SUMMARY:

• Software architect with over 18 years of experience in development and implementation of enterprise software.
• 10 years of experience leading Enterprise Confidential and Access Management (IAM) related security architecture, design and implementation for federal government agencies, financial services and transportation industry customers.
• Extensive knowledge of IT, enterprise architecture, software development life cycle, and information security platforms and applications.
• Hands - on development expertise in IAM technologies, Account Life Cycle, Provisioning & De-provisioning workflows, Single Sign-on (SSO) authentication and authorization technologies, Confidential Federation (SAML), Role Based Access Controls (RBAC), Web services security (WSTrust, WSS Username Token etc.), security compliance, auditing, attestation/re-certification technologies.
• Over 7 years experience in ERP & financial software development and implementation for local & state governments and financial customers.
• Outstanding leadership and consulting skills with strong written and oral communication abilities.

TECHNICAL SKILLS:

Technology: Java, J2EE, Enterprise Java Bean (EJB), Java server pages (JSP), Active server pages (ASP), AJAX, JavaScript, XML, HTML, DHTML, SQL, Visual Basic, REST, JSON, XPRESS (Sun IDM), SPML, SAML, SOA, DNS, load balancers, firewalls and other architectural components for web-based systems, UNIX, Solaris, AIX, Windows, Linux, Amazon Cloud (AWS).

Software: ForgeRock OpenIDM, OpenAM, OpenDJ, Oracle Waveset (Sun Confidential Manager) (IDM), Oracle Confidential Analytics (formerly Sun Role Manager) (RBACx), Oracle Confidential Manager (OIM), OpenSSO, Evolveum MidPoint IDM, IBM WebSphere, Confidential Weblogic, Tomcat, Apache Felix, Unix, AIX, LDAP, Active Directory, Sun Solaris, Apache, IIS, Oracle Database, MySQL, Hibernate, Jenkins, Maven, Ant, Eclipse, Business Objects, Pervasive Data Integrator, Versata, IBM MQSeries Integrator, IBM MQSeries, webMethods, Blaze Advisor Suite (Builder, Rule Server), Adobe Central Output Server, InstallShield.

EXPERIENCE:

Access Management Consultant

Confidential, Washington, DC

Responsibilities:

• As part of the ICAM team, integrated 30+ web applications using federation protocols with ForgeRock OpenAM and OpenIDM utilizing agile (SCRUM) development methodologies. The integrations involved single sign-on technologies such as SAML Federation, OpenAM Agents and OpenAM Fedlet.
• Developed custom code to supplement OpenAM software to implement features that were lacking in the software products.
• Implemented data sync between Active Directory and LDAP using ForgeRock OpenIDM.
• Migration of the ForgeRock OpenAM, OpenIDM and OpenDJ from hosted datacenter to Amazon Cloud (AWS).
• Provided integration and support for FICAM standards and PKI infrastructure for federal government agency.
• Implemented ForgeRock OpenDJ for LDAP data store for internal user data.
• Customized implementation of SAML federation for integration on Microsoft’s IIS servers, Apache Tomcat, Apache Web Server, Oracle Weblogic, Adobe Coldfusion, Ruby On Rails, Python etc.

Confidential, Arlington VA

Responsibilities:

• As part of the Confidential & Access Management team, migrated the research portal ( Confidential ), which integrates with approximately 100 universities via Incommon using federation protocols, to the ForgeRock OpenAM product from the legacy Sun OpenSSO.
• The integration involved migrating from Sun OpenSSO to ForgeRock OpenAM, migration from Sun directory Servers to ForgeRock OpenDJ directory servers.
• Developed custom OpenAM authentication modules to connect with multiple backend data stores.
• Integrated NSF internal applications including Oracle Confidential Manager, Sailpoint Confidential Analytics, NSF proposal management and NSF internal portal with ForgeRock OpenAM software for single sign-on.
• Implemented java based API via RESTful web services for exposing single sign-on features for application integrations that do not support direct integration with single sign-on technologies such as federation or policy based agents.
• IAM implementation involved Oracle Confidential Manager (OIM), Sailpoint Confidential Analytics, Oracle Directory Server, ForgeRock OpenAM (SSO) and ForgeRock OpenDJ.

