SUMMARY:

• Identity an Access Management(IAM) Architect with over 15 years of IT experience working in a variety of industries, helping clients build secure, scalable and reliable IAM solutions on - premise and in the cloud. Primarily focused on managing technology risk with direct experience in the following areas:
• Design and Implementation of several large-scale IAM solutions based on zero trust models.
• Security architectures for cloud and hybrid scenarios.
• Security Controls & Compliance (NIST SP 800x, FedRAMP, ISO 2700x, OWASP, PCI DSS, Cloud Security Alliance).
• AWS Products and Services.
• Web Application Security.
• Automation using DevOps tools for standardization and security compliance.
• Micro Services and Server-less architectures.

TECHNICAL SKILLS:

AWS Services: - EC2, IAM, S3, VPC, EBS, ELB, RDS, API Gateway, SNS, SES, SQS, Route 53, Glacier.

DevOps: - Jenkins, Maven, Chef, Git (GitHub).

Infrastructure automation: - AWS Cloud Formation.

Monitoring and Logging: - Cloudwatch, CloudTrail.

Microservices: - AWS Lambda.

Content Delivery Networks: - Akamai, AWS CloudFront.

Scripting and Programming Languages: - Python, Ruby, Bash, Java, JSON, AWS CLI.

Security Standards: - J2EE Security, SAML 2.0, XACML, WS-Security, WS-Federation, OAuth.

Identity and Access Management: - Active Directory, Okta IDaaS, Ping Federate 5.1, Oracle IAM Suite (OIM, OAM, OID, OVD, ODSEE, OHS), IBM Tivoli IAM Suite (TAM, TDS).

Application Servers: - Weblogic, WebSphere, Apache, Tomcat.

Operating Systems: - Linux, Windows.

RDBMS: - Oracle, MySQL RDS.

Key Management Infrastructure: - AWS KMS.

Enterprise Architecture Framework: TOGAF.

PROFESSIONAL EXPERIENCE:

Confidential, Columbia, MD

IAM Architect (Consultant)

Responsibilities:

• Provide architectural and development support to provide authentication and Identity management services for 15.5+ Million users on HealthCare.gov during Open Enrollment Period 2015.
• Architectural, design and development support for several IAM components build upon Oracle IAM Suite (OAM, OID, OVD, OIM) and Oracle RDBMS.
• Develop Proof of Concepts for migrating IAM services in AWS Cloud using Okta Identity as a Service (IDaaS) and other AWS services.
• Guide development teams on design and implementation of custom Java/J2EE web applications.
• Create design documentation artifacts including but not limiting to Preliminary Design Review (PDR), Detailed Design Review (DDR), System Design Document (SDD), Implementation Plans and Interface Control Document (ICD), architecture diagrams (Physical/Logical/ Data/System/Network/ Security/ Performance) and present these to Technical Review Board for reviews.
• Use best practices, sound architectural principles, and security guidelines while implementing changes within EIDM and integrating EIDM with different external systems.
• Worked with Application/Business leads to propose architectural options to integrate EIDM with a variety of applications hosted on AWS, Salesforce and several on-premises data centers.
• Work closely with CMS GTL team, Vendors (including Oracle A team), infrastructure and performance management teams to propose and implement architectural and design changes for several CMS web applications including Portal, HC.gov and cloud based applications.
• Used best practices, OWASP Top 10 and other web application security principles while implementing changes within EIDM.

Technical Environment Oracle Identity Management 11g R2 PS2 Suite, Weblogic, Java/J2EE, Spring Hibernate, Okta IDaaS, AWS Services (EC2, IAM, S3, VPC, IAM, EBS, API Gateway, ELB, Lambda, MySQL RDS, Cloud Formation templates), SAML 2.0

Confidential, Mclean, VA

IAM Tech Lead (Consultant)

Responsibilities:

• Designed identity management solution targeted towards 1800+ financial institutions including Servicers, Sellers, and Loan prospectors.
• Worked closely with cross-functional teams of architects, developers and testers during design, implementation, functional and performance testing of the solution.
• Assisted various teams in resolving several system integration and security vulnerability issues.

Technical Environment Oracle IAM Suite, Tivoli Access Manager(TAM), Oracle RDMBS 11g, Weblogic 11g, Tivoli Directory Server

Confidential, Atlanta, GA

SSO Solutions Architect (Consultant)

Responsibilities:

• Conducted interviews with Business Owners and other stakeholders to under requirements.
• Worked on solution architecture and detailed technical design to build next generation WAM platform supporting multiple digital channels (Web, Mobile, Tablet and Text Banking) for 4M+ retail and wholesale customers.
• Worked on the conceptual architecture of building Identity Federation capability and integrating it with the WAM platform.

Technical Environment Oracle IAM Suite, Active Directory, Oracle RDBMS

Confidential, Mclean, VA

IAM Tech Lead (Consultant)

Responsibilities:

• Worked along with Business sponsors, vendors, analysts and architects in planning phases of proposed automated customer setup system for requirements and architecture related activities.
• Improved connectors and reconciliation processes to minimize data synchronization issues.
• Analyzed several performance-related and security vulnerability issues and propose solutions to Development team.

Technical Environment Oracle IAM Suite, Tivoli Access Manager(TAM), Oracle RDMBS

Confidential, Rockville, MD

Identity and Access Management SME (Consultant)

Responsibilities:

• Worked closely with Task Order managers to prepare and present several documents leading to a strategic roadmap for Identity and Access management implementation for FDA.
• Integrated Oracle Entitlements Server (OES) with application containers to enable XACML based authorization framework.
• Worked along with Oracle Fusion Middleware A-team and application teams for integration of OES with business applications.

Technical Environment Oracle IAM Suite, Oracle RDMBS, XACML

Confidential, Arlington, VA

ERS Specialist Manager

Responsibilities:

• Designed the security infrastructure to provide centralized authentication, authorization, audit, Single-Sign-On, encryption and Oracle Web Center security.

Technical Environment Oracle IAM Suite, Oracle Web Center

Confidential, Reston, VA

Engineering Tech Lead

Responsibilities:

• Provided engineering support to Security architecture team in designing an Enterprise Security Token Service (STS) to generate SAML tokens to be used in SOA platform and other enterprise applications for web services authentication.

Technical Environment Tivoli Access Manager, Weblogic, STS, SAML 2.0, SOAP Web services