SUMMARY:

• Professional IT consultant with over 17 years technical IT Industry experience, including most - recent 10 years of security experience on Identity/Access Management customization (Sun IDM, CA Confidential, and Microsoft Forefront Identity Manager (FIM)), and system integration with LDAP, Relational Database, Identity Federation (SAML) and web services; Demonstrated talent for quick learning, problem solving, and system design/administration/support/development (Java and C#).

TECHNICAL SKILLS:

• 17 years technical IT industry experience, with 10 years of security related experience
• 10 years Identity/Access Management customization of COTS products like Sun IDM v7/8, CA Confidential r12.x, and Microsoft FIM (Forefront Identity Manager) 2010
• Extensive experience/knowledge of security infrastructure/system setup, maintenance, and customization, especially in Cryptography, PKI, multi-factor authentication, etc.
• Expertise in Federation customization, using COTS products like CA Confidential, and NSN (Nokia Siemens Networks), using SAML 1.0/1.1/2.0
• 15 years of DB installation, configuration, maintenance and development experience, in Oracle 10/11g/12c, and SQL Servers
• 10 years of OS installation, configuration, and management experience, on Windows, Solaris (9, 10), Linux (RHEL, Ubuntu) servers
• Extensive experience with LDAP (CA DS, Sun DS, OpenDS), and AD (Active Directory)
• Extensive XML experience including XSLT, DTD, XML schema etc.
• 17 years’ programming experience in Java and C/C#

PROFESSIONAL EXPERIENCE:

Confidential

Responsibilities:

• Responsible for the overall security architecture like cryptography, PKI, authentication, etc.
• Customized and resolved existing Access Management COTS product issues like custom agent, Authentication personality module, persistent session store, etc.
• Participated in lab Proof of Concept of Oracle 12c installation/configuration/upgrade, using Transportable tablespaces, Golden Gate, etc.
• Responsible for the server consolidation and modernization by moving from Solaris to Redhat Enterprise Linux (RHEL)
• Supported decision making by providing overall security assessment, recommendation, and industry best-of-practice

Confidential

Senior Security Representative

Responsibilities:

• Completed CA Confidential r12.5 Administration 200 training and passed CAT-160 exam
• Resolved existing Confidential r12 issues like connections max-out, handshake errors, etc.
• Identified existing Confidential r12 performance bottlenecks with OneView monitor, etc.
• Designed SQL-Server Database architectures for policy store, key store, audit store
• Installed/configured policy servers (in clustered mode) for new Confidential r12.51
• Web agent installation/configuration on web servers (mainly IIS 6.5/7.0 and Apache 2) to point to new Confidential r12.51
• Setup Apache Reverse Proxy to be used with Confidential to eliminate individual web server agent setup/configuration
• Analyzed/rewrote/optimized 15 external-facing web-site policies being protected by Confidential r12.51
• Configured partner federation in Admin UI to federate with United Healthcare
• Customized SAML 2.0 assertion using Confidential SDK, by developing Java Assertion Generator Plugins (AGP), and by utilizing the cryptography and PKI for SAML encryption and digital signing
• Completed Forefront Identity Manager (FIM) 2010 training
• Configured Active Directory Federation Services (ADFS) for business partners SSO

Confidential

Identity Management Consultant

Responsibilities:

• The system is built to automatically provision the new employee/contractor in Corporate Active Directory, LDAP, and other resources (Identity life cycle management)
• The system serves as a central place to submit/approve user access requests, with auditing, delegation, workflow management capability.
• Apply the best security practices to corporate infrastructure implementation. Application development has been made easy by concentrating on the business logic (securities can be simply handled via API/SOA interface provided by the infrastructure)
• Realize centralized management/enforcement for corporate policies, baselines, guidelines
• Help client comply with government mandates and regulations

Confidential

Identity Management Engineer

Responsibilities:

• Installed and configured Oracle 10g on Solaris, as the repository for IDM
• Installed and customized Sun DS 5.2, Open DS, to store users data
• Installed Glassfish 2.1.1, setup connection pool, JNDI resources to be used with LDAP
• Setup and configured Sun IDM 7.1.1, and performed upgrade to 8.1.1
• Setup and configured Confidential WAS 5 and 6, Confidential MQ 6 for IPC
• Setup Eclipse, netbeans, for development of IDM user forms, work flows, rules, etc.
• Developed Java custom code for LDAP access via JNDI custom resource
• Supported systems using Java/J2EE, Spring MVC, XMLBeans, XML

Confidential

Identity Management Developer

Responsibilities:

• Finalized requirements by discussing with the product owner, and the departments
• Designed the front-end GUI, as well as backend Java support classes
• Directed and coded the IDM workflows, user forms, etc. using Express language
• Conducted uni-testing, QA testing, and deployment to Integration, Stage and Production
• Supported Oracle 11g as the IDM repository, including tablespace and index tuning
• Supported Windows Active Directory, corporate LDAP
• Supported Solaris 10, and WebLogic 9.2 for successful deployment
• Supported HR iVantage system data insert for new employees

