SUMMARY

• Eleven plus years of overall experience in Installation, Configuration, Development, Deployment, Administration, Trouble Shooting and Migration of CA SiteMinder, Okta, Sun One Directory Server, Web security.
• Migrate SiteMinder and ADFS protected apps to Okta. Implementing Self Service password capabilities enterprise wide wif Okta Multi factor Autantication.
• Involved in migration and implementing Security and Infrastructure solutions using Netegrity SiteMinder 5.x to 6.0, CA SiteMinder 6.0 to 12.x and Sun ONE Directory Server (LDAP) 5.x/6.x.
• Experience in implementation of CA Identity Manager Solution from scratch.
• Experience in setting up SSO environments.
• Integrated SSO products such as Netegrity SiteMinder and Sun One LDAP wif existing enterprise applications and middleware applications.
• Experience in implementation of Security Management tools in enterprise wide Applications to achieve Autantication, Authorization and Accountability
• Expertise in implementing Federation SAML services to SSO into third party vendors.
• Expertise in analyzing the logs (trace logs, logs) and Trouble Shooting issues in Integration of other applications usingCA SiteMinder (Access Management) and Identity Management toolsalong wif LDAP and Web - server agents.
• Experience in installing, configuring SiteMinder policy server, Web agents, Sun One Directory server (LDAP) and various Web & Application servers.
• Experience in Administrating Sun One directory server and expertise in upgrading Sun One Directory Server version 5.2 to 6.0 and 6.0 to 6.3 in production environment.
• Hands on Experience in integrating WebLogic Portal Application Server driven Portal wif CA SiteMinder.
• Expertise wif IIS, IHS, Apache, Sun One Web servers in Identity and access management environment.
• Used SiteMinder tools like smobjexport, smobjimport to export and import Policy Stores respectively, smreg to change the SiteMinder super user password 24/7 administration in a web hosting organization providing server and application support (Netscape/iPlanet/SunOne Web, Messaging, Admin, Directory, Proxy, Application)
• Involved in the Weblogic Upgrade migration from 8.0 to 10.3
• Excellent noledge about the functionality of the SiteMinder components and Identity manager components.
• Strong experience wif different Web Servers and Application Server Security and Application deployments.
• Expertise in configuring and troubleshooting Webservers like Apache 2.0/2.2, IHS 6.1/7.0, IIS v6.0/7.5, iPlanet 6.0, Lotus Domino 8.0 and Application servers like Websphere and Weblogic.
• Strong analytical, problem solving, communication skills and a good team player.

TECHNICAL SKILLS

IDM tools: Netegrity/CA Siteminder(6.x/12.0/12.5), CA Identity Manager(8.x/12.x), Transaction Minder 6.x, Okta, SSO.

Products/Monitoring Tools: CA Siteminder Access Manager, One view monitor, Splunk, Tivoli Access Manager, TPV, Log Analyzer, Thread Analyzer.

Databases: Oracle 11g/10g/9i, SQL server 2008/2005/2000/7.0

Webservers: IHS 6.1/7.0, SunOne 5.1/6.1, IIS 5.0/6.0/7.5, Apache 2.x, Lotus Domino 8.0

Application Servers: IBM Websphere Portal 6.0/6.1, Websphere 4.x/5.x/6.x/7.0, Tomcat 4.x/5.x, Oracle Weblogic Server 8.0/10.3

Directory Servers: iplanet/SunOne directory server 5.x, Sun DSEE 6.3/6.3.1, Microsoft Active Directory, IBM - Tivoli Directory Server.

Operating Systems: UNIX(Solaris 9/10,AIX), Red Hat Linux, Win 95/98/NT/2000,2003,2008

Languages: C, C#, SQL

PROFESSIONAL EXPERIENCE

Confidential, CHANDLER, AZ

Senior Software Engineer

Responsibilities:

