SUMMARY

• As a IAM Consultant with extensive years ofExperience in development, design, and implementing security using Identity Products.
• Experience on OAM (Oracle Access Management), SSO, ForgeRock Open AM and Open DJ. Involved in various SiteMinder upgrades including Okta
• Experience as a security professional in installing, managing, and monitoring of CyberArk Privileged account security tool modules.
• Assist application teams with CyberArk application Identity Manager Integrations and linked accounts.
• Experience with designing and development in IAM products like SailPoint IIQ.
• Experience with coding in distributed computing domain using technologies Java, XML etc.
• Installed, integrated, and deployed enterprise software in client environments.
• Developed product customizations in Java and Bean shell to meet customer requirements.
• Handling Joiners, movers, leavers process for high - risk business areas by provisioning, de-provisioning and amending accesses.
• Excellent understanding of the Agile Software Development Life Cycle (SDLC), STLC and Agile Methodologies. Developed projects for design, and implementation of SailPoint, including coordinating with vendor leadership, technical services leadership, and end user.
• Implementing the provisioning feature of SailPoint IIQ by using various connectors like LDAP, Workday, etc.
• Performed Requirements Gathering for a Proof of Concept to be implemented into their environment in development for Azure AD, PingFederate and Microsoft Active Directory server.
• Experience in installing, administrating & managing Windows server operating system (NT, 2003, 2003 R2, 2008, 2008 R2, 2012, 2012 R2, 2016) and their standard, Enterprise & Datacenter Edition.
• Hands on experience in Windows Active Directory administration, DNS, GPU, DHCP, LDAP.
• Implement Microsoft Active Directory (Access Controls, Group Policy, Kerberos Authentication, naming standards, trust relationships, best practices, security policies and standards).
• Experience in handling more than 3000+ mix of Windows server, 400+ ESXi servers, Remote data center, Multiple vCenter
• Hands-On experience with customization of ForgeOps Connector development, writing scripts and building of ForgeRock workflows.
• Development of review access application (IdentityIQ), bug-fixes, addition of new certification tools, user interface changes on business demands.
• Strong knowledge of Web Access Management and SSO technologies (Okta, SAML and OAuth)
• Experience in using SiteMinder Federation services and web agent option packs to build and maintain Federation infrastructure to provide SSO functionality to external applications.
• Experience on setting up SAML applications in OKTA Installing AD / IWA agents on member domains, validating single sign-on, user provisioning and troubleshooting password synchronization across multiple Okta platforms.
• Configured and Deployed SailPoint IIQ Connectors for various target systems.
• Involved in Configuration and development of SailPoint Life Cycle Events (LCM).
• Implemented Restful web services to connect the AC and SailPoint applications and fetch the data into portal application.
• Configuring various roles and policies in SailPoint.
• Strong understanding of internal technicalities of SailPoint IIQ.
• Continuously improving and automating in IAM technologies that consist of PingFederate, Ping Access, Ping ID, Forge Rock, Okta, SiteMinder and LDAP directories.
• Hands on experience in IAM requirement analysis, implementation ofAccess GatewaysandSAML, Oauth, WS-FedandOpenIDbased integrations usingPing Federate
• Hands on experience on PingFederate 7.x,8.x,9.x, and Ping One.
• Perform installation, configuration and maintenance of Access Manager and policy agents.
• Expert in generating, implementing SSL certificates in both IIS 5/6/7,8, Apache 2.x.
• Worked on Ping ID for Multi-Factor authentication in Dev and Production environments.
• Worked on Implementing OAuth Configuration with the Clients to get the Access Token to access the web API’s
• Expert skills in application programming using Java, Servlets, EJB's, JDBC, JMS, XML and JavaScript.
• High level of understanding on Federation services.
• Experience in installation of PingFederate, and troubleshooting in Windows IIS, Apache Tomcat, and Red hat Linux webservers, Unix servers.
• Developed standard operating procedures and technical documentation of PingFederate components for user training and support.
• Experience working with LDAP to generate IDP and SP initiated SSO request using POST, and Redirect Protocols.

TECHNICAL SKILLS

SailPoint: Identity and Access Management (IAM), SailPoint IIQ 6.2, 6.3,6.4,7.0and 7.2 workflow solution.