Confidential, Washington, DC

Responsibilities:

• As the solutions architect, led the design and development of Confidential and Access Management (IAM) and Web Services Security (WSS) implementations across multiple business areas within the transportation client.
• Architected and implemented the migration of IAM infrastructure from Sun/Oracle IAM products to ForgeRock IAM stack. The migration involved Directory Server, IDM & SSO software to ForgeRock’s OpenIDM, OpenAM and OpenDJ product suite.
• Custom developed the end/admin user interface leveraging the REST, JSON and Javascript technologies for ForgeRock OpenIDM to reflect the SUN IDM functionalities and suit the requirements of the customer.
• In the earlier phases of this project, IAM infrastructure was upgraded to Oracle Waveset (formerly Sun IDM 8.1), OpenSSO 8.1, Sun Enterprise Directory Server, Oracle Confidential Analytics 11g deployed on WebSphere 7.x on Sun Solaris and Oracle 10g/11g.
• Integration of Sun IDM with SAP as the authoritative source for employee and contractor records. Other resource integrations included Active Directory, Ariba Buyer, Directory Server (LDAP), Lenel Badging, Documentum, Maximo, SAP Business Objects and more.
• Enabled enterprise single sign-on (SSO) for multiple systems (SAP, Ariba Buyer, WebSphere portal, Confluence Wiki) via Sun OpenSSO and later ForgeRock OpenAM. Developed custom OpenSSO clients for integration with VPN appliance (Firepass), WebSphere Portal, Ticketing system, food & beverage applications and more. Enabled enhanced single sign-on for users accessing Confidential systems from outside the network.
• Managed a development team for delivery, created and reviewed requirements and architecture design documentations. Provided support for all phases of the SDLC lifecycle.
• Centralized disconnected security data from multiple applications (CISCO ACE XML Appliance, webMethods, z/TPF based security and Informatica) into LDAP based storage. Streamlined security validations with enterprise Confidential provider solution.
• Designed and implemented an upgrade of the web services security for Confidential reservation system Service Oriented Architecture (SOA) with WSS standards based on SAML and WSS UsernameToken using the XML appliance, LDAP, webMethods, IAM and Confidential provider framework.
• Designed and implemented SSO federation using SAML v2 protocols with an externally hosted application such as Saba Human Concepts OrgPlus.

Confidential, Richmond, VA

Responsibilities:

• Provided Confidential and Access Management implementation and design support for the Confidential ’s Confidential management team.
• Developed a custom Sun Confidential Manager resource adapter for Entrust Connector Toolkit. The current toolkit will be replaced by the newer version and the adapter required an upgrade utilizing the Open Confidential connector framework) architecture.
• Provided guidance and planning for federation initiative for access control and PIV initiative.

Confidential, San Jose, CA

Responsibilities:

• Provided design and development support for Sun Confidential Manager implementation.
• Customization of their Confidential and Access Management implementation and design for a new integration of the Portal application.
• Created new workflows and forms for the new business processes for the integration.
• Added a backend database log for the audit requirements for the self service portal application via Confidential manager.

Confidential, Charlotte, NC

Responsibilities:

• As a solutions architect & hands-on developer, was responsible for technical architecture and development of the full solution of Confidential management for Confidential using Sun Confidential Manager 7.x (Sun IDM) and Sun Role Manager 4.x (RBACx) for the company-wide release of automated lifecycle maintenance and SOX compliance initiatives.
• Architecture based on Sun IDM 7.1 and Sun Role Manager 4.1.5 deployed on Linux OS and Oracle 10g.
• Integrated Peoplesoft HRM for employee records, and request system with multiple level approvals for contractors. Other resource integrations included Active Directory, Domino/Notes, AS/400, Oracle Financial, Tandem Non-Stop, Unisys and more. Implemented custom requesting system for non-connected systems.
• Customized adapters for AS/400, Tandem Non-Stop Kernel, Oracle Financial etc.
• Built custom reports and search capabilities, customized end-user interfaces to conform to usability requirements.
• Deployed Sun Role Manager for streamlining attestation and remediation processes for SOX compliance.
• Integrated Sun Role Manager with Sun IDM for Confidential seeding, resource data population and role mining.
• Evaluated Sun IDM 8.1 and provided upgrade strategy and integration efforts for Sun IDM 8.1 and SRM 4.1.x.

Confidential, Detroit, MI

Responsibilities:

• Assignment involved implementing access controls, entitlement based provisioning/de-provisioning, segregation of duties (SOD) analysis for Confidential and Access Management (IAM) for one of the largest energy company in the mid east.
• Build and integrated custom IDM adapters for application integration to their Confidential and Access Management (IAM) software using Sun IDM (6.x) on Solaris, Confidential Weblogic, Hibernate, Oracle 10g and Novel LDAP.
• Worked on building a framework for SOD analysis and reporting for their current IAM modules.