• Design, develop and enforce the upgrade of Enterprise infrastructure from CA SiteMinder R12.7 to R12.8.
• Production Support POC for WCA (Wholesale Common Autantication services) and CEO (Commercial Electronic Office) Portal critical Tier 1 applications wif SiteMinder, Identity Minder and PingFederate Autantication Services.
• Primary POC for 24/7 support and maintenance of autantication infrastructure for applications providing Confidential financial services to US Treasury during COVID-19.
• Enforce the Two factor autantication for multiple critical Banking applications using Secure Validation Code (One Time Passcode), theirby enabling additional security for applications involved wif Payment Gateways.
• Responsible for implementing and maintenance of Multi factor autantication for critical Tier 1 applications such as Payroll services and employee HR resources.
• Day-to-day maintenance of SiteMinder policy servers and providing vital support by troubleshooting production and non-production issues.
• Working on multiple SAML certificate renewals for multiple SAML applications to ensure Safety and Soundness and to maintain zero downtime.
• Performance tuning for SiteMinder to provide better response time, high availability and maximum throughput.
• Working on multiple projects to provide SSO wif SiteMinder federation setup and PingFederate wif third-party vendors using the SAML 2.0 protocol.
• Enable Single Sign On autantication for multiple internal and external applications in CEO (Commercial Electronic Office) Portal environment wif CA SiteMinder.
• Supporting and debugging issues and implementing SSO solutions wif Business Partners using CA SiteMinder and PING Identity solutions.
• Working on bulk load in uploading users, organizations and groups.
• Implementing OAUTH and OIDC, working on different grant types such as Implicit, Authorization Code.
• Working on a project to migrate the policy store from Oracle LDAP to PING.
• Analyzing Functional Specifications provided by the application teams, and laying out the feasible solutions for addressing the security implementation requirements for the WCA (Wholesale Common Autantication) applications, and creating design specification document wif the relevant information for the Quality Assurance group.
• Upgrading SiteMinder web agents on all the web servers IIS, WebSphere, Apache, IBM HTTP from R12SP3CR11 to R12.52 in CEO (Commercial Electronic Office) Portal environment to ensure Compliance.

Confidential, MOLINE, IL

IAM Infrastructure Analyst

Responsibilities:

• Experience in implementation of Security Management tools in enterprise wide Applications to achieve Autantication, Authorization and Accountability engaged in day to day support formore than 2 million customers worldwide at John Deere enterprise
• Installed, configured and administered CA SiteMinder infrastructure in Unix and Windows platforms
• Designed Technical solutions and processes for the ongoing implementation and support of John Deere multifactor autantication architecture.
• Leading design workshops and map business requirements to technical solutions.
• Key person in SSO migration initiative from Siteminderto Okta MFA at John Deere
• Installed and Configured Okta AD and Okta LDAP agents On Premise and provisioned all the identities from Active Directory and VDS to Okta.
• Installed and Configured Okta Integrated Windows autantication (IWA) to access John Deere applications wifout password.
• Installed and Configured Okta Radius Agents on Premise to Protect John Deere’s Cisco Any Connect (VPN), Citrix VDI and Amazon Workspaces (AWS) wif Okta Multifactor Autantication (MFA)
• Implemented SSO by Integrating 1000 plus On Prem applications wif Okta Infrastructure using SAML, Open ID Connect (OIDC) and OAuth 2.0 service
• Created different Okta Sign On policies and Okta MFA enrollment policies based on requirement for application ids and different user types.
• Enforced MFA for key and critical applications which has sensitive data and to meet OCC requirements for financial applications.
• Enabled self-service password reset feature to reduce halp desk calls for end users using Okta MFA.
• Designed and managed processes for hardware distribution token yubikey as one of the Multifactor
• Provisioned users to On Prem Directories using Okta’s SCIM Connector.
• Onboarded identities for merger and acquisition by installing Okta AD agents on the acquired company
• Removed Custom credential stores for E- Commerce applications and migrated the users to Okta tenant and made Okta as super credential store for all the user types.
• Assisting application teams on the code changes to convert their application to support SAML or OIDC by using spring security extension.
• Lead technical POC’s for Spring Security, Spring BOOT, mod-auth-melon and mod-auth-oidc frameworks to implement SSO for applications wif Okta
• Lead troubleshooting activities and problem resolution for Okta protected applications.
• Configured different password policies for each user type based on requirement.
• Configured Authorization server for each domain and created custom scopes and claims for application teams based on requirement
• Work wif Okta support/ Vendors to fix Okta bugs and issues not related to Deere Infrastructure
• Worked wif different application teams or third-party SaaS vendors to renew the SAML certificates which are about to expire
• Configured SAML assertion attributes using regular expression for application team based on requirement and created SAML apps using Okta API’s.
• Blacklisted the IPs which are declared or identified and are used for brute force attacks.
• Integrated 70 plus SaaS based apps like Box, Adobe creative cloud, Agile Central Rally and Confluence etc to automate provisioning and De-Provisioning of users using one click.
• Worked on Service requests like Problem Management, Incident and Change Management via HP Service Manager and have experience on Service Now tool.
• Implemented custom SAML federation bridge between SiteMinder and Okta where application can get both SMSESSION and Okta session for seamless SSO user experience
• Worked wif SiteMinder administration for user directories, agents, logs and cache management, agent configuration objects.
• Worked on Configuring the Domains, User directories, Rules, Realms and Policies.
• Worked on Load balancing the SiteMinder Servers for high performance.
• Involved in the upgrade project of SiteMinder Policy Servers from version 12.5 to 12.52
• Implement Federation SAML services to SSO into third party vendors.
• Mentor development and support teams involved in problem identification and solving.
• Worked on Fine tuning of Web agent and policy servers for optimized performance.
• Implemented password policies for all the applications using SiteMinder.
• Setup Splunk alerts for various conditions wifin Okta Production Org - locate IP addresses from where Okta received at least 10 unsuccessful requests in the last 60 mins, Dealer user lockouts in Customer tenant, Rate Limit warnings and violations, Login Denied, JIT - Create user failures, password sync failures etc
• Configured custom alerts via Splunk when login rate threshold has been exceeded and e-mail notifications based on the business needs.