IAM Tools: ForgeRock product suite - Open AM / SSO, ForgeOps Open DJ / LDAP, OpenIG / Reverse proxy and AWS IAM

Java & J2EETechnologies: Core Java, Servlets, JSP, JDBC, JNDI, Java Beans, Hibernate, spring, Tiles, Struts.

Frameworks: MVC, Struts, Hibernate, Spring.

Programming Languages: C, C++, Java, UNIX, Python, Linux shell scripts.

Access Manager: Oracle Access Manager, ForgeRock Open AM, IBM Security Access Manager

Databases: Oracle 11g/10g/9i, MySQL, DB2, MS-SQL Server.

Webservers: Web Logic, Web Sphere, Apache Tomcat.

Web Technologies: HTML, XML, JavaScript, AJAX, SOAP, WSDL.

Network Protocols: TCP/IP, UDP, HTTP, DNS, DHCP.

Tools: Ant, Maven, Log4j, Identity Access Management, SailPoint IIQ, 6.1, Sun Identity Management.

Front -End Technologies: HTML, XHTML, DHTML, CSS, JavaScript, AJAX, and Angular.JS

PROFESSIONAL EXPERIENCE

Confidential, Charlotte, NC

Sr. ForgeRock IAM Engineer

Responsibilities:

• Upgrading Cyber Ark suite of products from 7.x to 9.x. (CPM, PSM, EPV, PVWA & AIM).
• Worked on Privileged Account Management with CyberArk PIM suite Administration.
• Worked with different teams to implement single sign on using SAML 2.0, OAuth 2.0.
• Actively involved in code reviews, discussions and infrastructure reviews, interacted with internal project teams and managers
• Experience on IAM products from ForgeRock (Open IDM, Open AM and Open DJ) and building IAM solutions implementing OAuth2 and ODIC specification.
• Identifying distribution and packaging mechanism for the python package of the solution
• Directly engage with and advise clients on DIAM implementation to coordinate technical, security, and process aspects of DIAM integration.
• Worked from technical specifications to independently develop test scenarios to test and verify Identity and Access management solution. Tested custom configuration ofSailPointIdentity and out of box Workflows as per the business needs.
• Tested Employee, Contingent workers provisioning, off boarding, on boarding, rehiring and LOA process in Identity and Access management solutions as per customer requirements.
• Experienced on AWS EC2, EBS, ELB scaling groups, Trusted Advisor, S3, Cloud Watch, Cloud Front, IAM, Security Groups, Auto-Scaling.
• Identifying distribution and packaging mechanism for the python package of the solution.
• Developed tools using Python, Shell scripting, XML to automate some of the menial tasks
• Upgrading from 6.4 to 7.0 and involved in installation ofSailPointIIQ in various environments like UNIX and Windows.
• Installation, integration and configuration of Jenkins CI/CD, including installation of Jenkins plugins.
• Managed infrastructure of ForgeRock Open Open AM, Open DJ and OpenIDM.
• Integrating new application with SailPoint and ForgeRock as per requirements.
• Integrated a technology risk management program with the company's enterprise-wide operational risk management program
• Experienced on Cloud based Identity and Access Management Solutions likeOKTAandPing One.
• Facilitated a balanced and rational set of risk-based IT general controls including formal risk registers and SDLC checkpoints
• Installing, configuring and customizing ForgeOps, ForgeRock products (Open AM, Open DJ, OpenIDM)
• Engaged to help client design and implement a Single Sign on Solution using the ForgeRock stack using Open AM and Open DJ for a billion users, with a rapidly changing software base using an Agile model and continual build / test process
• Expertise in using J2EE technologies like JSP, Servlets, EJB, JDBC, Java Beans, JMS, RMI JNDI, XML and Web services (RESTful and SOAP).
• Working on different products from CA, IBM, Microsoft, Secure Auth, Okta, OneLogin, Amazon PingFederate, Confidential, Centrify, CyberArk and Beyond Trust.
• Has experience in implementing IAM solution using ForgeRock Identity Stack (Open IDM, Open AM, Open DJ).
• Having Knowledge in JavaScript frameworks, JavaBeans, which includes Angular JS,
• Work closely withSailPointarchitect and engineers for design and solution architecture Implementation of Self-Service feature ofSailPointIIQ.
• Implementation of Password features (PTA, forgot password, Change Password) ofSailPointIIQ.
• Configured SAML single sign-on (SSO) instance for internal and external users, wherein external users and internal users performing various administrative tasks that included managing external and federated users Develop custom SailPoint Rules and Workflows as per the business needs.
• Experienced in integrating various applications withOktato provideSSOas well as user provisioning, deprovisioning and reconciliation.
• Engineered and implemented password policies within the LDAP environments to comply with General Motor's technical security information policy.
• LDAP migration from open dap to Jump cloud as directory as a service
• Executed annual business continuity testing within LDAP environments.
• Presented LDAP schema extensions and custom ACI's to obtain approval from GM's governance council.
• Experienced in Build and Deployment of CI/CD Pipelines using Jenkins
• Actively involved in code reviews, discussions and infrastructure reviews, interacted with internal project teams and managers.
• Configured Affiliate agents, RADIUS agents to provide federation of web services in the SSO environment providing authentication & authorization to IDM. Microsoft FIM, SailPoint IIQ, Oracle IM, SAP IDM, NetIQ IDM ForgeRock OpenIDM and CA Identity Manager.
• Development of infrastructure automation in AWS (EC2, DynamoDB, Lambda, EBS, RDS, Dynamo, ELB, EIP etc) with AWS Cloud Formation.
• Design and implementation of Users database access provisioning, de-provisioning and password reset management usingSailPointIdentity IQ. Created and ran the aggregation task to bulk load authoritative source data from Active Directory, Exchange and LDAP.
• Provided L-1 support to resolve the tickets raised by Application teams or clients onCA SiteMinder, PingFederate, Ping AccessandOkta.
• Worked on provisioning users from OKTA to AD and also importing users from AD to OKTA.
• Design complex exclusion rules, correlation and data loading tasks in Identity IQ.
• Involved in all phases of testing from creating test cases to sending the reports for validation approvals.
• Using Form Models Concept creating the Identity IQ objects like Quick links, Forms, Rules, and Custom Objects to design the workflows.
• Worked exclusively with different teams and users to get them registered with OKTA.
• Design correlation and data loading tasks in IdentityIQ.

