SUMMARY

• Virtual Machines in Development and Test Environments. Have loaded firmware images onto the Virtual Appliances.
• Expertise in core IAM Implementations with business engagement, Environment discovery process, Application On boarding, Certifications, provisioning and Life Cycle management for various applications for a large user groups.
• Installing and configuring CA siteminder, Single Sign On software (siteminderWeb Agent and Application Server Agent).
• Very good understanding in the various IAM modules such as Identity Management, Identity Governance, Access Management and Life Cycle Management.
• Worked on Enterprise UsersSingleSign Onthrough browser and through services with third party application hosted in enterprise or cloud using Ping Federate, Ping One.
• Configured User Stories, Policy Stories, Key Stories on LDAP and Session Store on SQL Servers.
• Working Knowledge on creating PIM reports.
• Installation and Setup of Ping Identity Server 6.0.0.1
• Using new Privileged Session Gateway function to support agent - less access to shared credentials, in addition to the existing agent-based and manual credential access, providing users greater flexibility in choosing privileged activity controls.
• Administered DB2 authority access and security controls including secondary authorizations and RACF groups.
• Experience in Replication, Chaining, Load Balancing and other Administration tasks involving CA SiteMinder Policy Server in both Production and Non-Production environments.
• Solid understanding of Identity Access Management architecture and exposure to entire features of CASiteMinder (Policy Servers & Web Agents), PingFederate 6.x, 7.x and 8.x versions, Ping Access, Oracle Access Manager, ADFS.
• Expertise in implementing ISAM 9.0 on a VMWare/ESXi environment.
• Experience in installing, Configuring ISAM 9.0 and SDS 6.4.
• Use IBM Tivoli Directory Integrator (TDI) to build a simulated LDAP server adapter
• Performed provisioning on user accounts on a test service using ISIM LDAP server adapter
• Performed modify, provision, de-provision & listing existing user accounts using ISIM LDAP adapters.
• Debugging WebSEAL using pdweb, debug and request.log files.
• Creating Identities and accounts for various, setting up roles, Assigning users to various roles in ITIM. Modifying provisioning policies for adding additional groups for provisioning.
• Highly proficient in installation, configuration, and administration of ISIM, ISAM, IBMDirectory server, IBMTivoli Directory Integrator, WebSphere Application server, IBMHTTP server on LINUX, and Windows platforms.
• Responsible for Installation of IBM SecurityAccess Manager7.0/9.0 components.Configured Web SEAL instance and authentication mechanisms.
• Experience in creating Web Seal junction points and ACL's for backend applications.
• Developed REST API Call for ISAM virtual Appliance monitoring and maintenance
• Worked on Documents solution requirements using process flows, functional specifications, data/entity flow diagrams, story boards, User Interface specifications, integration specifications, etc.
• IntegratedSiteminderwith Ping Federate using open token translator to bridge theSSOgap between applications protected on either system.
• All designs & implementations included automated provisioning via Tivoli Identity Manager using adapters and developing custom Tivoli Directory Integrator (TDI) to multiple endpoints including Active Directory (AD), LDAP, Tivoli Access Manager, and databases.
• Worked on all the Ping FederateOAUTHgrant types to get the access token in order to access the protected API. Supported development with integration of Mobile Apps using OAuth/SAMLin Ping Federate.
• Strong team player and effective individual with an ability to adapt to new technologies quickly.
• Strong work ethic with desire to succeed and make significant contributions to the organization.

TECHNICAL SKILLS

Functional Domains: Justice Network, Health Care, Mobile apps.

Security IAM tools: IBM Security Identity Manager (ISIM v6.0) IBM Tivoli DirectoryIntegrator (ITDI 7.1.1), LDAP - IBM Directory Server IDS (IDS v6.3), Sun One Directory Server 6.0, Windows AD, IBM Tivoli Access Manager (TAM v5.1, 6.0), ISIM 6.x, ISAM 8.x, AWS, 9.0 ISDS and TFIM (Tivoli Federated Identity Manager), Ping (6.0.0.1).