Confidential, CHANDLER, AZ

Information Security Analyst

Responsibilities:

• Good experience in troubleshooting performance issues related to application servers, security servers and directory servers using performance tools like CA Wily Introscope and other third party performance monitoring tools in both Production and Non-production environments.
• Developed, deployed and supported single online customer autantication service for customer facing web applications across wellsfargo.com.
• Installed and configured CA Siteminder 12.51 web agents on Windows, Sun Solaris and Red hat Linux Operating systems in both Production and Non-Production environments.
• Worked on the Siteminder Policy Server upgrade from R 12 to R12.5
• Integral part of the Wholesale Common Autantication (WCA) project which involves building, designing, installing and configuring Siteminder agents, monitoring oneview and wily introscope for different applications.
• Configured CA Siteminder for third party service providers for SSO using SAML 2.0 webservice SP-Initiated Single Sign On for both production and non-production environments.
• Expertise in configuring Cross Domain Cookie Provider solutions for different applications.
• Using Web Content Management tools to edit documents directly on the web wifout any HTML.
• Regularly attending meetings on behalf of Wholesale Team & co-ordinate wif different teams for task accomplishment.
• Involved in the centralized autantication using web services API and webagent
• Involved in creating reports and documenting steps for Policy Server upgrade, Webagent upgrade and agent install/configure documentation on different OS
• Installation of SSL certificates on Apache, IIS, WebLogic & Websphere servers.
• Performed 24/7 on-call support on rotation & mentored new-comers during team expansion.

Confidential, AUSTIN, TX

IAM Consultant

Responsibilities:

• Worked on the social sign on which allows a user to log into HP Passport client wif an autanticated session on a social identity provider (IDP) which is OAuth based.
• Involved in the centralized autantication using web services API and webagent.
• Configured and Administered CA Siteminder 12.0 and involved in the migration to Ping Federate 6.0 on Windows servers.
• Involved in the documentation process for integrating web applications, SAML based federation using CA Siteminder wif external client.

Confidential, CHANDLER, AZ

Information Security Analyst

Responsibilities:

• Involved in the WATS program for Data Center Migration from Cassie Hill to Shore View, installed and configured new Web Agents on RedHat Linux - Apache based web servers.
• Worked on the SiteMinder Web Agent upgrade from R12 SP3 CR02 to R12 SP3 CR11 version.
• Configured and Defined the SiteMinder Policy Domains, User directories, Rules, Realms, Policies and Responses in SiteMinder and configured web agents, Affiliate agents and RADIUS agents to provide federation of webservices in the SSO environment.
• Experience in implementing LDAP security models. Utilized Resource Analyzer and Log Analyzer for performance testing and troubleshooting and Knowledge managing LDAP Policy Store.
• Integrated SiteMinder wif Sun ONE Directory Server 6.x to use directory server instances as Policy Stores and User stores for Policy Servers.
• Worked on Load balancing the SiteMinder for high performance.
• Implemented password policies and autantication schemes for all the applications using SiteMinder.
• Created Open SSL Certificates and used them to maintain confidentiality and two-way autantication while integrating wif third party applications.
• Configured CA Siteminder for third party service providers for SSO using SAML 2.0 webservice SP-Initiated Single Sign On for both production and non-production environments.
• Installed, configured and supported SunOne Directory Server 6.x/7.x using multi master mesh replication topology for storing both policies and users in Policy Store and User Store respectively.
• Installed CA Siteminder Policy Servers, CA Siteminder Web Agents, CA Siteminder Application Server Agents and configured custom configuration like Autantication scheme's for CA Siteminder Policy Server for Autantication and Authorization using SunOne Directory Server.
• Opened Service Requests for BEA/Oracle Weblogic Server, Cases for CA Siteminder, PMR’s for IBM WebSphere Application Servers and IBM WebSphere Portal Servers
• Experience wif performance tuning of policy servers and associated components and generating performance reports using customized crystal reports.