Confidential, PA

IAM ForgeRock Engineer

Responsibilities:

• Experience in installing, configuring and customizing ForgeRock products (Open AM, Open DJ, OpenIDM)
• Responsible for installation, configuration, troubleshooting, and on-going maintenance of ForgeRock Identity and Access Management on UNIX/Linux environment
• Involved in building, testing, supporting, and determiningSailPointIdentity IQ Solution design.
• Involved in complete implementation of SailPoint IQ 7.0 version.
• Development of Lifecycle Manager Workflows, Lifecycle Events, Certification Events, Custom Email Templates and Task Definitions.
• Hands on experience with IAM products (Aveksa, SailPoint, Oracle IDM, IBM identity manager, ForgeRock, Ping identity, Courion, CA Identity)- Design and engineering experience, handling updates & patches
• Designed and deployed Forge Rock Open AM and Open IDM to migrate from CA Cloud minder. Multi Factor Authentication (RSA, DUO, Secure AUTH, ForgeRock, SailPoint, CA Arcto, Okta).
• Configured Organizational, Business, and IT roles for various application entitlements.
• Aggregation, Refresh of data from Authoritative, non-authoritative applications to Identity IQ using Direct Connectors like File Delimiter, JDBC, Active Directory, LDAP.
• Integrate SailPoint IQ 7.0 technologies with in-house and third-party applications for birthright provisioning, access request approval and fulfillment, provisional, custom workflows.
• Custom SailPoint Rule library to provide role selection extensibility in custom SailPoint Forms eliminating future code revision in workflows.
• Highly dynamic environment with sprint teams using agile methodology.
• Responsible for code implementation, SailPoint custom workflows such as LCM Joiner workflow, Request Access, Self-Registration and Remove Access workflow having multiple levels of custom approvals with email notifications.
• Experience on OAM (Oracle Access Management) SSO (Single Sign on), ForgeRock Open AM & Open DJ.
• Improved Ansible with use of EC2 for accessibility, run deck as job scheduler, Jump Cloud as directory service, Docker for containerization, and Nginx to provide container security
• Experience in working with Microsoft, Azure, Okta to build custom integration for clients.
• Performed the task of onboarding UAR data into SailPoint. Responsible for implementing scoping, preparing reports, task definitions and rules for facilitate this onboarding process.
• Provision user access, manage applications, assign roles using LCM.
• Performed Access management and reporting using Compliance Manager, Key responsibilities included assisting the client in their Role Based Access Control and Separation of Duties (SOD) policies initiatives.
• Developed reports, analytics using the Identity IQ provided role/user/audit search.
• Performs IAM technical support and development, including monitoring and responding to server events, ensuring data replication, gathering IAM statistics, and performing general maintenance by working with Level 2 and/or Level 3 operations personnel.
• SSB (Service standard build) process for customizations developed during the implementation phase.
• Used Rational Clear Case for check-in checkout and merging the various code versions.
• Implemented Access Certification, Automated Provisioning and Governance aspects of IIQ.
• Develop complex workflows and service adapters in the SailPoint Identity IQ configuration interface.
• Worked with various application teams to establish connectivity AD, e Directory, People soft.
• Experienced in database creation and maintenance and thorough understanding of identityiq DB stricture and design.
• Created the API security designs using CA API gateway.
• Implemented Self-service feature, Password management feature, Provisioning feature and forgot password change in SailPoint.
• Experience in installing, configuring and customizing ForgeRock products (Open AM, Open DJ, OpenIDM)
• Managed client requirements and configure SailPoint connectors.
• Rewriting the workflows to encompass the new way of provisioning. Restructured the entire product to reflect direct provisioning across a large number of applications.
• Responsible to manage Administration functionality of the SailPoint such as loading data, create roles, create policies, scheduling tasks and certifications and reports.
• Included the improving Identity and Access Management (IAM) capabilities by controlling access to applications and systems that contain critical and sensitive information.