Confidential

Telecom Design Engineer

Responsibilities:

• Coordinated with 4G/WiMax business partners, like Sprint IT and Digital Locker
• Finalized Subscriber Federation System design document including identity federation use cases and physical architecture
• Finalized Interface Specification document including browser-based SAML 2.0 exchange with Sprint IT, and SOAP-based SAML 2.0 exchange with Digital Locker
• Implemented SAML 2.0 message digital signing, partial encryption, and SSL using Sprint internal CA signed cert, and industry standard cryptography and PKI knowledge base
• Understood and resolved connectivity issues within Sprint Link network
• Worked with the vendor, Nokia Siemens Networks, to read/write subscriber information, from/to the 4G Subscriber Provisioning System

Confidential

Consultant

Responsibilities:

• Design LDAP schemas to provide directory service for IACS and other applications
• Installed and configured Sun Application Server 8.1, Web Server 6.1, Directory Server 5.2, Identity Manager 6.0, Access manager 6.2, Oracle 10g, on Solaris 9
• Designed and coded workflows, user forms, rules, etc. in XPRESS language, for identity provisioning in Sun Identity Manager
• Designed and created access policies for access management in Sun Access Manager
• Responsible for Social Security Administration (SSA) validation sub system, which includes Confidential WebSphere Application Server 6.1 and WebSphere MQ 5.3 installation on Solaris 9; Local and remote queue manager creation and configuration; Java coding using JMS and MQ API; XML generation and validation; XSLT parsing; overall integration testing and debugging with IACS
• Performed stress/load testing for IACS project, using QuickTest Pro and LoadRunner software. The tuning operations include: Oracle DB tuning; Sun Directory Server partition and replication; Java Virtual Machine settings like heap size, permanent size, ratio of young and tenure generation, etc.
• Solaris zones (OS level virtualization) creation, configuration on Solaris hardware

Confidential

Consultant

Responsibilities:

• Defined and documented System configuration requirements (hardware and software)
• Defined and documented System security architecture and network topology
• Defined and documented System deployment plan
• Installed, configured Confidential WebSphere Application Server (WAS) Network Deployment 6.0, WebSphere MQ 6.0, DB2 Enterprise 8.2, Rational ClearCase/ClearQuest (CC/CQ), Tivoli Directory Server (TDS) 6.0, Tivoli Access Manager (TAM) 6.0, Tivoli Federated Identity Manager (TFIM) 6.1
• Worked on INITIATE Identity Hub product for federated query across communities

Confidential

E-Authentication Consultant

Responsibilities:

• Understood SAML 1.0, 1.1, and 2.0 OASIS standard set
• Installed, configured and evaluated PingFederate 3.0 beta (SAML 2.0), from Ping Identity
• Installed and configured Federated Identity Manager (FIM) 2.5, from RSA Security
• Implemented both Browser/Artifact Profile (BAP) and Browser/Post Profile (BPP)
• Created and configured key store, certificate for mutual SSL
• Developed Plug-ins (subject, ticket, attribute) for both AP and RP sides (Java)
• Developed portal and other necessary web pages for web SSO
• Programmed with Java, JSP, Servlet and EJB under Apache2, Tomcat5, and BEA WebLogic8.1
• Programmed to access LDAP (Microsoft Active Directory), Oracle 10g, and SQL-Server 2000

Confidential

Senior Developer & DBA

Responsibilities:

• Gathered requests, designed the data model, and created tables and indexes
• Wrote stored procedures, functions, views with T-SQL language to implement business logic
• Scheduled database backup, implemented restore and recovery when database failed
• Programmed in VB.NET, C# for data conversion
• XML was used as the intermediate conversion format and XSD for validation
• XSLT and regular expression were used heavily for conversion
• ASP.NET was used for generating web-based tools

Confidential

Java Developer

Responsibilities:

• Gathered application requirements and advice from technical and sales groups
• Wrote Requirement Definition Document (RDD) and Functional Specification Document (FSD)
• Constructed Oracle database environment on Solaris and Linux
• Created table spaces, tables, and indexes for node availability evaluation
• Created Linux shell and PL/SQL packages for data loading and database transaction
• Designed and implemented entity beans and session beans
• Programmed with J2EE, Applet, HTML, and JavaScript

Confidential

Software Engineer

Responsibilities:

• Conducted feasibility investigation, reviewed DTD with Fuji-Xerox on a monthly basis
• Installed Oracle8.1.6 on Solaris, allocated table space and create users
• Designed and created tables based on GECL existing database and FUJI-XEROX DTD format
• Programmed on XML parsing and database transaction with Java Servlet
• Created UNIX shell and PL/SQL procedures to resolve business logic
• Performed database tuning (parallel SQL and index rebuilding) for adequate SQL response time

Confidential

Software Programmer

Responsibilities:

• Programmed with Java Servlet, JSP and JavaScript
• Open source Apache was used as the web server and Jserv as the Servlet engine
• Enabler for Java (by Softlab) was used as an OODB (Object-Oriented Database)