Languages: Java, JavaScript, C/C++, Perl, SQL & PL/SQL, Shell Scripts

Scripting Languages: UNIX Shell (Korn, C, Bash) Scripts, JavaScript

Application/Web Servers: WebLogic 8.x, 9x, 10x, WebSphere 6x, 7x, Apache Tomcat, IBM HTTPSIIS 5, 6, VMware

SSO Strategy: SAML, & OAUTH

Databases: DB2, MS SQL Server2012, Oracle /8.x/9i

Operating Systems: Windows, Linux, IBM AIX

PROFESSIONAL EXPERIENCE

Confidential, Greenville, SC

IAM Engineer

Responsibilities:

• Creating Identities and accounts for various, setting up roles, Assigning users to various roles in ITIM. Modifying provisioning policies for adding additional groups for provisioning.
• Performed provisioning on user accounts on a test service using ISIM LDAP server adapter
• Performed modify, provision, de-provision & listing existing user accounts using ISIM LDAP adapters
• Use IBM Tivoli Directory Integrator (TDI) to build a simulated LDAP server adapter
• Working with the following Internet protocols TCP/IP, LDAP/LDAPS, SSL/TLS
• Working with data modeling, LDAP schema, and DIT structures.
• Provided Customer Access to applications LDAP database Using Tivoli Identity manager.
• Interfaced with Application DBAs Globally located to maintain communications between their database and the Tivoli Identity ManagerApplication.
• Configure WebSEAL/Reverse Proxy to use the Distributed Session Cache.
• Worked on the creating the datacenter securityand implemented the network securitypatterns.
• Created all servers Technical Placement Diagrams (TPD) and overall project Technical Impact Assessment (TIA) documents.
• Based on the requirements and the use cases created the high-level design documents.
• Created the migration strategy from existing components like IBMITIM (v5.1) to IBM ISIM (v7.0) in step by step approach.
• Experience in Customization of TIM components using Java Script and JAVA.

Environment: IBM Security Identity Manager 6.0.0.3, Tivoli Directory Integrator (TDI), Apache Directory Studio, Active Directory, LDAP, IBM security Directory Integrator, ISAM 8.0, IBM Security Directory Server Adapters, Connectors.

Confidential, St. Louis MO

LDAP Software Engineer

Responsibilities:

• Working with large-scale LDAP deployments
• Working with the following Internet protocols TCP/IP, LDAP/LDAPS, SSL/TLS
• Working with data modeling, LDAP schema, and DIT structures.
• Working in determining bottlenecks and enhancing system performance
• Working troubleshooting issues in distributed systems
• Working experience with Configuration and setup of Ping SSO and also troubleshooting mechanisms.
• Working in a UNIX/Linux environment developing bash and Perl/Python scripts to support the directory infrastructure.
• Working with LDAP based products, preferably with Novell eDirectory and the UnboundID Identity Management platform.
• Have a thorough understanding of the X.500 data model.
• Hands on with Ping Replication and data integration.
• Working with LDAP ACIs, LDAP integration of third party products
• Working Knowledge on Authentication- single sign on systems, Ping identity Directory server
• LDAP server-side plugin development Java
• Experience with LDAP load testing tools Software development experience using Java in J2EE Application Servers.
• Working on Installation on Ping on different environments and enabling replication between the servers.
• Working with Ping Data Governance to manage access to entire profiles, individual attributes, delegated account management.
• Involved in providing security to SSO integrated applications and application servers.
• Involved in supporting UnboundID LDAP, PKI and FIM/MIM related issues.
• Installed and configured Ping Federate 6.x/7.x/8.x, Ping Access 3.x/4.x and Ping One tools in Development, Quality and Production Environments.
• Upgraded different version of Ping Federate and Ping Access tools.
• Using Ping data Governance to enforce customer preferences across channels, present Unified customer data across multiple data stores.
• Analyzes business operation processes and requirements; defines system process, functional requirements, data requirements and flows, service interfaces, and user interface requirements to meet the defined business requirements

