SUMMARY:

• Designed, Installed, configured and maintained CA Siteminder Policy Server 6.X/12.X, and LDAP, Microsoft Active directory on Red Hat Linux and Windows platforms, worked on windows authentication using NTLM login servers configuring it with ntsso authentication scheme for many corporate and commercial environments.
• Installation and Configuration of other IAM components - Tivoli Access Manager Policy Server, Access Manager Authorization Server, Tivoli Access Manager Web SEAL Server, ITDI 6.0, Web Sphere Application Server (WAS 5.1), IBM UDB DB.
• Worked extensively on J2EE Platform for developing Web and Distributed Applications by using JDBC, JSP, and Servlets with MVC architecture.
• Having Core Java development experience.
• Developed business modules using Hibernate & Spring frame work technologies.
• Implemented Business logic in the middle-tier using Java classes, Java beans.
• Privileged Access Management (PAM) project which includes implementing CyberArk Password.
• Experience in using customized crystal reports for generating performance reports and in performance tuning of policy servers and its components.
• Created the trusted host and other configuration settings using web agent Configuration wizard.
• Created the Policy Domains and Affiliate Domains.
• Created the Realms and Policies under the Domains.
• Installed the web agent optional package for FSS.
• Created the Federation Web Services Domain to use SAML 2.0 requests.
• Created and configured the SAML service Providers under the Federation Partners.
• Configured the SSO (Single sign-on) and SLO (Single Log-off) for all the service providers.
• Configured the signed Authn Requests for all the SSO.
• Installed and configured the simple SAMLas SP.
• Created custom FCC login page and configured in the Authentication Schemes.
• Installed Default and client specific certificates on to policy services using smkeytool.
• Worked on troubleshooting for LDAP and Siteminder issues with Support Teams for newer initiatives at organization level.
• Installed & configured Directory Server Console Center (DSCC) on various platforms in various environments.
• Involved in writing the scripts like backup, replication monitoring and configuration statistics for Oracle Directory server 11g.
• Experience in design, integration and support of new applications with SSO.
• Trouble shooting various issues related to policy server and webagent.
• Experience in troubleshooting various issues in LDAP database. Exporting, importing, performance tuning, creating and maintaining user and group profiles in LDAP database.
• Knowledge in CA Authminder and Riskminder.
• Experience in trouble shooting various issues, checking and maintaining health of Unix environment.
• Automation of various manual tasks like backups, logs housekeeping, monitoring and checking health of servers with shell and Perl scripts.
• Installation and implementation of monitoring tools Sitescope, Appdynamics, CA Wily APM for SSO.
• Ability to adopt new technologies
• Effective communication and interpersonal skills.
• Strong analytical skills
• Active Directory server (LDAP) and various Web & Application servers. On Solaris, Windows platforms and Red hat Linux Operating systems. Installed and configured SiteMinder 5.5 Policy Servers, Web Agents, Sun ONE 5.2 and Active Directory Servers.
• Experience in implementation of Security Management tools in enterprise wide Applications to achieve Authentication, Authorization and Accountability.
• Experience in analyzing the logs (logs, trace logs) and Troubleshoot issues in Integration of other applications using with the help of CA SiteMinder (Access Management).
• Experience with Identity Management tools along Web-server agents, Siteminder federation services and LDAP.
• Experience in deploying CyberArk's Privileged Account Security Solution involving Enterprise Password Vault, Session Manager, and Application Identity Manager.

