SUMMARY:

• Confidential is having 16+ years of experience in J2EE, seeking hands - on Healthcare Payer Solutions Architect / SOA Security SOLUTIONS ARCHITECT / INTEGRATION SPECIALIST - IDENTITY MANAGEMENT (Tivoli), INTEGRATION (Pega Rules & BPM), Oracle SOA Suite, PORTAL & JEE positions which utilizes his Technical (Hands on, Design & Architecture) & Delivery skills. Confidential has a passion to learn & augment any evolutionary/revolutionary technologies with in given delivery priority constraints.
• Experience in requirements gathering, scoping & prioritizing, architecting, design and implementation of web applications using J2EE technologies such as J2EE, Spring, Hibernate, XML Technologies, Web Services, SOA, BPEL, OpenESB and Identity & Access Management Solutions, RBAC frameworks, XACML, OpenID, WS-Security using Axis2 & Rampart, OAuth & SAML. Strong insight into all WS-* standards & REST Services.
• Have provided Architecture, Design and Implementation (Administration, configuration and customization) consultation using Ping, CA and Confidential Security products.
• Have integrated One Time Passwords, Two Factor Authentication, Fine grained entitlements with XACML with Ping Federate, ISAM and CA SiteMinder.
• Having experience in project effort & cost estimation. Used Delphi, 3 point, Function Point estimation techniques. Demonstrated good Negotiation Skills during scope & size finalizations. Having influencing skills to build consensus.
• Having experience in creating & tracking project schedules using MPP.
• Six Sigma Green belt certified for improving Change Request tracking & reviewing process for better Support Level Agreement compliance as part of O&M projects execution.
• Trained & Certified on Design for Six Sigma. Ability to provide process & technical consultancy along with strong troubleshooting skills.
• Having experience in giving project proposals, security strategy, solution proposals, technology proposals.
• Experience with standardized project management methodologies, processes and compliance standards including SDLC, RUP, Agile, PMI, CMMI, ISO, Six Sigma and SOX.
• Having excellent Interpersonal, Communication, Organizational and boundary less behavioral skills. Expert in interacting with people Confidential various levels of an organization as well as with the partners and customers.
• Ability to multitask in fast paced, deadline-driven, concurrent projects execution environment beating SLAs & superseding Critical to Quality Factors (CTQs) regardless of the seasonal short arises of business needs.
• Time Management Skills, expert in prioritizing while execution. Strong attention to detail.
• Secured few Individual Excellence Awards, Customer Recognition Awards, Partner Recognition Awards and Team Excellence Awards on the job.

SKILL MATRIX:

Programming Languages: Pascal, C, Cobol

Object Oriented Languages: C++

Java: Web Technologies

Servlets, JSP, HTML, JDBC: Ajax

Awareness: Sproutcore

Frameworks: STRUTS

Springs, Hibernate: Java Server Faces

Portal Technologies: Websphere Portal

IDE: VAJ 3.2, VAJ 3.5, WSAD 4.0/5.0, RAD 6.0, TOAD, Erwin

Scripting Languages: JavaScript

RDBMS: Oracle 8/9, MS-Access

Operating Systems: Windows NT, Windows 95/98, Unix, MS-DOS, Solaris, AIX

Distributed Technologies: Web Services, Axis2, Rampart

MQ-Series: RMI, XML(XSL, SAX & DOM), XSU, EJB

6 m - 1 yr: Tools: Rational Requisite Pro, Rational Rose, Visio

Microsoft Project: Excel, Word, Power Point

Front Page, Dream weaver, Adobe Photoshop: ABAP basics & SAP Cross Apps

Security: Confidential Security Identity Manager, Confidential Security Access Manager, Confidential Governance Intelligence (IGI), IPIM, Novell Access Manager, Open SSO, Open ESB, SAML, XACML, SPML, Google Data API - OpenID & Oauth, Siteminder, OpenSSO, Basic Networking Fundamentals, Active Directory, RACF Security Model, Pega PRPC Security Model, BMC Control SA, Siteminder R12, Ping Access, Ping Federate, Confidential Cloud Identity Services (CIS), Cyberark, Sailpoint, CyberArk.

Data Security: Confidential Guardium, Vormetric

PROFESSIONAL EXPERIENCE:

Confidential, Meridien, CT

Technology Stack: Confidential Security Access Manager 9, Ansible, Python, IGI 5.2

Security Architect

Responsibilities:

• Built environments using Ansible Roles, written new roles for existing python API.
• Have done Federated SSO Just in Time Provisioning leveraging Advanced Access Control module and used Secure Token Service to consume additional user profile attributes from federated LDAP.
• Have integrated IGI 5.2 and ISAM.
• Written Ansible roles for Python scripts.
• Written java plugins to orchestrate a workflow in ISAM for Just in time provisioning.
• Have done IGI integration, bulk loads, Enterprise connectors and brokerage adapters.
• Have done application target integration with IGI using TargetProfiles, Target, User Management and Group management REST API. Have also used REST APIs to manage the IGI 5.2 virtual appliance.
• Performed role consolidation and role mining with Access Governance Core and Access Optimizer.

