SUMMARY:

• 6 + years expertise in installation, configuration, maintenance and troubleshooting of CA Site Minder server 6.0/12.0/12.51 , LDAP directory Server 5.1/5.2/6.3, Sun Identity Manager 7.0/8.0, WebSphere 6.x/7.x/8.0, IBM HTTP 7.x, Apache V2.0.4/6.x, Tomcat, iPlanet, IIS Web Servers.
• Experienced in using IAM/PAM tools for deployment, configuration, integration and troubleshooting of CyberArk Privileged Account Security product suite - Enterprise Password Vault, Password Vault Web Access, Central Policy Manager, Privileged Session Manager, Application Identity Manager, and Privileged Threat Analytics.
• Experience in SAML based authentication 1.1 and 2.0 using Ping Federation, Site Minder Federation and integrate with Site Minder authentication and other adapter.
• Hands on experience in different LDAP directory servers like MS Active Directory 2000\2003, Exchange Server, Oracle Internet Directory, ODSEE and Oracle Virtual Directory, Solid experience in the implementation and installation of CyberArk 7.0, 9.5 and CyberArk 9.6 Privileged Identity Management (PIM) Suite
• Experience in migrating SiteMinder from R6.0 to R12.0 and upgrading SiteMinder Policy Server, Policy Store, AdminUI, WebAgent from R12.0 to R12.52 sp2. Work experience on various Cloud technologies like Microsoft Azure, Office365 for testing Federated Single Sign On.
• Experience in designing, implementing and deploying LDAP Directory Server architecture which includes replication, data synchronization, and policy store and user store management. Working experience in the development of CA-SiteMinder Single sign-on Services with SiteMinder configurations (setting up policies, realms, rules, and responses).
• Experience in administering LDAP based directory servers like iPlanet/Sun ONE Directory Server and Microsoft Active Directory. Implementing multi factor authentication using Oracle access manager, Ping federate and ping access.
• Experience in Replication, Chaining, Load Balancing, and other Administration tasks involving Netegrity/CA SiteMinder Policy Server in both Production and Non-Production environments.
• Experienced in Security Assertion Markup Language SAML and security to provide a single sign on authentication Confidential a secure server.
• Extensively worked with development teams in the design, development, implementation, and performance optimization of security solutions. Setup the federation environment and implemented SAML 2.0 wherein the authentication information can be passed to service providers as an Identity Provider. IAM experience including configuration, administering and installation of IAM suite.
• Configured user impersonation feature to enable Customer service department to provide a better service to the business clients. Worked extensively on creating Custom Password policies and Authentication schemes as per the requirement.
• Analysis, Design, Securing and Support of Multi-Tier web applications using J2EE, server side technologies using XML, Java Server Pages (JSP), WebSphere 5.X/6.X, WebLogic Server 7.X/8.X/9.X/10x
• Created Rules, Reviews and WebService for RSA Aveksa to process custom Endpoint implementations in both Production and Non-Production environments. Proficiency in the root cause analysis (RCA), implements the right solutions, and documents the procedures for future reference.
• Used Unix/Linux utilities for analyzing logs, and troubleshooting the applications with application servers and Security/Identity Management servers. Excellent communication and interpersonal skills. Highly motivated, detail oriented and organized with the ability to multi-task projects.

TECHNICAL SKILLS:

IDE/ Tools: Eclipse, Net Beans, Edit Plus, Macromedia Dreamweaver, XML SPY, JBuilder, RAD 7.0/6.0, WSAD, ITCAM, Tivoli, UML (Rational Rose, RUP), VSS, CVS.

Security Tools: IBM Identity Management and p6, CyberArk Privileged Account security 9.7.2,IBM Tivoli Access Manager 6.1.1,, Tivoli Federated Identity Manager 6.2.2.

Core Java Concepts: Collections, Generics, Multithreading, Serialization, Exception Handling, RMI, File I/O and Reflection, API.