Confidential, New York, NY

Responsibilities:

• As a solutions architect, Implemented Sun Confidential Management software to automate the account lifecycle maintenance for Confidential in New York City.
• Enabled automated provisioning, de-provisioning, single sign-on processes using Sun IDM, CA SiteMinder, Sun LDAP. Employee provisioning was triggered by SAP software via LDAP, consultants were created by manual workflow processes. Other integrated systems included active directory, Mainframe, Remedy.
• Implemented workflows with approvals and escalations using modular architecture components. Both connected and non-connected resource were maintained using this system.
• Architecture based on Sun IDM 7.x deployed on IBM WebSphere on Sun Solaris and Oracle 10g as the database
• Integration of Sun IDM with Sun LDAP, ACF2 (Mainframe), Active Directory, Domino server, SiteMinder, Remedy ticketing system etc.

Confidential, New York, NY

Responsibilities:

• As a one person Sun IDM subject matter expert, implemented provisioning, de-provisioning, end-user password self service functionalities for the largest publication powerhouse based in New York City.
• Integration of Sun Confidential Management (IDM) with PeopleSoft (CRM & HR), Active Directory, Sun Directory Server (LDAP), and Entrust GetAccess.
• Subject Matter Expert for Sun IDM architecture and development through the project cycle.
• Evaluated requirements, timeline and estimates for their implementation.
• Worked closely with client team and vendors (Entrust & Sun) to implement the solution.
• Implemented Sun IDM 6.x deployed on Confidential WebLogic on Sun Solaris and Oracle 9.i as the database.
• Processes more than 5,000 tasks each month via Sun Confidential Manager.

Confidential, Richmond, VA

Responsibilities:

• As a solutions architect, was involved in the design and implementation of Access Control using Sun IDM and Entrust GetAcess for Confidential .
• Designed integration of access management using Entrust GetAccess via Sun IDM 5.x.
• Developed Sun IDM modules for provisioning requests using workflows and forms.
• Ported entitlement matrix from static data in configuration objects to database table based dynamic retrieval processes.
• Developed in XPRESS and Java, and deployed on Confidential WebLogic on Solaris using Oracle 9.i database.

Confidential

Senior Consultant

Responsibilities:

• Engaged as the technical architect and a subject matter expert for multiple multi-million dollar ERP implementations at various government client engagements such as the Commonwealth of Kentucky, State of Iowa, Palm Beach County etc. for more than 2 years.
• Responsibilities included defining the hardware and software architecture, hardware sizing, detailed hardware and software implementation, performance testing.
• Product development experience in the technical architecture and infrastructure group for 3 years.
• The ERP software was built on web-based J2EE architecture deployed on WebSphere and Versata.

Confidential

Responsibilities:

• Developed the internet front end of Automated Credit Application and Processing System ( Confidential ) using IIS and ASP, XML and MQSeries Technologies.
• Confidential is a flagship product of AMS and is widely recognized in the banking and credit industries.
• The Credit Express is the Microsoft’s ASP based internet front-end for online credit applications and it communicates with Confidential (deployed on mainframes) via MQSeries and Middle tier adapter.

Confidential

Responsibilities:

• Led a technical team responsible for the implementation of a rule-based decision logic system using Confidential at Confidential Internet Bank.
• The decision support system was integrated with the automated credit processing and CRM (Customer Relationship Management) modules of the online Confidential Bank. The rules engine was integrated to the online bank’s system via MQ and MQSI.

Confidential, San Francisco, CA

Responsibilities:

• Engaged as the technical lead/architect for the trade validation system implementation of the online trading platform of Confidential (MSDWO).
• The multi-million dollar project involved integrating a decision engine with the online trading application, which was based on J2EE architecture on Confidential Weblogic.
• Responsibilities included leading the technical side, developing proof of concept, designing and implementing the architecture, developing unit testing framework, implementation framework on UNIX, and performance testing of the application.

Confidential

Responsibilities:

• Responsibilities included leading the technical side of the presentation team, designing and implementing the right technologies for the web based interfaces.
• Mentored junior developers and helped them to deliver on time.
• Software based on J2EE architecture on IBM Websphere with DB2 as the database.
• Development of the Electronic Bill Presentment and Payment (EBPP) system based on J2EE using enterprise java bean (EJB) architecture, xml and Java server pages on Confidential Weblogic servers, Oracle databases and 1view OFX servers and clients.