SUMMARY

• He has over 18 years of cross - functional experience in design, development, integration, deployment, strategy, management, planning, architecture, administration, artifacts and implementation of software applications using Java/J2EE enterprise technologies and security applications with IBM Tivoli and WebSphere suite of products for e- business and EAI solutions in various sectors including Telecom, Federal Government and Healthcare organizations.
• Held positions as IAM Consultant, Security & Technical Architect, SSO Architect, Solutions Architect, Lead Technical Analyst and Programmer Analyst, Self-motivated with an ability to work independently and with multi-tier team environments
• Learned SailPoint Identity IQ architecture methodologies and implementation process including External Apps, Web Browser/Server, Application Server, Identity IQ Connectors, Custom Connectors, and Provisioning Integration Modules, Service desk Integration, Email Server, and Database.
• Learned the installation of Identity IQ with integrating LDAP & Ongoing deployment operations and support techniques.
• Configuration of the Identity IQ with user profiles for creating access, roles and business process approvals and etc.
• Learned about the Identity cubes, Identity Attribute Mappings, Authorities application and aggregations, Identity Mapping configurations, Account aggregation tasks
• RBAC - Role Based Access Control, Role management benefits, Single Tier role model, two tier role model, role relationships and permits, assigned vs detected roles and data mining are few of them in roles.
• Troubleshooting and debugging the runtime problems.
• Workflows and reporting.
• How to tune up for better performance.

TECHNICAL SKILLS

PROGRAMMING: Java, C, C++, Web Services, JSP, Servlet, EJB, J2EE, PL/SQL, SQL, HTML, Applets, Servlets, JSP, JSF, Java Beans, Java Mail, Swing, AWT, Java Script, HTML, DHTML, JDBC, EJBs, Hibernate, JMS, WSDL, SOAP, UDDI, JMX, LDAP, JNDI, RMI, CORBA and Log4J, Java Script, Shell (Korn/Bourne), perl and Ant

SECURITY: IBM SIM/TIM 6.x, IBM SAM/TAM 6.1.x/7.0, Tivoli Federated Identity Manager (TFIM 6.2.x), Tivoli Security Policy Server (TSPM 6.x), Tivoli Directory Server (TDS 6.x), Tivoli Directory Integrator (TDI 6.x), WebSEAL, TAM Java Runtime environment, Session Management Server, proxy servers & DB2.

ORACLE: Oracle Identity Manager 11g R2/R1 (OID), Oracle Access Manager 11g R2/R1 (OAM), Oracle Identity Federation 11g R2/R1 (OIF), Oracle Directories (OUD, OID, OVD) 11g, Oracle DB 11.1.2.4, Oracle SOA 11g.

SUN & Other: Open SSO, Open LDAP, Web Access Management (WAM) and Ping Federate.

APPLICATION SERVERS: WebSphere Portal 6.1, WebSphere Application Server 7.x/8.x, WebLogic Application Server 6.x, Oracle Application Server and JBoss 5.2, Apache 2.2, Tomcat, Microsoft IIS 4.0, Java Web Server and IBM HTTP Server, Apache and Tomcat.

DATABASE: Oracle 11g, 10g, 8i, 8, DB2 9.7, 8.1, 7.2, SQL Server, Sybase, LDAP, MySQL & IBM-XDMS.

INTERNET: XML, WAP, HTML, DHTML, Java Script, WML, WML Script, LDIF, DSMLv2, PKI

PROTOCOLS: TCP/IP, HTTP/HTTPS, SSH, Telnet, FTP, SAML 2.0, SSL, TLS

OPERATING SYSTEMS: AIX 5.3/6.1, REDHAT LINUX 6.3, Solaris 5.1, Windows 2000/XP/NT/98/95/3.1, VMWare

UTILITY TOOLS: WSAD 5.1, RAD7.x, Eclipse, Visual Paradigm, NetBeans, JBuilder, XML Spy, TOAD, Rational Clear Case, Rational Clear Quest, Oracle RightNow CX Cloud Service, CVS, PVCS, UML, RUP, RSA, Apache Directory Admin Studio for LDAP, Wireshark, Secure CRT, Putty Tunnel, IBM IDS Console 2013, LPAR2RRD, RUM, Lindash, IBM DataPower, MS Office.