J2EE: Java 1.6/1.7, JSP, Servlet, EJB-Session Beans, Entity Beans, JMS, JDBC, JNDI

Operating Systems: SUSE Linux 9/10/11, Windows Server 2000/2003/2008 , Unix

Languages: SQL, PL/SQL,J2EE, HTML, JAVA Script, Shell Scripting

Databases: ORACLE 8i/9i, MSQL, MS Access, MySQL

Web Servers: Sun One 4.1/5.1/6.1, Apache 2.0/2.2.4, IIS 5.0/6.0/6.5,Tomcat 4/5

Directory Services (LDAP): Novel eDirectory 8.7.x/ 8.8.1/8.8.5 , Sun One/iPlanet DS 5.x/6.x., eDirectory 8.X, Active directory (ADLDS), Tivoli Identity Management, Forefront Identity

ManagerSSO and Identity: Novell/NetIQ Access Manager, Ping Federate 6/7/8, SiteMinder R12 SP2, SP3 / R6 SP1, SAML 2.0. HP Service Manager, IBM Vantive, BMC Remedy, Service Now

PROFESSIONAL EXPERIENCE:

Confidential, NY

Cyber Ark Engineer

Responsibilities :

• Implemented CyberArk Privileged Identity management suite and session management suite for version 9.7.Prime in providing problem resolution to authentication issues to PVWA and directory sync problems. Worked on Cyber Ark Enterprise Password Vault and PVWA.
• Designed and deployed Identity & Access Management solution to improve user experience, meet compliance, and reduce costs. Installed and configure PingFederate on windows and configure Ping access and ping one for new POC based applications for cloud SASS apps.
• Experience in Implementation, installation and maintenance of CyberArk 9.6 & 9.8 PIM Suite, Experience in implementing application account management by CyberArk on Windows, Data bases and Linux servers using AIM module.
• Involved with the Access Control Management team managing the Single Sign-On environment in a mixed environment comprising of Windows, Solaris and Linux environments using SiteMinder r12/12.52 with Sun One and Active Directory for policy and user stores.
• Experience in CyberArk PAS suite which includes Enterprise Password Vault, Password Vault Web Access, Central Policy Manager, Privileged Session Manager, Proxy and PACLI. Managed CyberArk Security that offers wide range of services and support including implementation, consulting, training, maintenance, online support and vault.
• Ability to install, configure and support identity and access management related tools such CA SiteMinder, CA Identity Manager (IDM), and Oracle Internet Directory (OID). Created the Federation service between SiteMinder federated web services to Ping federate for classic migration of applications that are SAML and WS-FED based applications.
• Installed, configured, and integrated Web servers (plug-in file), SiteMinder agents and LDAP user directory with WebLogic Server V10. Experienced in installing and configuring Siteminder Policy Server and Web Agents on Solaris, Red Hat Linux and Windows environment.
• Enabling services and applications with ADFS and SAML using CA API Gateway. Design, Implement and troubleshoot Layer 7 application API Gateways for Company wide application services. Gathering technical requirements and worked as primary point of contact for clients CyberArk’s Operations and Maintenance Tasks.
• Created IDP and SP connections for SharePoint apps, Java framework, API based applications, jive based applications, and ADFS enabled apps, O365 integration and lot of third party applications.
• Involved in gathering technical requirements and establish clear definition of clients CyberArk’s responsibilities and Maintenance. Experience in Implementation, installation and maintenance of CyberArk 9.5 PIM Suite. Primary point of contact for CyberArk Operational and Maintenance Tasks.
• Worked on defining various SiteMinder Policy Server System objects and Domain objects, Password Services and associated different realms, rules, responses and policies with it, Create, manage, and administer Agents, Authentication Schemes, user directories, Agent configuration objects, Host Configuration objects, logs and cache management.
• Created Open SSL Certificates and used them to maintain confidentiality and two-way authentication while integrating with third party applications. Installation and trouble shoot in implementation of SiteMinder Trust Authentication Interceptor (TAI) for IBM WebSphere 6.0.
• Implementing OKTA solution and on boarding few applications for one of the prestigious customer. Configure Service providers, Identity Providers and update SAML Certs for SAML and troubleshoot any issues related to it.
• Hands on experience with configuring IDP initiated and SP initiated SAML profiles with different bindings like POST, Artifact, and Redirect as per the custom business and security requirements. Worked in SiteMinder environment using SiteMinder test tool and SiteMinder policy server log files and agent log files.

