SUMMARY

• Around 7 years of experience in Information Technology, which includes demonstrated work experience in design, development, testing and implementation of enterprise wide security applications using Pingfederate, PingAccess, LDAP Directory.
• Experienced in SAML based authentication 1.1 and 2.0 usingPing Federate, SiteMinder Federationand integrate with SiteMinder authentication and another adapter.
• Successfully completedversion upgradesfrom CA SiteMinderR6 to R12,R12 to R12.5, R .6andinvolved in the upgrade of Pingfederate 6.0 to 8.0 and 8.0 to 9.0, PingAccess 4.0 to 5.0.
• Experienced in installingPingfederateon bothLinuxandWindowsPlatform.
• Worked on all thePingfederate OAUTHgrant types to get the access token to access the protected API. Supported development with integration ofMobile AppsusingOAuth/SAMLinPingfederate.
• Experienced in configuring SSO withPingAccessusing out of the box and custom developed authentication schemes.
• Experienced in implementingSAML ProtectionwithDigital Signature.
• Experienced in implementingOAuth & OpenIDSolutions usingPingfederate.
• Worked onPingfederateto allow users to performsingle sign - onwith other third-party applications.
• Experienced inForm based authenticationandX.509 certificate-based authentication.
• IntegratedPingAccesswithPingf ederateSystem to get authenticated by Pingfederate and Authorized byPingAccessServers using the Access Control Lists.
• Experienced in installation and configuration ofPingAccess.
• Design and Implementation of Oracle Identity Analytics for User Access Recertification and Entitlements Review and Data Owner Recertification
• Conducts initial project definitions and performs appropriate business analysis, systems analysis and design.
• Perform project planning, critical path analysis, tailor implementation approach and roll out strategies
• Prepare, recommend and review the IAM solutions architecture road map.
• Worked with vendor’s Product Support teams to resolve issues (defects, bugs, enhancements) with product
• Experience on RBAC(Role Based Access Control) analysis and implementation
• Expertise in managing IBM Web Sphere and WebLogic Application Servers.
• Extensive experience in developing applications using Java, J2EE components including Servlets, JSP, EJB, JDBC.
• Experienced in web development using HTML, CSS, Java Script and AJAX technologies.
• Experienced in developing MVC framework based websites using Struts and spring.
• Strong experience in working with Application Servers like Apache Tomcat, WebLogic, JBOSS, IBM WebSphere.
• Continuous Improvement, Customer-focused and highly organized.
• Experienced in validating all requirements, and separate key business requirements from wish lists.
• Expertise in SailPoint lifecycle Manager, Compliance Manager and Access Governance modules.
• Experienced in Conducting JAD sessions, created Use Cases, work flows, screen shots and Power Point presentations for the Web Applications.
• Knowledge in IAM-related standards such as SAML, SOAP, LDAP, Open-ID, and OAuth.
• Experience to implement best practices for Data clean-up and stabilizing the system for optimization.
• Extensive experience in Role Mining, Entitlements Analysis, and Advanced Analytics.

PROFESSIONAL EXPERIENCE

Confidential, New York City

IAM Consultant

Roles/Responsibilities:

• Design of identity federation connectors from SailPoint to target systems, along with subsequent access control by SecureAuth.
• Ensure requirements gathered, processes defined, and use cases documented follow out of the box configuration vs. customization as much as possible
• Manage client requirements and configure Confidential connectors for 34+ applications
• Design SailPoint deployment and solution architectures
• Participate in all SailPoint deployment activities - connector configuration, custom rule development, workflow configuration and development, third party system integration.
• Design, Implemented a solution which manage the Identity lifecycle of almost all applications with the enterprise, without directly controlling the identity store within the application.
• Involved in creating custom reports, certifications in order to cater various data feeds.
• Achieved SOX and PCI compliance by building a flexible and scalable framework to provide authentication and authorization services while supporting rules/roles/languages requirements for various International countries.
• Design and Implement data import of various types of data files from internal and external target sources for validating access levels.
• Created a Registry for important information on all applications.
• Participate in and/or User Acceptance Testing and bug-related reengineering efforts
• Worked on installation and configuration of PingAccess Policy Servers and PingAccess Agents.
• Integrated PingAccess with Pingfederate System to authenticate the user using Pingfederate and Authorize by using PingAccess Servers.
• Integrate the custom developed independent application with PingAccess to track the owner of the application which is being protected by PingAccess and Pingfederate.
• Worked on apache web server to make the application URL work with both http and https and protected both secure and non-secure URL’s using PingAccess.
• Worked on application configuration with PingAccess and defining PingAccess Sites, rules, Virtual hosts, Policies and Rules.
• Experienced with multiple Ping Federate adapters like HTTP adapter, Open Token adapter and Composite adapters.
• Worked on Token Generator and Token Processor to establish a connection between two web services from different Enterprises and Ping Access and JWT tokens to authenticate the user using Ping Federation.
• Worked on Ping Access Gateway to take the Application traffic directly using Virtual Hosts and redirect back to the application with Ping Access Token.
• Worked on configuration of PingAccess as ProxyGateway to protect the application without exposing the application URL to the end users.
• Participated actively in Change meetings to implement the changes in higher environments.
• Involved in failover testing and disaster recovery process and also prepared and maintained the documentation for same.
• Involved in daily Scrum meetings to discuss day to day updates on the project.