WORK EXPERIENCE:

Confidential, Lansing, MI

IDM/Information Security Engineer

Responsibilities:

• Installed, configured and maintained Netegrity/ CA SiteMinder Policy Server 6.X/12.X, CA IDM r12.x and Sun ONE Directory Server 5.2 on distributed platforms.
• Installed and configured CyberArk Privileged Identity management suite and session management suite for version 9.7.
• Configured CyberArk Central Policy Manager (CPM) for Auto-managing the password of all the shared accounts.
• Extensive experience with CyberArk's security products such as Enterprise Password Vault, Privileged Identity Management, Application Identity Management including design and implementation of Disaster Recovery hot-site and development of the BCP plans using LDRPS.
• Involved and implementation of CA Identity Manager Solution and CA Governance Minder for workflow implementation, delegated administration, provisioning and generating audit reports to be consistentt with the security regulations.
• Expertise in setting up, configuring and administering CA Governance Minder connector.
• Installed and configured Pingfederate 7.0.1 with the existing Siteminder environment and used LDAP authentication for the admin console.
• Implementing custom agents on Siteminder admin console for Pingfederate connections.
• Created AWS and Azure templates for scaling IAM infrastructure to multiple locations across the geography.
• Have effectively handled IDM administrative tasks including creating, defining, editing IDM objects, password policies, bulk account actions, and IDM approval.
• Created and updated the provisioning policies as per the change in the business environment using Policy Xpress and Prepared test cases for migration of sun IDM.
• Integrated IDM Providing Authentication and Authorization to IDM with CA SSO.
• Configured CA SiteMinder policy server, Policy Server maintenance, framing Rules and Policies, Web Agent & Application agent installations, SSO call clearance, troubleshooting prod issues.
• Involved in Migration ofSiteMinder6.x to 12.x for advanced Load balancing, failover configurations and for facilitation of user impersonation.
• Installed, configured and integrated Web servers (plug-in file), SiteMinder agents and LDAP user directory with Weblogic Server V10.
• Implemented Password Vault for securing, managing, rotating the privileged passwords for sensitive applications and integrating with Identity Manager to secure hard coded credentials in the application codes to be secured in CyberArk Digital Vault securely.
• Configured CyberArk Enterprise Password Vault(EPV) to secure, manage, automatically change and log all activities associated with all types of Privileged Passwords
• Configured CyberArk Password Vault Web Access (PVWA) to end User as well as Admin Console for managing all the service accounts.
• Administrating Active Directory Domain Services and Implementing Group policy objects.
• To manage the user identities CA IDM was used. Identity Management, Multifactor authentication and Password Management.
• Experience with utilizing Token Translators and Integration Kits for integrating identity enabled web services through SSO environment.
• Installation configuration and maintenance of RSA authentication manager 6.x for enabling token-based authentication along with the form-based authentication as a part of the security solution.
• Experience in administering LDAP based directory servers like iPlanet/Sun ONE Directory Server and Microsoft Active Directory.
• Configured SSO Integration Adapters in Single Logout (SLO), SSO implementation for session cleanup.
• Creating Open SSL Certificates and utilizing the same for Federation of external Services to accomplish the reason for message integrity, maintaining confidentiality and bilateral Authentication.
• Experience in configuring SSO with Ping Access using various authentication schemes like Form based and certificate based.
• For performance monitoring the identity management servers and components we used wily and One view monitor.
• Experience using customized crystal reports for generating performance reports
• Responsible for 24x7 Oncall, setting up of new UNIX boxes and installing the Sun Solaris and Linux OS on them.

Environment: SAML 2.0, CA SiteMinder 5.X/6.X/12.x, LDAP, CA Governance Minder 12.6.1, Active Directory, Sun ONE Directory Server 5.X/6.X, CA Identity Manager r8/r12, PingFederate 6.x/7.x, CyberArk Privileged Account security 9.7.2, Tomcat 5.5, Apache 2.0, Wily Introscope 7.0/7.2, Red Hat Linux, Solaris 8/10, Windows 2000/2003, Oracle 10g/11g, SQL Server 2005, DB2 8.X.