Confidential, San Francisco, CA

Technology Stack: Confidential Security Identity Manager 6.0, WebSphere TAI++, IDF-Connect, Siteminder r12.0, Java

Security Architect

Responsibilities:

• Presented solution options to integrate ISIM 6 with Siteminder R12.
• Installed IDF-Connect TAI++ and Servlet Filter to allow SSO between Siteminder and ISIM.
• Set up WebSphere 8.5 as SAML 2.0 SP with Okta IDP. The token consumed by WebSphere has been allowed to propagate to ISIM 6.0

Confidential, Los Angeles, CA

Technology Stack: ISAM 9, ISIM, CyberArk

Senior Solutions Architect / Tivoli Administrator

Responsibilities:

• Install & configure ISIM, ISAM 9 & CyberArk.
• Have implemented OAuth 2.0 for API Protection with ISAM 9 using ‘Secure Access Control’. Have implemented Authorization code grant for web applications. Attached API Protection policies for ISAM resources.
• Have implemented SAML 2.0 federations and OpenID Connect as a federation on ISAM 9. Have configured ISAM as Reverse Proxy and have configured required STS Trust Chains for authorization decision making.
• Day to day support activities with ISAM.
• Develop solutions required for onboarding new projects with IAM Integration.
• Experience with ISAM 9 Advanced Access Control.
• Experience with installing CyberArk, building HA environment for Vault clusters, multiple CPM’s in various internal networks, Application Identity Management (AIM), PACLI, PSM etc.,
• Have configured Local Credential Provider.

Confidential, Houston, Tx

Technology Stack: Oracle Identity Manager 11g R2 PS2

Senior Solutions Architect

Responsibilities:

• Requirements Collection & Sign Off.
• High Level Solution & Infrastructure Architecture & Design.
• Custom Connectors Design to integrate OIM with EPIC, PACS (X-Ray Review system for Physicians), Kronos (Time System for Physicians).
• Integration approach for reconciling data from PeopleSoft People Tools.

Confidential, Montvale, NJ

Technology Stack: Confidential Security Access Manager 8.0.1, Tivoli Directory Server 9.7.6

Security Solutions Architect

Responsibilities:

• Put together the high Level solution & approach plan with Confidential and other Confidential Vendors.
• Built ISAM8 infrastructure
• Clustering the Policy Server, Authorization Server, WebSEALs.
• Install TDS and set up replication for Tivoli Directory Servers.
• Migrate existing users from old TDS into new TDS.
• Federate the old Tivoli Directory Server.
• Build TFIM OAuth Client credentials federation. Designed and developed a OAuth validation token service.

Confidential, Warren, VA

Technology Stack: Siteminder Suite, Ping Access & Ping Federate, WebLogic, Websphere

Security Architect

Responsibilities:

• Evaluate and recommend the right security products (Siteminder and Ping Access/Ping Federate) based on the Confidential Commercial Cards domain requirements.
• Present High level Solution Architecture options for Multi-factor Authentication, Authorization (Entitlements Management) and SSO (Cross Domain & Federated) to Confidential Commercial Card Applications (CitiManager, CCRS etc.,)
• Have installed Siteminder agents for applications running on Weblogic server.
• Familiar with Weblogic Administration.
• Provide design to remediate the implementation for existing applications for Security Vulnerability Assessments provided by Cigital.

Confidential, Washington, DC

Technology Stack: ISIM 6.0.0.2, ISAM 7.0.0.6, TDS, DB2, TSPM 7.1, TFIM 6.1

Solutions Architect & Security Engineer

Responsibilities:

• Installed and Configured Confidential Security Identity Manager 6.0.0.2
• Set up provisioning policies, Operation workflows, Setup Users & Roles, ACI’s, Set up Organization Tree, Design User Forms & sub-forms etc.,
• Installed and Configured Tivoli Security Policy Manager
• Installed and Configured Confidential Security Access Manager 7.0, Setup instances, Create Junctions, Set up SSO
• Set up ISAM 8 Appliance, Federated Repositories Setup (Hook up Active Directories to ISAM Appliance), Setup Kerberos/SPNEGO SSO with Active Directory,
• Installed and Configured Tivoli Federated Identity Manager, setup partner federations, One-time-password (OTP) and User Self Care (USC).

Confidential, Boston, MA

Technology Stack: SAM, TFIM 6.2.2, Websphere 8, Websphere Portal 8

Security Consultant

Responsibilities:

• Review Install and configure ISAM back up policy server for MFS Disaster Recovery Domain.
• Review Install and configure all WebSEALs in MFS Disaster Recovery Domain.
• Review Install and configure TFIM 6.2.2 in MFS Disaster Recovery Domain.
• Review Integration of the security infrastructure with Websphere Portal 8 using TAI++ (deprecated instead of ETAI) using Portal configEngine scripts and necessary junctions Confidential WebSEAL.

Confidential, Reston, VA

Technology Stack: TAM 6, OIF 11g, OVD 11g, ODSM 11g, WS-Trust

Security Consultant

Responsibilities:

• Day to day support of TAM & Federation with OIF.