Environment: IBM Security Identity Manager 6.0.0.3, ITDI v7.1.1, IBM Directory Server IDS v6.3, Apache Directory Studio, Active Directory, LDAP, IBM security Directory Integrator, CA Siteminder R12, ISAM 8.0, IBM Security Directory Server Adaptors, Ping Directory Server 6.0.0.1

Confidential, Tampa, FL

IAM Consultant

Responsibilities:

• Primary responsibilities in the project included overall Installation, Support, and Development of new tools to enhance productivity and overall performance of the ITIM systems.
• Played a key role in design, deployment and testing of IBM Security IAM suite providing efficient user management through an innovative, enterprise-wide automated provisioning system.
• Experience in JBoss application server clustering for high availability load balancing.
• Experience in deploying, implementing, testing and supporting of Tomcat Application Server.
• Responsible for troubleshooting networking issues, DNS changes.
• Working on federation single sign on between third party vendors making both inbound and outbound calls security exchanging the attributes in SAML both as identity and service provider.
• Worked on CAWily to Monitor the Policy Server and agent performances.
• Developed core features like Membership provider, Role provider, Templated user controls, Security Token, Federation, Configure encryption/decryption, ControlTest, ProviderTest and FederationTest applications.
• Implement Security Token features to call web service if it is protected with cookie or client certificate. Implement encryption/decryption of XML config.
• Implement (SAML) XML-based standard for exchanging authentication and authorization data between security domains.
• Experience in analyzing the logs (agent trace logs, sever logs, access logs, IDM Application Server logs, ETA Logs etc.) and Trouble Shooting issues in Integration of other applications using CA SiteMinder (Access Management) and Identity Management tools along with LDAP and Web-server agents and SiteMinder federation services.
• Experience in implementing Identitymanagement system using CASuite (CAIDM) to Provisioning users (create, modify, update and delete) along with self-service portals like password reset, request for access, manage Job Code, out of office assistance across endpoints like AD, RACF, Linux etc.
• Handling multiple projectroles to ensure successful implementation, including quality assurance testing, leadership design sessions, marketing planning, financial analysis, and new feature training.
• Identified and implemented process improvements resulting in increased efficiencies across multiple departments in the organization
• Worked on different parsers.
• Creation of assembly line hooks and connector hooks.
• Worked closely with Incident Management and other Problem Management teams and Perform incident resolution for WebSphere Application Server and for WebSphere MQ
• Led the successful customization of ISIM based IAM solution for the client's specific requirements to integrate and support exchange 2013 and also worked on the upgrade of IAM technology stack from ITIM 5.1 to ISIM 6.0
• Creating Identities and accounts for various, setting up roles, Assigning users to various roles in ITIM. Modified provisioned policies for adding additional groups for provisioning.
• Configured Password Policy to change Repeated history length with respective to client requirement.
• Developed and implemented process flows and projectlifecycle models to improve the efficiency of projectcreation, budgeting, prioritization, execution, and closure

Environment: IBM Security Identity Manager 6.0.0.3, CA Identity Manager, CA governance Minder, Apache Directory Studio, Active Directory, LDAP, IBM security Directory Integrator, ISAM 8.0, IBM Security Directory Server Adaptors.