Environment: CA SiteMinder Policy Server v 6.0/12.51, CyberArk 9.6 & 9.8 Web Agent QMR7, Apache Web Server 2, CA Identity Minder 12.6.x, WebSphere 8.4, OKTA, RSA, Oracle RDMS, Korn shell scripting, Perl, XML, UNIX, Windows Active Directory.

Confidential, MO

Cyber Ark Security Consultant

Responsibilities:

• Privileged Access Management (PAM) project which includes implementing CyberArk Password Vault, Web Access, Central Password Manager and Privileged Session Management. Monitored Applications and WAS performance through Tivoli Performance Viewer and tuned the system caching, queuing, JVM parameters, DB Connection Pooling. Manage the day to day operations of CyberArk solutions including adding and deleting accts.
• Configured SiteMinder for SAML Federated Authentications by configuring ID Provider/Consumer using SAML 2.0 POST binding. Installed and Configured SiteMinder 5.5 Policy Servers, Web Agents, Sun ONE 5.2 and Active Directory Servers.
• Successfully upgraded Cyber ark PIM suite from v8 to v8.6, Worked with Cyber ark utilities like password upload, PAR explicate, PACLI and PAR client. Installed and Configured IBM Web Sphere Application Server 5.0 on Solaris. Installed, configured and administered Tivoli Access and Identity Manager. Automated Identity Management tasks such as user provisioning and application access based on each user's role within our organization using Tivoli Identity Manager. Managing policies and platforms. Creating and assigning Safes, reconciling accounts, rotating passwords.
• Performed Manage, Resume, Release Privileged Credential using Cyber ark Privileged Management Vault Administration, configuration, troubleshooting and installation of Windows 2003, 2008, 2008 R2, worked on Configurations including AD integration and Management of Cyber ark.
• Configuring CA Site minder System objects like Agents, Agent Conf Objects (ACO) Host

  Conf Objects (HCO), User Directories, Domains, Administrators and Schemas. In charge of operation, security and maintenance of the CyberArk stack.

• Administered the RSA/ACE servers for issuing the Soft tokens for the VPN purpose as well as the applications, which uses RSA Token authentication, Installed and configured Site minder Web agents with IIS, Apache and IBM HTTP Servers for the web interface.
• Coordinated with IAM team in creating new Site ID, Implemented password policies for all the applications using Site minder Policy Server. Configured APS, FPS, Rules, and Help Desk Functionality Replacement, Experience in installation and configuration of PingFederate 6.6/6.10/7.0. Involved in the migration of PingFederate from 6.6 to 6.10. Documented all the Site minder related on JERA Digital Confluence.
• Responsible for day-to-day maintenance of Policy Servers and provided 24X7 supports to the testing as well as production Site minder infrastructure underwent the training for AuthMinder from CA and did the installs/setup for AuthMinder in sandbox and DEV environments.
• Excellent communication and interpersonal skills. Highly motivated, detail oriented and organized with the ability to multi-task projects, maintaining a high degree of proficiency. Created policies, realms, rules and responses to implement the single and dual factor authentication Integration Custom Authentication Scheme in AEM site as per the Business requirements.

Environment: CA SiteMinder R12 SP2, Identity Manager 6.0, CyberArk, Tivoli Identity Management Active Directory, Web agents 5.x/6x, IBM WebSphere Application Server 5.x/6.x/7.x/8.x,CA Wily 8.x, J2EE, JDBC, XML,JBOSS 7, SAML 2.0, Sun ONE Directory Server 5.X/6.X, CA Identity Manager r8/r12, Apache 2.x, Ping Federate IIS 5.0/6.0, Solaris 8/9/10, Red hat Linux 5.x, Oracle 10g/11g, SQL Server 2005, DB2 8.X.

