- Experience in architecting solutions across the enterprise using IAM products at various customer sites.
- Extensive design and implementation experience in Identity and Access Management space.
- Experience in SSO implementations using SAML, OAuth 2.0 & OIDC protocol using products like ISAM, ForgeRock IdM, AM and Ping Federate.
- Experience in cloud based IAM implementations using AWS, Azure AD, Azure PIM, Office365 and Azure B2B/B2C
- Extensive design and implementation experience on risk based Multi Factor Authentication setup for internal /external applications using tools like ISAM, Forge Rock and Ping Federate.
- Expertise in performing IAM assessments, defining solution architectures, and strategic roadmaps.
- Experience in managing privileged identities using Privileged Identity/Access Management products like CyberArk and IBM Privileged Identity Manager.
- Experience with identifying security gaps, providing technical controls and representing customer for internal security audits.
- Extensive working experience in analyzing requirements, designing architecture and executing projects related to Identity and Access management with SSO and building custom framework using Java or .Net.
- Experience in implementation of Role Base Access Controls and Multi - Factor Authentications.
- Excellent customer and partner relationship management skills.
- Management consulting expertise encompass providing end-to-end advisory services for clients from concept through roll-out of IdAM program initiative.
- Knowledge on Apigee Micro Services & AWS infrastructure.
- Knowledge on DevOps tools like Git, Ansible, Azure DevOps, and Jenkins
- Knowledge on other IAM products like SailPoint, Okta & Saviynt.
- IBM Security Access Manager 9.0.5, IBM Security Identity manager 6, ISAM AAC (Advanced Access Control), Forgerock AM, Forgerock IdM, Okta, CA, Sun Identity Manager, Siteminder & Sailpoint IIQ.
- Ping Federate 8, ISAM Federation 9/
- CyberArk PAM, IBM Security Privileged Identity Management,
- IBM Security Directory Server, Forgerock DS, Sun Directory Servers & Active Directory.
- IBM Security Directory Integrator.
- Apache Tomcat, BEA WebLogic, IBM WebSphere Application Server.
- IBM DB2, My SQL
- Windows, AIX, Linux and Solaris.
- Qradar, Splunk.
- Shell, Perl & Ansible.
- Lead IAM Architect/Engineer for Customer Identity and Access Management program
- Have put together strategy & roadmap for rolling out privileged identity management to secure & harden enterprise platforms, operating systems, applications and databases.
- Implemented SSO integrations, MFA and user journeys for customers.
- Design and develop CI/CD process for IAM infrastructure and deployment automation
- Develop IdM orchestration flows for registration, self-service and provisioningManage co-ordination of the partners and working groups engaged in project work.
- Provide weekly status reports to the project sponsor.
- Design and Implement multiple federated connections using OAuth2.0 and OIDC protocols in ISAM AAC and Ping Federate.
- Implement Clustering, High Availability on Access Manager Application.
- Provide & Implement SSO (Single-sign on) solutions to multiple internal/external partners using Ping Federate.
- Preserve assets by implementing disaster recovery and back-up procedures and information security and control structures.
- Manage the deployments of different applications to multiple environments.
- Provide technical support for implemented applications; diagnosing and reporting bugs, applying patches and upgrades as needed.Lead efforts to stabilize the systems and provide client with a long-terms security and IAM direction that meets current and future risks and threats.
- Lead the L2 production support activities and monthly maintenance activities
- Perform the technical leadership for solving complex programming tasks.
- Integrate Security Access Manager Audit logs with Splunk application.
- Guide and mentor to other team members in design and development.
- Maintain quality service by establishing and enforcing organization security standards.
- Maintain professional and technical knowledge by attending educational workshops; reviewing professional publications; establishing personal networks; participating in professional societies.
IAM Security Consultant
- Requirement gathering and organize business meeting
- Lead the design, development and implementation of highly-scalable Identity and Access Management solutions using ForgeRock's Open Access Manager and IBM Security Identity Manager Suite.
- Designed and developed custom adapters for VMS system and ABS.
- Developed VMS Identity Framework using open source open Identity Framework API to connect and perform the operations in VMS system.
- Developed adapters to communicate from ISIM 6.0 to VMS system using TDI and VMS Identity Framework API.
- Installed and configured the custom adapters in ISIM 6.0.
- Created Provisioning policies, Adoption Rules, ACIs and Workflows to manage user life cycle operation
IAM Lead Engineer
- Design & Develop RBAC (Role based access control) solution using ISIM 6.0.
- Implement the privileged identity manager solution to audit and manage privileged IDs.
- Configured the solution of DPRA (Desktop Password Reset Assistant) and self-service password reset functionality for all end users at SRP.
- Migrated the identity management system from TIM 5.1 to ISIM 6.0.
- Integrated the Pathlore (Learning Portal) systems to ISIM 6.0 to manage identities.
- Migrated custom adapters to support with ISIM 6.0.
- Managed deployment to multiple environments.
- Provided technical support for implemented applications; diagnosing and reporting bugs, applying patches and upgrades as needed.