Confidential, Austin, TX

IAM Consultant

Roles/Responsibilities:

• Upgraded Ping Federate solution from legacy (6.x) version to new (8.x) version.
• Performed POC for Ping Access Authentication Solutions.
• Worked on moving around 50 applications from OAM to Ping Access.
• Worked on Custom Authentication Schemes in Ping Access based on Business needs.
• Upgraded Ping Federate from 6.0 to 8.0.
• Worked on applications which needed compliance requirements in relation to HIPAA, PHI, SOX.
• Involved in discussions with the various business owners and vendors to implement the change on each application without impacting the end user.
• Designed, deployed, and supported highly available and scalable Pingfederate infrastructure in on-premise that provides single-sign-on (SSO) and federation solutions for internal/external access.
• Migrated around 100 applications to use the new solution which offers the users with Kerberos Authentication internally and the Forms based authentication externally using Ping Federate 8.x.
• Executed platform upgrades for Pingfederate.
• Installation and configuration of PingAccess.
• Integrated Ping Access with Ping Federate servers to Authenticate using custom Adapters.
• Worked on OAuth Grant types to get Access Token to access Protected API's.
• Integrated OAuth with Ping federate to protect RESTful API's.
• Perform Installation and configuration of SailPoint IdentityIQ
• Develop custom SailPoint BuildMap Rules and Workflows as per the business needs.
• Setup applications Active Directory, LDAP, Oracle and Flat Files.
• Providing solutions for the changing business requirements.
• Implement REST classes using SailPoint Rest Application.
• Using IIQConsole for operations such as checkout, import, connector Debug etc.,
• Used IQService as part Identity IQ for Active Directory (AD) provisioning.
• Setup direct connectors for AD, LDAP,MySQL,Oracle,EPIC
• Configuration of Roles, Policies and Certifications for governance compliance
• Build and Configure SailPoint in-built tasks like aggregation, ID refresh, schedule tasks, correlation, etc.
• Configuration and development of SailPoint Life Cycle Events (LCM)
• Customizing and branding of SailPoint solution.
• Provide knowledge transfer and post production support activities, as necessary.

Confidential, Jersey City, NJ

IAM Consultant

Roles/Responsibilities:

• Worked with different teams to implement single sign on using SAML 2.0, OAuth 2.0.
• Identified different SAML 2.0 issues and fixed the issue in NetIQ Access Manager 3.2.
• Coordinated with the Service providers and identity providers during the SAML Certificate upgrade and architectural changes.
• On boarding applications and configuration of privileged accounts in CyberArk.
• Produced policies, realms, rules, and responses to implement the single and dual factor authentication using RSA Secure ID Token based on the business requirements.
• Applied Single Signon using SAML2.0 for Federation Applications.
• Resolved CyberArk issue's in CPM to communicate with a host to accommodate credentials.
• Executed password policies for all the applications using SiteMinder Policy Server. Configured APS, FPS, Rules, and Help Desk Functionality Replacement.
• Strong familiarity on UNIX administration, and networking concepts.
• Installed and configured CA Wily Monitoring Tool and created dashboards and metrics to monitor Siteminder and LDAP Infrastructure.
• Understanding on Soap/Rest calls and tested the apis's with Soap Ui tool.
• In charge for Netegrity/CA SiteMinder infrastructure maintenance, support and deployment in development, test and production environments on 24/7 basis.
• Functioned as the primary liaison between the business client, operations, and technical areas throughout the project life cycle.
• Facilitated meetings with stakeholders to elicit business and functional requirements and perform business process analysis.
• Interacted with internal stakeholders to share findings from deep dive analyses.
• Building and Configuring SailPoint IIQ tasks like Group Aggregation, Identity Refresh, Roles, System Maintenance, Populations, Check Active Policies, Certification Refresh, Run Rule, etc.
• Translated massive data sets into actionable business results.
• Implemented the foundation for entitlement certification for users to address regulatory compliance and audit requirements.
• Collaborated with technical resources to develop workable solutions that meet customer expectations.
• Gathered and analyzed application data provided by application owner.
• Design & Implementation of Confidential
• Confidential Installation and Configuration as required by the design solution
• Implementation of Self Service feature, Password features (PTA, Forgot password, Change Password), provisioning feature, configuring various roles and policies in SailPoint
• Set up Confidential policy server on 4 environments (Dev, QA, UAT & Production)
• Developed build map rule, creation rule and customization rule to create Employee and Contractor user accounts into SailPoint from their current application’s exported feed file.
• Developed a custom form in the SailPoint UI so that various admins can create Employee/Contractor user accounts manually through UI and provision users
• Created and ran the aggregation task to bulk load authoritative source data from Active Directory, Exchange and LDAP
• Developed a creation rule to run update, terminate and rehire transactions on specified Employee and Contractor user accounts based on the feed file data.
• Developed a scheduler using Java that will periodically run to terminate contractors on their specified contract end date
• Developed a code that will send expiration notification to Contractors