Confidential, TAMPA, FL

SSO Security Analyst

Responsibilities:

• Installed, configured and maintained CA SiteMinder Policy Server 5.X/6.X/12.X, and Sun ONE Directory Server 6.3 on Solaris, Windows platforms.
• Configured CA Identity manager for user management and application access according to role-based entitlements.
• Involved in CA Siteminder upgrade from 6.x to 12.x.
• Experience in installing, configuring SiteMinder policy server, Web agents for IBM Http Server and Websphere TAI agents.
• Worked on ERP /WebAS agent integration wif SAP ITS and Web application server.
• Implement Federation SAML 1.x/2.0 services to SSO into third party vendors like Cornerstone, Empire Blue, and Hallmark.
• Worked on LDAP autantication like assigning roles to users, creation of test user accounts in Stage and Production environments.
• Installation of SSL certificates on Apache, IIS, WebLogic & Websphere servers.
• Worked on proofs of concept to integrate CA SiteMinder wif various other Identity Management software
• Installed and configured SiteMinder for Documentum shared environment and performed troubleshooting on non issues.
• Worked extensively on creating Custom Autantication schemes as per the requirement.
• Expertise in Configuring CA SiteMinder policy server, creating agents, ACOs, Domains, Rules, Responses and Policies, Policy Server maintenance, SSO call clearance, Web Agent & Application server agent installations, trouble shooting in all the environments.
• Configured user impersonation feature to enable Customer service department to provide a better service to the business clients.
• Integrated SiteMinder to Lotus Domino web server for Advisory application.
• Hands on experience wif configuring LDAP initiated and SP initiated SAML profiles wif different bindings like POST, Artifact, and Redirect as per the custom business and security requirements.
• Creating Open SSL Certificates and using the same for Federation of external Services to achieve the purpose of maintaining confidentiality, message integrity and bilateral Autantication.
• Experienced in assisting Web Administrators, LDAP Administrators to determine wat the best values for SiteMinder parameters and tune the system to boost SiteMinder performance in the Web Tier, the Application Tier, and the Data Tier.
• Used One View Monitor in SiteMinder for identifying performance bottlenecks.
• Worked as an Infrastructure Lead for critical tax applications.
• Integrated SiteMinder into various IFS/TAX based applications which require Single Sign On.
• Involved in giving training sessions to offshore team.

Confidential, LAKEWOOD, NJ

Computer Systems Analyst

Responsibilities:

• Expertise in installing, configuring SiteMinder policy server, Web agents, Netegrity Transaction Minder, Active Directory server (LDAP) and various Web & Application servers.
• Installed, configured and maintained CA SiteMinder Policy Server 5.x/6.x and Sun ONE Directory Server 5.2 on Solaris, Windows platforms. installation, Configuration and Administration of IBM WebSphere Application Server 5.x/6.x on UNIX platform, Linux.
• Installed and configured Web agents on Webservers like IIS 5.0/6.0, Apache 2.x, SunOne Webserver 6.1/7.0.
• Configured user impersonation feature to enable Customer service department to provide a better service to the business clients. Worked extensively on creating Custom Password policies and Autantication schemes as per the requirement.
• Experienced in assisting Web Administrators, LDAP Administrators to determine the best values for SiteMinder parameters and tune the system to boost SiteMinder performance in the Web Tier, the Application Tier, and the Data Tier.
• Experience wif the implementation of RSA two factor autantication tokens for the integrated web service security in a SSO environment for the service provider applications.
• Hands on experience wif configuring LDAP initiated and SP initiated SAML profiles wif different bindings like POST, Artifact, and Redirect as per the custom business and security requirements.