PROFESSIONAL EXPERIENCE

Confidential, Columbia, MD

IAM / Solution Architect

Responsibilities:

• Function as subject matter expert guiding client in implementation of Identity and Access Management solution.
• Analyzed Requirements of existing MDHIX project, Planned, Designed, Architected and implemented security to MHBE web based project using IBM IAM for e-business.
• Analyzed project requirements and suggested technical solutions to Development Team with respect to LDAP schema
• Worked very closely with Enterprise, Technical and solution architects to understand existing MDHIX architecture
• Installed and configured IBM IAM Suite in WAS node and developed Java objects provided to Development Team for LDAP and TAM record operations such as Create, Modify, update and delete operations.
• Installed, configured and administered Tivoli Directory Server as a LDAP registry to TAM/TFIM and Web Application on AIX and RHEL x-86 Linux platforms.
• Installed DB2 database and created LDAP instances, configured with DB2, developed LDAP schema as per requirement
• Generated pd.properites and pd.key as part of customization and configuration.
• Successfully implemented Identity and Access Management solution to MHBE Project from Existing MDHIX project
• Analyzed project requirements and suggested technical solutions to certain project requirements for enhancements
• Day to day activities include trouble shooting, communicating across various Infrastructure teams like AIX/Unix, Network, Development and Testing teams, 24x7 production on call support
• Installed, configured and administered IBM Security Identity and Access Manager formerly known as Tivoli Identity and Access Manager, WebSEAL, Security Policy Server, Security Directory Server on AIX, RHEL v6.3, X-86 32bit/64bit and windows platforms.
• Configured and customized of ISAM components such as TAM Runtime, Security Policy server and Authorization Server, Session Management Server, TAM, WebSEAL including using GSKit and IBM HTTP server as a Backend server.
• Implemented clustering and failover methodologies for Tivoli components for WebSEAL and other IBM components
• Setup policies in LDAP and TAM as per requirement
• Implemented Policy management, Password Management, Authentication, Authorization, Resource access management using ACLs, and POPs
• Created secured authenticated and un-authenticated junctions using LTPA tokens to backend servers such as IBM/Apache HTTP Servers and WebSphere Application Servers
• Provided customized pages and provided java objects (classes) for Login module as per requirement
• Imported Production LDAP data to DR and Test environment using ldif files
• Setup data replication between Tivoli Directory Server LDAP servers
• Developed and managed a Self-Care application for managing Forgotten passwords, setting passwords and
• Challenge/responses using the ITIM API
• Using Global Security Kit (GSKit) created imported and maintained key database and key stores.
• Generated self-signed certificates for SSL communications among Tivoli products in secured zone.
• Implemented Backup and Restore strategies for IBM IAM components
• Created Users and Groups (roles) as per requirement
• Implemented Backup and restore procedures and developed scripts for backing up data in LDIF form and setup cronjob
• Installed and configured replication of Tivoli Directory Server (LDAP), Set up Failover Technique using peer-to-peer replication in Production
• Supported to the cyber security team for troubleshooting the threats and vulnerabilities hitting to the portal and monitoring the multiple hits occurring to the portal.
• Taken care of all the Test, DR LDAP servers are cryptographically in sync to Production server

Confidential

IAM/Technical Architect

Responsibilities:

• Installed and configured ISIM, ISAM, TSPM, TFIM, TDS, TDI and WebSphere Application Server Network Deployment v8.x on High Availability (HA) environment.
• Closely worked with IT infrastructure team for hardware sizing and capacity planning for ISIM, ISAM, TFIM, TSPM, TDS and TDI components for a load of 6M users.
• Involved in the evaluation of form based authentication, federation adapter, registration process and features, step up authentication, existing questions and answers of EIAM suite for password requests and responses, global session management and idle application timeout, self-service functionality of User Self Care (USC) in TFIM, forgot password features and user account lockout.
• Configured SSL for all ITIM, TAM, TDS, TFIM, TSPM and TDI components.
• Designed Data and Directory migration strategies for real-time, bulk and manual identity migration to the directory server and DB2 using LDAP API.
• User permissions are defined in policy server and also the centralized at policy storage (Which URL’s are required for Step-up authentication)
• Run time policy server is deployed with each application and security framework integrates with run time policy server.
• Involved in LDAP schema optimization, clean up, removed un-used OUs and CNs, and removed un-used Object Classes/attributes and migration of users from existing TDS to new EIAM TDS.
• Designed, developed and validated Entrust Resource Adapter PKI for ISAM on both Solaris and Windows Platforms.
• Designed the role management, attribute management, step-up authentication and entitlement / permission management for users and the entitlements have been managed.
• Configuration of WebSEAL to support External Authentication Interface (EAI) connections.
• Developed and managed a self-care application for password resets, forgotten passwords and challenge/ responses
• Involved in the implementation of user impersonation between two applications of SSO and non SSO configured.
• Involved with standards, procedures, controls including Risk Assessment, Vulnerability Scanning, Security Awareness Training, Configuration Management, Contingency Planning, Incident Response, Maintenance, Environmental Protection, System Integrity, Access Control, Audit and Accountability Policy and Procedures, Identification and Authentication Policy Procedures and System Protection Policy and Procedures.

