SUMMARY:

• 9+ years of experience in Information Technology industry, which involves Design, Implementation and Hand on experience on CA Site Minder, Ping Federate, Ping Access and all LDAPS.
• Working as a part of Security team, implementing security solutions to Web applications. Experience in the field of core System Administration for Linux, Windows, and Solaris.
• Experience in Enterprise Security Implementation and Designing the SSO infrastructure.
• Worked on Ping Federate Upgrade from 6.0 to 7.0 and 7.0 to 8.0.
• Provided Enterprise federated identity solutions for business applications to use the service provided by third party application/vendors using Industry Standard Protocol SAML 1.0/1.1/2.0.
• Worked on creating connections in Ping Federate both as Identity Provider and Service Provider using metadata files.
• Experience integrating applications using IDP and SP initiated SSO.
• Worked on multiple SAML profiles with different binding methods like POST, Redirect and Artifact.
• Worked on Implementing OAuth Configuration with the Clients to get the Access Token to access the web API’s.
• Worked on ID Token to send the User information through User Info End Point.
• Worked on Token Generator and Token Processor to establish a connection between two web services from different Enterprises.
• Worked on Ping Access and JWT tokens to authenticate the user using Ping Federation.
• Worked on Unbound User directory to replace the Existing Oracle Directory Server ODSEE.
• Worked on Ping Access Gateway to take the Application traffic directly using Virtual Hosts and redirect back to the application with Ping Access Token.
• Integrated Ping Access and Ping Federate using OAuth.
• Protected multiple applications both web based, and API based using Ping Access and Ping Federate.
• Migrated few applications from Siteminder to Ping Access using Ping Federate to provide the Authentication Scheme.
• Worked on Core blox adapter to create SAML from SMSession.
• Worked on WAM Adapter which can exchange SMSession with Ping Access Tokens.
• Integrated RSA AA based authentications for both internal and external applications using the adapter jar files to provide Multifactor Authentication.
• Experience in integrating SSO products (such as CA SiteMinder and SunOne/Oracle LDAP, Novel LDAP and CA Directory Server).
• Experience in installing and configuring CA API Gateway.
• Worked on protecting the web services using Assertions in API Gateway using OAuth and Siteminder sessions.
• Worked on OTK installation kit on top API Gateway to create and validate access tokens for OAuth clients.
• Extensive experience in installing, configuring and administrating MS Active Directory, IIS, Apache Tomcat, SunOne/iPlanetWebServer.
• Experience providing SSO to the Internal users using Ping Federate.
• Worked on SSO infrastructure Upgrades which include SiteMinder from R12 to R12.52, R6.x to 12.0 and 12.51, 5.5 to 6.0 and 4.x to 5.5, upgraded SunOne LDAP from 5.2 to 11g and 5.1 to 5.2, eDirectory from 8.1 to 8.5.
• Provided Single Sign on for the Internal applications with the multiple Domains using Cookie Provider in SiteMinder.
• Implemented Session Linker, SAP Agent installation (upgrade from 5.6 to 12), PeopleSoft agent, WebSphere agent and WebLogic ASA agent.
• Worked with Layer 7 on protecting api's and worked on couple projects with Layer 7 team to trouble shoot the issues for Siteminder L - 7 agents.
• Experience in installing and configuring CA SharePoint agent.
• Experience in installation, configuration and administering CA Directory.
• Strong experience in collaborating with business users and eliciting business requirements and facilitating the implementation of appropriate IT security and SSO solutions.
• Consistently performed SunOne LDAP, SiteMinder administering tasks such as back-ups, recovery, and replications.
• Consistently improved SiteMinder and LDAP performance, High availability. Designed and implemented solutions for load balancing, fail-over. And monitoring the growth capacity planning.
• Involved in testing phases, troubleshooting process. Developed operational and administration manuals.
• Understanding the business requirements and leverage the technology to meet the delivery goals. Worked close with top-level management to assure delivery. Adequate technical directions are followed and issues are addressed.
• Experienced in supporting LDAP and SiteMinder in production environment.
• Demonstrated practical software engineering practices, outstanding technical, analytical and communication skills.