SiteMinder / IDM/ LDAP Security Analyst

Responsibilities:

• Configured SiteMinder for SAML Federated Authentications using SAML 2.0 POST binding and configured ID Provider/Consumer. Installed Web Agent Option Pack and created Partnerships, Documented Visio for SAML, AuthSchem.
• Day-to-day maintenance of SiteMinder policy servers and troubleshooting production issues, Coordinated with the Service providers and identity providers during the SAML Certificate upgrade and architectural changes.
• Worked on CA IDM. Used CA IDM predominantly for the Identity management of the users in the company.
• Implemented Federation between Siteminder FWS and ADFS where ADFS is a Service provider for cloud-based apps like Azure hosting tenant resources and Vanguard as IDP and authentication logic is going through Siteminder.
• Served as back-up for AD Account Administrator; handled GPO configuration / NTFS permissions and network drive / folder access, provided users requested access without any interruptions.
• Primary support for the IDM team to resolve account propagation and sync error issues for users across the globe.
• Involved in Installation, Configuration, and Maintaining of Microsoft Windows 2003/2008/2012 Servers, and Microsoft Active Directory Services.
• Upgraded CA SiteMinder to R12 from 6 and installed the Admin UI and configured the FSS Admin GUI Configuring User Authentication Stores, Policy Stores and Key Stores on VDS and maintained replicated environment for load balancing and failover.
• Configuring CA Siteminder System objects like Agents, Agent Conf Objects (ACO) Host Conf Objects (HCO), User Directories, Domains, Administrators and Schemas.
• Administered the RSA/ACE servers for issuing the Soft tokens for the VPN purpose as well as the applications which uses RSA Token authentication.
• Experience in implementing Password Policies and reading the password blob using SM agent API, created policies, realms, rules and responses to implement the single and dual factor authentication.
• DSML framework was implemented for non-LDAP applications to integrate with Enterprise SSO through web services over HTTP/SOAP.
• Implemented password policies for all the applications using Siteminder Policy Server. Configured APS, FPS, Rules, and Help Desk Functionality Replacement.
• Responsible for day to day maintenance of Policy Servers and provided 24X7 support to the testing as well as production Siteminder infrastructure, Attribute and authorization portability across autonomous security domains for customers. Documented all the Siteminder related on JERA Digital Confluence.
• Underwent the training for AuthMinder from CA and did the installs/setup for AuthMinder in sandbox and DEV environments Implemented Ping Identity's PingFederate v.2.1 using SAML 1.1 protocol to provide authentication.
• In House Applications: Access Request Portal(ARP), Atti, Directory Services, IdM Support Tools, eMIDAS, eAccess, Password Management Tool, DB Sec ISAC.

Environment: CA Identity Manger r8.1, 12.5, Active Directory, AXM Server LDAP 5.2, CA SiteminderSecure Proxy Server r6.0, RSA Access Management 6.1 sp1, 6.2, RSA Federate Identity 4.1, 4.2, IHS Web server, Rational tools, SQL Server 2005, Linux, Windows 2008, 2008R2, J2EE.

Siteminder consultant

Responsibilities:

• Designing solution for integration of existing siteminder policy server infrastructure with Iportal for user logon.
• Preparing functional requirements and assisting in non-functional requirement preparation.
• Guiding front end code development team for required pages developed/modified for new requirement.
• Exchange knowledge with Iportal team and parameters required for SSO.
• Creating, exchanging and importing certificates for secure communication between SP and IDP.
• Create new policies, 0061uthentication schemes for integration in policy server.
• Setup jobs for LDAP data sync between both systems.
• Work and guide with test team to create testing scenarios, performance tests and analyses output to improve configuration.
• Provide support post deployment and continuous enhancements where possible.
• Incident/Problem/Change management.

Environment: CA Identity Manger r8.1, 12.5, Active Directory, AXM Server LDAP 5.2, CA SiteminderSecure Proxy Server r6.0, RSA Access Management 6.1 sp1, 6.2, RSA Federate Identity 4.1, 4.2, IHS Web server, Rational tools, SQL Server 2005, Linux, Windows 2008, 2008R2.