Confidential, MO

IAM/ LDAP CONSULTANT

Responsibilities :

• Worked on Pingfederate both inbound and outbound calls using SAML 2.0.
• Worked on Browser SSO using SAML and webservice SSO using WS-Security.
• Worked on OAUTH to allow access to Protected API's for OAuth Clients by getting Access
• Token from Authorization Server using various Grant Types. Used OAuth play ground to retrieve access token and refresh token.
• Extensively worked on configuring Identity Provider 'IDP' and Service Provider 'SP' on Ping Federate.
• Maintained both Test and Production servers for PingFederate along with the cluster management and timely Replications to deploy changes to servers.
• Developed custom PingAccess using Ping SDK and Implemented SAML Protection with Digital Signature.
• Extensive industrial experience in design, development, testing, integration and implementation in Identity and Access Management using tools such as Ping ID.
• Designed, deployed and supported highly available and scalable Ping Federate infrastructure in AWS and On-premise that provides single-sign-on (SSO) and federation solutions for internal accesses.
• Involved in creating component wise Low level designs to solve the MFA, SSO, new user registration, user self-services, mobile security use-cases.Ping Federate Performance tuning for supporting support heavy traffic.
• Responsible for preparing documentation for each application and also providing the Run Book to the Operations team to troubleshoot issues.
• Created multiple Connections with the third party applications both as IDP and SP initiated SSO.
• Working on multiple adapters like open token, html, Coreblox, to authenticate the users and provide the identity in SAML.
• Implemented OAUTH using Ping federate for the mobile applications as OAuth Client to get the access token in order to access protected Rest API's.
• Developed few batch and Perl scripts to automate the dump process when the process fails during its normal run.
• Migrated Policy store and key store from AD to CA Directory.
• Working on Ws- Federation to do single sign on in Soap based services using STS tokens.
• Implemented ID Token to send the user information as a part of scope with the access token.

Environment: Ping Federate Version7.1, Microsoft Windows Server 2003 and 2000 Web Server: IIS v5/6/7, Apache v2. Weblogic, Websphere, Directory Server: Sun One Directory Server 6.3.

Confidential, IL

IAM Consultant

Responsibilities :

• Installed and Configured IBM WebSphere Application Server 5.0 on Solaris and installed and maintained Siteminder WebAgent on them. Used Siteminder Policy Server which provides policy management, authentication, authorization, and accounting.
• Worked on Various authentication schemes like Secure ID, SSL, NTLM, Custom based authentication. Worked on Directory integration involving LDAP, ODBC, Active Directory, Win NT.
• Used Siteminder which provides several caches that can be configured to maintain copies of recently accessed data to improve system performance. Used SiteMinder ensure user's ability to access information quickly and securely.
• Web Agents store contextual information about user access privileges in a session cache. Worked on optimizing performance by modifying the cache settings. Enabled single sign-on across Web servers in a single cookie domain or across multiple cookie domains without requiring users to re-authenticate.
• Worked with Agent Resource Cache which stores a record of accessed resources, Agent User Cache maintains users' encrypted session tickets. Gained Sound knowledge about the Siteminder environment databases like Policy Store, Accounting Logs, Key Store, Token Data and Session Server.
• Worked on defining and developing Domains, Policies, Realms, Rules, Responses in Siteminder environment for Protected authorized access. Worked on Failover & Load Balancing strategies between WebAgent to Policy Server, Policy Server to User Directories and Policy Server to Policy Store. Maintained multiple Policy Servers and WebAgent in the Siteminder SSO environment.
• Fine tuned response time by configuring Site Minder Agents, DIT's & LDAP parameters. Installed & Configured Siteminder Policy stores, User stores and Integrated with LDAP. Expert in setting up SSO Environment for Siteminder and SunOne LDAP directory server.
• Configured enterprise applications and corrected performance problems by monitoring server availability and resource utilization analysis using Preview. Facilitated user impersonation as per business role requirements and created effective audit logs for all the impersonation events.

Environment: Siteminder12.0, IBM WebSphere Application Server 5.x/6.0, Web agents 12.0, ISS 6.0, Apache, Http web server, iPlanet directory server 5.1, Solaris 9, LDAP, XML Configuration, AAT, DB2, Solaris and IBM AIX, J2EE 1.3.