Confidential, Minneapolis, MN

IAM Consultant

Responsibilities:

• Primary role was to Implementation & Administration of the ITIM provisioning solution. (ISIM 6.x)
• Technical Requirement Gathering: was responsible for gathering the user provisioning requirement for all the end points of ITIM
• Selection, installation and configuration of End Point Agents for ITIM
• Used IDI scripts for Batch and real-time attribute sync
• Used IDI script to notify users of password expiration date
• Developed IDI scripts, Provisioning Policies, Organization roles, Oracle database objects, ITIM groups, ACIs, Work Flows, Sub forms, Life Cycle rules
• Configured and Optimized Identity and Access Management for Users using Advanced Password Services.
• Installed, configured and designed CA Site minder policy server.
• Implementation of SSO and authentication services using CA Siteminder.
• Worked on setting up remote task to CA IDM through Web services calls from EFI front-end applications via Task Execution Web Service (TEWS).
• Experience with LDAP, SSO (Single Sign On), Web Agent configuration, CA Siteminder, VIPs (Virtual IP address), Content Smart Switch functionality in complex clustered environment.
• Migrated WebSphere Application Server from 7.x to 8.5.5.0 in development, system test, UAT, Production and Disaster Recovery Environments in ND Environments in platforms like Windows 2012, Aix V7.x, and RHEL V6. x.
• Involved in configuring the WebSphere load balancing utilizing WebSphere Workload Management including horizontal scaling, vertical scaling, creating dynamic clusters, setting up node groups and application versioning in WebSphere environments.
• Used ADSI services to enumerate and manage the resources in a directory service (add, delete, and modify users, groups and permissions).
• Configuration and Administration of ITIM - Design org tree structure
• Create provisioning and de-provisioning policies
• Implementation of id policies, password policies, Reconciliation
• Password Synchronization
• Service definition for End Point Agents, Workflows
• Wrote the crontab scripts for automated recycle of ITIM application and log rotation.
• Installed and configured TAM 6.x
• Created ACL, POPs, proxy server and web seal junctions
• Configured single sign on solutions for many applications.
• Provided trouble-shooting and configuration of Web SEAL and all components with-in the TAMe/Identity Management space

Environment: IBM Security Identity Manager (ISIM v 6.0), IBM Security Access Manager (ISAM v 7.0, 8.0), IBM Tivoli Directory integrator (ITDI v 7.1.1), CA Governance Minder IBM security directory server (ISDS). Tivoli Federated Identity Manager (TFIM v6.1), IBM Web Sphere, IBM Directory Server IDS LDAP, ADFS (Active Directory Federation Server), Planet LDAP, SSIS, TSM, Lotus Notes.

Confidential

Security Consultant

Responsibilities:

• Primary responsibilities include Installation and configuration of multiple instances of ITIM, Web Sphere, LDAP - IBM Directory Server and ITDI
• Configuration of ITIM agents for multiple end points (AD, Sun OneLDAP and TAM/GSO)
• Configuration and Administration of ITIM & design org tree structure
• Create provisioning and de-provisioning policies, Implementation of id policies and password policies, Reconciliation
• Service definition for End Point Agents and Workflows, Password Synchronization
• ACL, POPs and proxy server, Created web seal junctions
• Used IDI scripts for Batch and real-time attribute sync
• Used IDI script to notify users of password expiration date
• Developed IDI scripts, Provisioning Policies, Organization roles, Oracle database objects, ITIM groups, ACIs, Work Flows, Sub forms, Life Cycle rules
• Used ADSI services to enumerate and manage the resources in a directory service (add, delete, and modify users, groups and permissions), resolved AD Initial load problem
• Resolved duplicate same account names during the provisioning period.
• Created AD default groups based on the employee type during the provisioning period using JavaScript.
• Created groups for corporate LDAP using ITIM and IDI & custom adaptor for ACF2 using IDI
• Created add, delete and modify person using ITIM APIs for other Applications (Real-time changes).
• Provided trouble-shooting for ITIM, FIM and WAS.

Environment: Tivoli Identity Manager 4.x, 5.x, Tivoli Access Manager 6.x, Tivoli Directory Server 6.x and Tivoli Directory Integrator 6.x,7.x, Web Sphere Portal 7.x, Web Sphere Application Server 6.x,7.x,8.x Web Sphere Process Server 7.x, IBM Http server 7.Xjsf, Java/J2EE