts and enforcing mandatory multi-factor authentication (MFA).
  • Cloud IAM Security & Remediation: Executed detailed security reviews of AWS IAM configurations based on Tenable Cloud Security scan results, collaborating with developers from various AMCs to enforce least privilege and strengthen the overall IAM security posture.
  • Dormancy Reviews & Risk Mitigation: Conducted periodic dormancy reviews to bolster IAM governance, effectively mitigating security risks by disabling accounts overlooked in the Joiner-Mover-Leaver (JML) lifecycle.
  • Application Access Governance: Utilized Microsoft Entra Identity Governance to conduct detailed periodic application access reviews of business-critical applications, proactively identifying and revoking unauthorized user access to strengthen the security posture.
  • Administered and maintained Zscaler ZIA and ZPA, proactively addressing end-user security access issues and ensuring the integrity of the organization's security posture.
  • M365 Email Security Operations: Managed M365 email security, including investigating user-reported phishing attempts, reviewing quarantined emails, and proactively managing domain blocklisting/whitelisting based on cyberattack intelligence.
  • Identity Exposure Management: Collaborated with Active Directory teams to remediate configuration gaps flagged by Tenable Identity Exposure (formerly Tenable.ad), prioritizing and addressing findings based on severity (Critical, High, Medium, Low) to strengthen Active Directory security posture.

Senior Security Analyst (CyberArk PAM Administrator)

Accenture Solutions Pvt Ltd
05.2022 - 11.2022
  • Served as a CyberArk Operations Engineer, responsible for the full spectrum of PAM operations, encompassing privileged account onboarding/offboarding and complete administration of CyberArk PCloud.
  • Successfully installed and configured Microsoft RDS licenses to support CyberArk PSM RDP sessions, guaranteeing uninterrupted and secure privileged access for critical operations.
  • Optimized privileged account management processes by developing automation scripts for bulk onboarding and automated CPM change assignments, reinforcing security controls and reducing manual intervention.
  • Expertly managed and executed CyberArk component upgrades (CPM, PSM, PSMP) based on security bulletins and best practice guidelines.
  • Led platform administration for CyberArk (CPM, PSM), enforcing best practices in password complexity, session control, and access management, significantly reducing the risk of unauthorized access.
  • Facilitated seamless onboarding of privileged users and coordinated multi-regional security operations to ensure consistent security configurations across diverse client environments.
  • Coordinated remediation efforts and addressed vulnerabilities across critical CyberArk components, ensuring high availability and compliance with international security standards.
  • Provided thought leadership to clients, driving the strategic use of CyberArk tools to address evolving security challenges and compliance requirements.

Identity and Access Management Analyst

Infosys Limited
07.2021 - 05.2022
  • Successfully deployed the CyberArk PCloud SaaS solution, ensuring a seamless transition through comprehensive end-to-end operational handover.
  • Prepared and documented Standard Operating Procedures to govern CyberArk operations, ensuring strict adherence to organizational access control policies and MAS TRM regulatory guidelines.
  • Successfully implemented identity federation by integrating CyberArk with Microsoft Entra SAML, enabling secure Single Sign-On (SSO) for users.
  • Delivered end-to-end management of IAM processes, including the onboarding, lifecycle management, and deactivation of privileged accounts across critical infrastructure platforms such as AWS, Windows, Unix ,Microsoft Entra, Oracle, Palo Alto, Meraki, SDWAN etc.
  • Configured and implemented the CyberArk Alero VPN-less solution, enabling secure, browser-based access for vendors across all child AMCs to their respective servers via an HTML5 gateway, eliminating the need for traditional VPNs.
  • Enhanced security information and event management capabilities by integrating CyberArk PAM with Trustwave SIEM, ensuring complete event log capture and compliance-driven retention.
  • Executed CyberArk DNA scans to detect privileged accounts across Windows and Unix systems, ensuring all discovered accounts were onboarded into CyberArk and their credentials were automatically managed by CyberArk CPM.
  • Played a key role in troubleshooting and resolving critical issues related to CyberArk CPM/PSM services, including authentication failures, password resets, and RDP session management.

Security Engineer (CyberArk PAM)

Reliance Jio Infocom Ltd
12.2018 - 07.2021
  • Provided basic CyberArk administration as an L1 PAM Engineer, handling safe creation, user permissions, and account inventory documentation.
  • Implemented advanced CyberArk features such as password vaulting, session monitoring, and privileged session recording to mitigate the risks associated with elevated user privileges.
  • Served as the central point of contact for ServiceNow requests within the PAM unit, consolidating tickets and coordinating with engineers to ensure efficient handling.
  • Orchestrated version upgrades and patches for CyberArk components to ensure optimal functionality and security posture across production environments.
  • Diagnosed and resolved common user issues related to CyberArk, including troubleshooting portal access difficulties and PSM session failures, ensuring minimal disruption to user operations.
  • Collaborated with cross-functional IT teams to integrate CyberArk with various enterprise systems, including databases and network devices, facilitating secure access controls and compliance.

Network Engineer

Reliance Jio Infocom Ltd
08.2017 - 12.2018
  • Installed, commissioned, and integrated high-performance networking equipment including Cisco ASR Routers, microwave links, and DWDM technologies, ensuring resilient, secure network communication.
  • Installing, configuring, and maintaining network equipment such as routers, switches, firewalls, wireless access points, and other physical hardware.
  • Supported the implementation of enterprise Wi-Fi and OSC/ISC integrations, ensuring security protocols were maintained across customer-facing networks.
  • Configuring firewalls, VPNs, intrusion prevention/detection systems (IPS/IDS), and other security tools.
  • Responsible for Planning and designing of FTTx Network using ARC GIS & Ericson Network Engineer tools.
  • Troubleshooting and resolving network connectivity issues, performance bottlenecks, and outages.
  • Using Automation Technology Completing the planning and designing Architecture of Jio Fiber.

Education

Bachelor of Technology (B.Tech) - Electronics & Communication Engineering

Jawaharlal Nehru Technological University

Skills

  • Access control management
  • CyberArk security administration
  • Identity and Access Management (IAM)
  • Microsoft Entra expertise
  • Administration of identity governance
  • Cybersecurity operations
  • Zscaler cloud security administration

Certification

Certified Information Security Manager (CISM), 252744335

Personal Information

  • Date of Birth: 08/28/95
  • Nationality: Indian
  • Marital Status: Married

Timeline

IAM & PAM Specialist (ICT Security Consultant)

Optimum Solutions Pte Ltd
12.2022 - Current

Senior Security Analyst (CyberArk PAM Administrator)

Accenture Solutions Pvt Ltd
05.2022 - 11.2022

Identity and Access Management Analyst

Infosys Limited
07.2021 - 05.2022

Security Engineer (CyberArk PAM)

Reliance Jio Infocom Ltd
12.2018 - 07.2021

Network Engineer

Reliance Jio Infocom Ltd
08.2017 - 12.2018

Bachelor of Technology (B.Tech) - Electronics & Communication Engineering

Jawaharlal Nehru Technological University

Similar Profiles

CREATE PROFILE
SRIKAR THOTAKURAICT Security Consultant