TECHNICAL SKILLS:

Operating System: Unix, Oracle Solaris 8/9/10, RedHat Enterprise Linux AS 2.1/3.0, SUSE Linux 10, Windows Server 2000/2003/2008.

Programming languages and methodology: Java, C, C++, HTML, PHP, Shell, JavaScript, JDBC, RMI, J2EE, Apache Ant and pl/sql.

Directory Server: Unbound, CA Directroy, SunOne/iPlanet server 5.x,6.x MS Active Directory, Novel eDirectory 8.7.x/ 8.8.1/8.8.5, Oracle Directory Server 11g and iPlanet meta Directory Server 5.x, Netscape Directory Servers 4.x.

Servers: IBM WebSphere, SunOne/iPlanetWebServer, BEA WebLogic, JBossSunOne application server, MS IIS, Apache and Apache tomcat.

Databases: Oracle 8/9i/10g/11g, MySQL and MS SQL Server 2005,2008.

Single SignOn: Ping Federate 6.0/7.0/8.0, Ping Access 3.0/4.0, SiteMinder R12.52 SP1,R12 SP2, SP3 / R6 SP1, SP2, SP4, SP5, SP6 /5.5 Web Agent 4.x,5.x,6.x,12.x, APS 4.0and Session Linker r12

Tools: Wily Monitoring tool, Big Brother Monitoring, HP Open View, One View Monitor

PROFESSIONAL EXPERIENCE:

Confidential, CA

Sr IAM Engineer

Responsibilities:

• Configure Federated SSO for enterprise internal and third-party SaaS applications.
• Responsible for the delivery of products and solutions for Single Sign-On via Ping Federate.
• Owns the quality of the implementation and follows the changes through all lower environments through production.
• Works closely with QA teams to ensure quality standards are being met and understands the solution and the domain well and acts as subject matter expert to be able to understand the customer's requirement.
• Suggest alternatives to better the solution and alleviate the challenge/ issue being addressed.
• Established both IDP and SP connections with third party applications to allow users to SSO using Ping Federate.
• Worked with application teams to gather SSO requirements and build out a solution in non-production & production environments.
• Responsible for performing unit testing on built and existing SAML assertions.
• Implemented Directory Mapping and Authorization Mapping for Authentication on LDAP and Authorization on AD.
• Responsible for coordinating application onboarding with end client contacts, client project managers and application owners.
• Work with vendors on supporting the platform and upgrade activities.
• Upgrade Federation servers from Ping Federate 6.x to 8.x.
• Maintenance of PingFed servers/ access software including performing upgrades, patches, and ensuring availability.
• Integrated applications with MFA (Multi Factor Authentication) for both internal and external applications.
• Implemented and supported SSO for SAML-Based Federation using Ping Federate.
• Integrated various LDAP’s as user store to Ping Federate to authenticate the user.
• Integrated applications for RSA AA based authentications for both internal and external applications.
• Worked with business / end client to gather requirements for integration and document the same to create on board document.
• As part of IAM team provided production support during 24/7.

Environment: RedHat Enterprise Linux AS 2.1/3.0, Ping Federate 6.0,8.3, Ping Access 4.0, Ping Federate 7.0/8.0, MS SQL 2005/2008/2012, CA Directory, Active Directory, BMC remedy, SNOW, SAP, JBoss 5.2, Apache 1.x/2.x, IIS 6,7,7.5,8.0 JDK 1.6, J2EE, EJB, JSP, Oracle 11g.