Confidential, Arlington, VA

IAM/SSO Architect

Responsibilities:

• Designed security roadmap and platform for enterprise security, identity management, WS security and compliance with government standards
• Evaluated multiple SAML based Single Sign-on (SSO) solutions including Sun Access Manager/OpenSSO/OpenAM, Ping Identity, SiteMinder, Oracle IDM for Confidential FAS project ensuring it’s alignment with FICAM(Federal Identity Credentials and Access Management).
• Developed product evaluation, product impact analysis and Single Sign-On Architecture document and presented to stakeholders team for product selection and approval.
• Performed tuning, backup and recovery of the following products OIM, OAM, SOA, and OIM both from components standpoint and database standpoint.
• Successfully managed and implemented Single Sign-On (SSO) Solution based on Oracle/Sun OpenSSO product in Dev, Test, Production and COOP environments and integrated multiple applications using SAML based technologies using Sun Directory Server and OpenLDAP Directory servers and architected for high availability.
• Build Access Policies for auto provisioning resources to users based on defined criteria.
• Designed, installed, configured Directory Server Enterprise Edition (DSEE) on multiple servers on multiple environments and provided replication of data store and config store between these servers in Dev, Test, and Production and Coop sites.
• Moved OAM from OID as User store to OVD with backend OID and Sun DS.
• Developed Custom Java/Jsp code to be used in OAM for logon pages. Assisted development teams in identifying, integrating OAM for SSO.
• Performed ISSO duties for Single Sign-On solution, troubleshooting on daily generated issues and activities.
• Registered Webgate in the OAM server using the remote registration tool (RREG)
• Architected enterprise wide security to include Single Sign-On solution for Web based and Web services based applications to support both Java J2EE and .Net applications
• Performed Maintenance on the WebLogic servers hosting OID, OAM, OIM and Accessgate.
• Integrated OAM and OIM to enable password change functionality through the OIM.
• Validated all user and certificate operation, including certificate creation, revocation, recovery and suspension.
• Manage team for day-to-day activity of production server (Linux, SUN and Windows), development server and QA server, including backup, storage requirement, web services solution and security.

Confidential, Sterling, VA

Sr. Technical Lead

Responsibilities:

• Involved in the System development and the architecture design.
• Involved with the requirement changes and discussions on enhancements.
• Used SNMP, DNS, DHCP and SNMP protocols with Qchat XDMS System in Confidential .
• Assurance of technical solution highlighting costs and risks including code reviews.
• Responsible for Technical Design, Coding and Testing, Planning, Tracking, Guiding and managing the development.
• Working with multiple teams and co-operated the production move of the project.
• Communicating with the offshore team and having daily calls for issues and resolutions.
• Mentor to the junior developers and the team training classes to understand the design to everyone in team.

Confidential

Sr. Technical Analyst

Responsibilities:

• Excellent working experience on Web sphere products and in administration like Application Servers, Web sphere Portal Server and Process Server for the Business Process Management.
• Design of the complete workflow for payments to route based on the status flags if it is routed.
• Designed and Implemented full SDLC cycle of CMS (Content Management System), Consumption and Contribution Systems at Confidential and LDAP Console based on J2EE/XML Technologies
• Working with the Oracle UCM to publish the content to the website.
• Installed and configured the Oracle UCM (Stellent) based on the Confidential requirements and customized the On Demand Publishing (ODP) component for Confidential requirements.
• Administered the portal pages and Portlets for the designated areas to display the estimated pages.
• Created multiple virtual machines to set up individual environments with portal and Stellent to have internal development environments for staging and public.
• Created and modified the URL re-write rules for the virtual portals to have direct links to the content in portal
• Designed and Coded the Enterprise Java Beans based on the business logic flow implementation.
• Take the responsibility to have the deployments in the production and preproduction environments and communicate with the NITC technical team.

Confidential, Washington, DC

Sr. Software Consultant

Responsibilities:

• Involved in system design and development of New Technology Ideas (NTI) workflow services which includes JSP, EJB, and DAO components.
• Analyzed Requirements of existing GAPS project, Planned, Designed, Architected and implemented security to G5 web based project using IBM TAM for e-business
• Implemented policies and Access Control Lists (ACL’s) as per the G5 Application requirement
• Modified existing process workflows to enhance workflow process for stable, scalability using process designer.
• Administered the portal pages and Portlets for the designated areas to display the estimated pages.
• Worked very closely with Enterprise, Technical and solution architects to understand existing GAPS architecture
• Successfully implemented Access Management solution to G5 Project from Existing GAPS project
• Day to day activities include trouble shooting, communicating across various Infrastructure teams like AIX/Unix, Network, Development and Testing teams, 24x7 production on call support
• Design of the complete workflow for payments to route based on the status flags if it is routed.
• Created Use Cases, Sequence, Object Model, and Component UML Diagrams in Rational Software Architecture.