Highmark, Pittsburgh, PA

Technology Stack: EJB 3.0, JPA 1.2, RAD 7.5, Websphere 7, Confidential MQ, Java 1.6, Application Security

Security Consultant

Responsibilities:

• Integrated HIBS batch application to use the Websphere container security for application roles integration.
• Designed and developed Spread Billing functionality on the top of Bill Account Setup process. Co-ordinated all the way through production roll-out.

Confidential, San Jose, CA

Technology Stack: Tivoli Access Manager 6.1, Tivoli Federated Identity Manager 6.1, RAD 7.5, Websphere 6.1, Java 1.4.2

Authorization Specialist

Responsibilities:

• Install Tivoli Access Manager and Tivoli Federated Identity Manager
• Create Tivoli WebSEAL junctions, users, groups, user-group associations, Access control lists, Protected object space ACL modifications etc.,
• Designed and implemented to automate the process of access control to restrict downloading of software’s using Tivoli Access Manager PDAdmin API.
• Designed and implemented connection pooling using Apache Commons pooling to optimize the PDAdmin connections to the Tivoli Access Manager Policy Server.
• Pending out-of-box federation configuration with Cadence as IDP and Loboforce as SP using Tivoli Federated Identity Manager 6.1

Confidential, Jersey City, NJ

Technology Stack: CA Siteminder

Senior Consultant

Responsibilities:

• Document all interfaces and solution components required to perform Single Sign On integration with external partners. Negotiate the interface contractual requirements per each specific integration.
• Set up SAML11 Artifact based federation in Siteminder R12 to integrate with the external partner.
• Create all Siteminder related objects - Policies, Responses, Rules, WebAgents etc., that are required for federation using Siteminder R12.
• Debug and troubleshoot in R6 and R12 environments.
• Install and configure Siteminder R12 web agents.
• Set up and integrate Shibboleth in lower environments for testing with Siteminder R12 in complementing roles IDP vs. SP.

Confidential, Philadelphia, PA

Technology Stack: Confidential Suite of products, Spring Security 3.0

SOA Security Solutions Architect

Responsibilities:

• Define & document the enterprise requirements and suggest the possible solution architecture alternatives & recommendations to provide solution using Open & Confidential technology. In particular all the requirements are around the Security.
• Suggest solution architecture to integrate COTS products with the Identity & Access Management systems. Work with the COTS products System Integrators/Vendors to define the right approach & the level of integration that would be in line with the Organizational practice & best practices.
• For TSPM, taken a deep dive to write few Message Protection Policies, Authorization policies for XACML, Application Entitlement & Data Entitlement policies creation & distribution to Datapower Policy Enforcement Point.
• Proof of concept of TAM for Web Access Management in Confidential environment.
• Document federation usecases Internal/External integration using SAML2.0.
• Guidance to create & maintain Service versioning (WSDL Definition & maintenance) for common security services and implementation..

Confidential, Bloomfield, CT

Technology Stack: Tivoli Access Manager 6.1, Tivoli Directory Integrator 7.0, Tivoli Federated Identity Manager 6.2, CA Siteminder R12, J2EE, TFIM Custom Module Development, Spring, Hibernate, Struts, Websphere 7, Rational Application Developer 7.5, SAML 2.0, SAML 1.1, WS-Federation, Liberty, OpenSSO, Mobile Integration

Federation Management Specialist

Responsibilities:

• Enhanced J2EE TFIM Custom Modules from TFIM 6.1 to TFIM 6.2 OSGI compliant.
• Promoted all the federations & partner configurations from TFIM 6.1 to TFIM 6.2. Also administered the Tivoli Access Manager junction to point to the appropriate backend TFIM instances.
• Strong expertise with all SAML protocols & verbatim, Liberty and WS-Federation.
• Configured Tivoli Access Manager to protect internal Websphere Portals, configured CA Siteminder R12 to protect internal TIBCO portals
• To perform auditing of the federations & partners, database logging of SAML 2.0 assertion data using Hibernate is performed.
• Created SAML 2.0 & SAML 1.1 metadata to migrate the above partners from TFIM 6.1 to TFIM 6.2 environment.
• Self-Services design development using Struts Action, Spring & Hibernate and java workflow.

Confidential, St Louis, MO 1 week

Technology Stack: Tivoli Federated Identity Manager

Presales Architect

Responsibilities:

• High level approach to integrate Confidential internal portal with SuccessFactors - Cloud based Business Integration Software for Human Resources Management
• Presented an architectural approach for Tivoli Access Manager / WebSEAL integration with Mobile Platforms specifically for BlackBerry.

Confidential, MD

Technology Stack: Oracle Service Bus, Oracle BPEL Manager, Oracle OAM

SOA Security Architect - Oracle suite

Responsibilities:

• Provided solution architecture for the process automation utilizing OSB.
• Define the individual services required and the whole orchestration model with security policies (WS-Policy, WS-SecurityPolicy, WS-Username Token to integrate with specific partners.
• Utilize OSB and BPEL Manager to do a proof of concept and to develop the actual solution for integration.
• Protected all Web services with Username tokens based on ws-policies.