LDAP- Siteminder Administrator

Responsibilities:

• Installed configured and administered Sun One LDAP Directory server and siteminder policy server on Sun Solaris and implemented single sign on across multiple domains using Cookie Provider.
• Installed and configured various web agents in accordance with the web servers involved.
• Performance tuning for LDAP and siteminder for better response time and throughput.
• Configured load balancing and failover mechanisms for various SiteMinder components in different environments.
• Upgraded CA Policy Server from version 12 SP3 CR09 to 12.5 CR02 or later in development, staging and production environments. Upgraded Web.
• The application is designed using J2EE design patterns and technologies based on MVC architecture.
• Configured Java resources like JDBC providers, JDBC data sources, connection pooling, Implemented creation of Server groups and clusters in Apache Application server.
• Knowledge of Java Servlets, JSP, EJB development and deployment concepts and database skills.
• Installed and configured Web agent on Apache 2.2 and configured the Proxy Connections to the Application Server.
• Installed web Agents, ERP Agents and created Siteminder Realms, Rules, Responses and Policies to protect the applications and validate the users to work under SSO environment.
• Configured and Optimized Identity and Access Management for Users using Advanced Password Services (APS)
• Understanding the business requirements and leverage the technology to meet the delivery goals using CA
• Siteminder R12 and CA LDAP for authentication and authorization.
• Implemented Multi master replication and Hub Replication on LDAP Sun ONE Directory server.
• Effectively maintained the policy store, key store and the user store.
• Migration of Siteminder 5.5 to 6.0 for advanced Load balancing, failover configurations and for facilitation of user impersonation.
• Installed and configured Webagents on Webservers like IIS 5.0/6.0, Apache 2.x, SunOne Webserver 6.1/7.0.
• Configured and Defined the Policy Domains, User directories, Rules, Realms, Policies and Responses in Siteminder and configured Siteminder Affiliate agents, RADIUS agents, and web agents to provide federation of webservices with SSO environment.

Environment: Sun One LDAP Directory server, Sun Solaris, CA Policy Server, version 12 SP3 CR09 to 12.5 CR02, Apache 2.2, Netegrity Siteminder policy server 6.0 SP4, Sun One Directory Server 5.2, Advanced Password Services (APS), Siteminder R12, Hub Replication, Siteminder 5.5 to 6.0, Webservers like IIS 5.0/6.0, Apache 2.x, SunOne Webserver 6.1/7.0, the Policy Domains, Siteminder web agents, Affiliate agents and RADIUS agents.

Siteminder Admin

Responsibilities:

• Middleware administration like Web sphere, Site minder, and Web Hosting services.
• Handling incident management (remedy), change management (SES) and problem management tickets.
• Installed, configured and maintained Netegrity/ CA Siteminder Policy Server 6.X/12.5, CA IDM r12.5 and Sun ONE Directory Server on distributed platforms.
• Providing solutions for the external SSO using SAML and Siteminder.
• Worked with Web Administrators, LDAP Administrators to determine what the best values for Siteminder parameters and tune the system to boost Siteminder performance in the Web Tier, the Application Tier, and the Data Tier.
• Configured IDP initiated and SP initiated SAML profiles with different bindings like POST, Artifact, and Redirect as per the custom business and security requirements.
• Worked on cron jobs for rotation & clearings of logs
• Used WLST to automate the Stop-Start & Deployment scripts.
• Integrated Weblogic with People Soft HR & Apache HTTP Servers.
• Generated various SLA reports on Tools like HP SM7 & Remedy.
• On-call Support (24x7) for both testing and production environments.
• Configured Siteminder web agents, to provide federation of web services in the SSO environment.
• Used custom attributes properties to track the information about recipients of the application site.

Environment: Web sphere, Site minder, and Web Hosting services, management (remedy), change management (SES), problem management tickets, Netegrity/CA Siteminder Policy Server 6.X/12.5, CA IDM r12.5, external SSO, SAML, Web Administrators, LDAP Administrators, Web Tier, Application Tier, Data Tier, IDP, POST, Artifact, Redirect, WLST, Stop-Start & Deployment scripts, Weblogic, Stop-Start & Deployment scripts, People Soft HR, Apache HTTP Servers, HP SM7 & Remedy