Confidential, Seattle, WA

IAM Consultant

Roles/Responsibilities:

• Integrated Ping Access with Ping Federate servers to Authenticate using custom Adapters.
• Worked on OAuth Grant types to get Access Token to access Protected API's.
• Integrated OAuth with Ping federate to protect RESTful API's.
• Protected multiple applications both web based, and API based using Ping Access and Ping Federate.
• Worked on OAuth Integration using Ping Federate and Ping Access and implementing Federation SAML services to SSO into third-party vendors.
• Implemented OAuth to access the protected API with Access Token by using Different OAuth Grant types.
• Integrated Ping Access with Ping Federate System to get authenticated by Ping Federate and Authorized by Ping Access Servers using the Access Control Lists.
• Workforce and Client identity management system (Ping Federate and Ping Access).
• Upgraded Ping Federate from version 6 to 7 and from version 7 to 8.
• Assisted developers with integration of Mobile Apps using OAuth/SAML in Pingfederate.
• Capacity Planning in terms of hardware and user load for policy server and web agent.
• Involved in the migration of various web-based applications which uses STS and successfully provided the solution without causing issues to the end users.
• Worked on Ping Federate Clustering so that we can have multiple Engine servers to serve the requests in parallel and single admin server for a cluster.
• Developed custom Ping Agent using Ping SDK and Implemented SAML Protection with Digital Signature.
• Troubleshooting the issues occurred during the development of test environments.
• Involved extensively in the production support calls to resolve the issues occurred in production to avoid the downtime for the end users.
• Worked on Open Token Adapter to establish SSO between two native applications.
• Performed POC for Ping Access Authentication Solutions.
• Worked on Ping Access POC to migrate applications from Siteminder to Ping Access.
• Worked on the architecture of Ping federate and PingAccess to check if we could replace CA siteminder with Ping Identity (Ping Access and Ping federate).
• Deployed several Pingfederate integration kits for Apache, Coreblox, Atlassian, Java, PHP, Symantec VIP, Agentless, IWA etc., to establish the "first- and last-mile" implementation of a federated-identity.
• Deployed Open token adapter and created IDP and SP connections, worked with application team to send the open token based on agent configuration.
• Implemented the solution to support Tokenized ID’s comprising of Message Consumer Plugin, RetrieveSession Variables, and SetSession Variables Active expression. Used Message Consumer Plugin to execute the user disambiguation process and to validate the presence of user in the Database provided by a web service.
• Implemented Custom plugin by configuring the custom table in Session Store, custom code and other required binaries, plugin configuration file, JVM Options on CA SSO Policy Server, Federation partnership and CA SSO Policies for Active responses.
• Configured and supported SAML based Identity & Service Provider connections with several SaaS Partners.
• Experienced in designing and deploying migration of SAML partner connections from Oracle Identity Federation & Simple SAML systems to Pingfederate.
• Performance tuning for web server and SiteMinder along with LDAP for better response time, low latency, and high throughput.
• Created User Directory Object and Directory Mapping object and set cookie provider.
• Provided level 3 support for LDAP/SiteMinder related issues.
• Configured Web Agents on all the web servers and solved the configuration issues using web agent and web server logs.
• Effectively interacted with CA technical support teams.
• Implemented load balancing and failover mechanism for SiteMinder Policy Server, and ADLDS server.
• Performed technical review of all changes in conjunction with Change management team.