Confidential, OK

Sr IT Security Consultant

Responsibilities:

• Provided Solution to migrate some of the applications from Siteminder to Ping Access
• Provided solution to business on how to integrate/ modify their new/ existing application for SSO using CA SSO, SPS based on the user base.
• Upgrade Ping Infrastructure from 7.0 to 8.3.
• Created multiple connections in Ping Federate to establish SSO with third party applications.
• Worked on OAuth Integration with Clients to get the Access Token to access protected API’s.
• Worked on Ping Access Installation and Configured with Ping Federate to Authenticate and Authorize the users for both web and API based applications.
• Experienced in doing WS-Trust federation between two web services’ using SAML.
• Worked on Core Blox adapter to create SAML from SMSession.
• Worked on Open Token Adapter to create Open Token for the native applications.
• Worked with business / end client to gather requirements for integration and document the same to create on board document.
• Upgraded Siteminder Policy servers from 12.0 sp3 cr11 to 12.52 sp1 CR04 and implemented Scripts on all Policy Servers to recycle.
• Upgraded web agents from 12.0 cr01 to 12.52 cr01 on IIS, Apache servers.
• Monitored the web agent upgrade cycle and resolved issues encountered by applications after upgrade.
• Worked on integrations to provide enterprise SSO for corporate applications hosted in both core and DMZ.
• Created/ Modified auth schemes as part of number of integrations for SPS and application customized logins.
• Worked on various SPS integration projects for applications hosted in Open Shift Environment (OSE).
• Integrated applications using CA ASA agents for web sphere servers to enable TAI and to provide additional authorization.
• Integrated applications for RSA AA based authentications for both internal and external applications.
• As part of Siteminder integrations for applications worked with Layer 7 on protecting api's and worked on couple projects with Layer 7 team to trouble shoot the issues for Siteminder L-7 agents.
• As part of PLM upgrade cycle worked on integrating various applications with Siteminder.
• Worked on Siebel agents, ERP Adapters and also SAP, SharePoint Agents.
• As part of IAM team provided production support during 24/7on-call rotation.

Environment: Windows Server 2012/2008/2003, Ping Federate 7.0,8.3, Ping Access 4.0, SiteMinderPolicy Servers R12.52,R12.0,R6 SP6,Siteminder webagents R12.52/R12/R6, Ping Federate 7.0/8.0, iPlanet Web Server 6.0, MS SQL 2005/2008/2012, CA Directory, Iplanet Directory Server 5.2, Active Directory, SAP, JBoss 5.2, Apache 1.x/2.x, IIS 6,7,7.5,8.0 JDK 1.6, J2EE, EJB, JSP, Oracle 11g.

Confidential, MI

Sr SSO Consultant

Responsibilities:

• Designed the new parallel Environment for Access Management, which allows the Single Sign-On between the old and new environments.
• Upgraded SiteMinder Policy Server from R6 SP6 to R12 SP3
• Deployed SSO with SAP WS Agents, and upgrade the SAP agent from R5.6 to R12.
• Implemented and supported SSO for SAML-Based Federation using Siteminder adapter and Ping Federate.
• Worked on Single Sign on using Ping Federate 6.0.
• Upgrade Federation servers from Ping Federate 6.0 to 7.0.
• Established both IDP and SP connections with third party applications to allow users to SSO using Ping Federate.
• Worked on different Ping Adapters to accept the credentials, cookie, RSA token and generate the SAML.
• Integrated various LDAP’s as user store to Ping Federate to authenticate the user.
• Worked on OAUTH implementation to get the access tokens in order to access the protected API’s.
• Designed and implemented User Directory changes from LDAP to AD.
• Implemented Directory Mapping and Authorization Mapping for Authentication on LDAP and Authorization on AD.
• Installed and Configured CA Business Intelligence R12 with CA SiteMinder.
• Advised the changes to Fujitsu Custom code to integrate with new Active Directory and complied against R12 SDK.
• Installed and Configured OneView Monitor for CA SiteMinder performance review.
• Documented end-to-end installation of SiteMinder, WebAgent, SAP Agent, Business Intelligence.