Environment: SailPoint Identity IQ 7.0, LDAP, Dell Active Roles, Active Directory, Jboss, My SQL, XML, WebSphere 8.0, Ping Federate, Centrify, TPAM, CA IDM, SQL server, Python, JavaScript, REST Web services.

Confidential

IAM Engineer

Responsibilities:

• SailPoint IIQ Installation and Configuration as required by the design solution
• Has experience in implementing IAM solution using ForgeRock Identity Stack (Open IDM, Open AM, Open DJ).
• Design SailPoint deployment and solution architectures.
• Developed complex workflows and service adapters in the SailPoint Identity IQ configuration interface.
• Assisted in updating workgroups for SailPoint IIQ.
• Designed and implemented Access Certification, Automated Provisioning and Governance aspects of IIQ.
• Participated in all SailPoint deployment activities - connector configuration, custom rule development, workflow configuration and development, third party system integration.
• Monitored SailPoint IIQ product functionalities.
• Responsible for installation, configuration, troubleshooting, and on-going maintenance of ForgeRock Identity and Access Management on UNIX/Linux environment
• Experience on setting up SAML applications in OKTA Installing AD agents on member domains, validating single sign-on, user provisioning and troubleshooting password synchronization across multiple Okta platforms.
• Performed Installation and configuration of SailPoint IdentityIQ.
• Developed custom SailPoint Build Map Rules and Workflows as per the business needs.
• Setup applications Active Directory, LDAP, Oracle and Flat Files.
• Implement REST classes using SailPoint Rest Application.
• Evaluated IAM tools from the vendors like CA, IBM, Ping Federated, OKTA and ForgeRock products. Implemented POCs using ForgeRock Open AM and ForgeRock OpenIDM.
• Using IIQ Console for operations such as checkout, import, connector Debug etc.
• Provide knowledge transfer and postproduction support activities, as necessary.
• Managed client requirements and configure SailPoint connectors.
• Involved in creating custom reports, certifications in order to cater various data feeds.
• Design and Implement data import of various types of data files from internal and external target sources for validating access levels.
• Execute (SailPoint IIQ) test cases through multiple launches and to include development and test environments.
• Involved in IAM Process documentation.
• Provided project management support across multiple security work streams.
• Provisioning and access governance experience with and understanding of security on systems such as AD, LDAP/Unix, Oracle, Sybase and manual provisioned applications.
• Widely use informatica for ETL testing and scheduling the workflow.

Environment: SailPoint IIQ 6.0,6.1,6.1p2, J2EE, HTML, CSS, JavaScript, JSF, Hibernate, MySQL, SQL Server SSIS, HTML, Bean shell script, Tomcat 7, BEA WebLogic, Apache, Struts, Log4J, Rapid SQL, XML, Informatica.