Environment: Windows Server 2003/2008, Ping Federate 6.0,7.0, SiteMinder R6 SP6, R12 SP3, iPlanet Web Server 6.0, MS SQL 2005/2008, Ping Federate 6.0/7.0, Iplanet Directory Server 5.2, Active Directory, SAP, JBoss 5.2, Apache 1.x/2.x, IIS 6,7,7.5 JDK 1.6, J2EE, EJB, JSP, Oracle 11g.

Confidential, NJ

Siteminder Consultant

Responsibilities:

• Created application Inventory for 2K applications with Application Name, URL, Agent Name, Agent Group name, Host Configuration Object name, Agent Configuration Object name, and Trusted Host name.
• Identified the production Policy Servers difference in registry settings and implemented the changes.
• Involved in SiteMinder Policy Server upgrade from R6SP5 to R6SP6.
• Created Network Monitoring scripts which checks the 3DNS name, and connectivity with Network Latency and alerts the SiteMinder Admin group.
• Created the LDAP scripts which monitors the LDAP connectivity and alerts the Admin Group if connection is closed.
• Implemented Scripts on Policy Servers to stabilize the environment.
• Analyzed and documented the Policy Store objects to clean up the policy Store.
• Analyzed how application utilizes Host Configuration Objects and documented changes needed for Host Configuration Object.

Environment: Sun Solaris 5.8/5.9/5.10, Windows Server 2003/2008, SiteMinder R6 SP5/SP6, iPlanet Web Server 6.0, Sun One Directory Server 5.2/6.3, CA Directory Server, CA Wily Enterprise Monitor, WebLogic 8/10, JBoss 5, Apache 1.x/2.x, IIS 6, JDK 1.6, J2EE, EJB, JSP, Oracle 11g.

Confidential

SiteMinder and LDAP Consultant

Responsibilities:

• Upgraded the SiteMinder Policy Server from R6 SP1 to R6 SP6, R6 SP5 to R6 SP6.
• Installed Policy Server R12 SP2 against Novell eDirectory user store. And created POC for R6SP6 to R12 SP2 upgrade
• Configured policies on CA SOA Security Gateway Server R12 against R12 SP2 Policy Server.
• Configured CA Wily Enterprise Monitoring tool against Apache webserver, WebLogic Server and Policy Servers.
• Involved in upgrade of Novell eDirectory server from 8.8.1 to 8.8.5 SP5.
• Installed Option pack for Policy server and Web agent for configuring the Federated Security Services and User Identity between partner sites.
• Experience in SAML federation using CA SiteMinder R12 Federation Security Services SAML 2.0 Affiliate Agents.
• Migrated SiteMinder protected environment from Unix Solaris 10 to Linux SUSE 10.
• Implemented SSO across multiple domains, and created two level of authentication for additional security.
• Migrated large amount of LDAP data across the environment to create a identical production environment to support load testing.
• Integrated and configured web agents to protect and manage resources with SiteMinder Policy Server and assisted applications teams.
• Performed dib clone operations to recover the LDAP data, and added servers into replication tree and created new tree into the environment.
• Modified schema by creating custom object classes and custom attributes according to requirement.
• Implemented new techniques to support priority syncing for replication of important object.
• Supported production environment for resolving the high severity tickets without missing any SLA’s and supported Toyota environment 24 X 7
• Executing Backups and Recovery strategies for directory data (DIF), resolving back up and recovery issues in a High availability environment.

Environment: Windows Server 2003/2008, SiteMinder R6 SP1/SP5/SP6, R12 SP2/SP3 iPlanet Web Server 6.0, Novell eDirectory server 8.8.1/8.8.5, CA SOA Server R12 SP2, CA Wily Enterprise Monitor, WebLogic 8/10, JBoss 5,Apache 1.x/2.x, IIS 6, JDK 1.6, J2EE, EJB, JSP, Oracle 11g.Script, AJAX, media queries, jQuery.