SUMMARY:

• 7+ years of experience in Installation, Configuration, Development, Deployment, Administration, Trouble Shooting and Migrating of CA Web security, network security, database systems, and Enterprise Document Management.
• Expertise in Installation, Configuration, Deployment and Maintenance of Siteminder Components like the Policy Server, Web Agent, Policy Store and Key Store. Involved in the upgrades of Siteminder version 6.0 to r12.
• Manually deployed Federation Security Services for SAML 2.0 implementation.
• Also configured both the Identity Provider and the service provider to enable federation between them.
• Working experience in the development of CA - Siteminder, Single Sign-On Services with Siteminder configurations (setting up policies, realms, rules and responses) and also involved in the up gradation of SSO environments to the latest versions. Also involved in using IDP initiated and SP initiated SAML profiles with different binding methods like POST, Artifact, and redirect to deliver a custom SSO environment as per the requirement.
• Hands-on experience working with Oracle Identity and Access Manager 11g.
• Expertise in analyzing the logs (trace logs, logs) and Trouble Shooting Siteminder issues. Used Unix/Linux utilities for analyzing logs and was an integral part of the 24/7 On-call team for troubleshooting.
• Hands on Experience in CyberArk.
• Hands on Experience in Sun Identity Manager and
• Hands on Ping federation product in federating the third party applications to enable single sign on between IDP and SP applications.
• Worked on Disaster Recovery Vault (DR) and CyberArk Enterprise vault.
• Good expertise in troubleshooting issues related to SSO, authentication and authorization.
• Hands On experience on CA Governance Minder for implementing Automating Identity and
• Strong experience with wide variety of web server and application server Security.
• Worked on Various Aspects of DBMS.
• Worked on Sail Point, CA IDM to manage the User ID.
• Worked on creating BCM documents sat with the team and analyzed the possible threats and roadblocks for the project. And documented these points in a BCM document.

TECHNICAL SKILLS:

Middleware: IBM Websphere Application Server 7.0/6.1/6.0/5.1/5.0, WebSphere Process server 6.0, WebSphere MQ 6.0/5.3, JBoss.

OS: Windows 95/NT/98/2K/2003/2008/7, UNIX/Linux, Sun Solaris, Linux.

Databases: Oracle, My SQL, Sybase.

Security Access Management Tools: Sun One Identity Minder, CyberArk, CA Siteminder, LDAP, Sybase, MySQL.

SSO Products: CA SiteMinder R12.0, R12.0, CyberArk, Web agents 4.x/5.x/6.x/12.xCA Report Server, CA Secure Proxy Server, Sailpoint.

Directory Servers: Sun One Directory Server 5.x, 6.0, Microsoft AD (Active Directory), Oracle 10g, 11g.

PROFESSIONAL EXPERIENCE:

Confidential, NJ

Security Support Analyst L2

Responsibilities:

• Participated in the knowledge transfer program in order to understand the functioning of UBS’s infrastructure and how the applications are implemented and how they have customized these applications to meet the banks needs.
• Prepared document in order to track of he training program, and that document served as tracking document and also served as reference document for future purposes.
• Participated in the shadowing process and observed how the ticketing system is handled couple of tickets as process to get to know the methodology Followed at the bank.
• Worked on User Account Provisioning, editing user attributes, managing and creating User/Technical accounts.
• Worked on CyberArk User Account On-Boarding, Account Reconciliation and Provided Weekend Support for the production release activities.
• Worked on implementing and supporting the CyberArk Password Vault services on different platforms.
• Worked on CyberArk in providing support on “Privileged Account Security Solution”.
• Provided weekend on call production support for CyberArk implementation/Patching activities.
• Worked on troubleshooting the Sync Issues from the HR servers to our Local GFS servers, which involved restarting the Syncs, Bouncing the applications etc.
• Work daily with Cyber Ark’s PVWA. CyberArk Administration and Troubleshooting.
• Worked on Privileged Access Management.
• Interact with the clients, internal user and understanding their requirements and document the requirement and provide valuable Identity and Access Management solution for the clients/users.
• Worked on providing day to day Handover, which involved in checking all the applications and servers and running a script to check all the syncs in PROD, MANUAT and ENGUAT.
• Provided IDAM support for both external and internal clients.
• Performed weekend Checkouts for the Master Access control team.
• Perform and Involve in Business Continuity Management-BCM activities.
• Work/act as point as “Point of Contact” in the Americas region for the team during the weekend On-call.
• Worked on Providing the SSO solutions based on the Client’s/ User Requirements.
• SAML was Mainly used in providing Single Sign On Solutions and Services.
• Co-ordinate with the team across the globe to keep the applications running, which are important of the functioning of the bank.
• Hands on Experience in working on MySQL, Sybase.
• Worked on the Databases to provide user specific reports, User profile management and Access audits.
• Work on Data Maintenance of the applications.
• Worked On day to day tickets resolution, Troubleshooting and documenting.
• Participated in the Infra Weekend task, helped the team in coordinating and completing the activity successfully.
• Worked on Sybase, MySQL DB on a day to day basis to support Access Audit and user query in the form of the ticket.
• Hands on experience in Office 365 Integration.
• Worked on Implementing Various Production Change Tasks.
• Also helped the team in the documentation and also provide valuable inputs to the team on the betterment of process and working of the applications.
• Cross trained on MAC - Master Access control to support the day to day functionality as a team, which supports and works on Mainframe mostly.
• Supported the weekend check out activities for the MAC team.
• Provided Level-2 support on Identity and Access Management Solutions for Both IDAM and MAC team.
• Provided Weekend On- Call Support as well as Production Release Support and Incident Management.
• Was Cross trained on Access IT, which involved work on Access review, Access Removal and provide support for the yearly access audit.
• Well Versed in Providing / Was a Part of Weekend On-Call Support

Environment:: CA Siteminder, Sun Identity Manager, RiskMinder, LDAP, CyberArk, SNOW, Access request Port, Directory Services tools, Power Keeper Portal, RSA AVESKA, SharePoint, IST tool, SAML, SOAP and Web Services Linux, MySQL, Sybase, CA IDM, CA Governance Minder, SSO.

In House Applications: Access Request Portal(ARP), Atti, Directory Services, IdM Support Tools, eMIDAS, eAccess, Password Management Tool, DB Sec ISAC,

Identity Access Management Analyst/ Security Support Analyst

Responsibilities:

• Worked on Active Directory and LDAP.
• Worked on cleanup of Active Directory Sites and services.
• The task includes getting the Net Logon Files from the various Domain controllers of the various Forests present in the infrastructure.
• Also from the Net logon files filtering and sorting out the ones that are not included in the Subnets lists.
• Worked on Integrating the Single Sign On Solutions between Applications and Cloud environment.
• Worked on CyberArk on Privileged Identity Management.
• Implemented and worked on Password Vault Management Services using CyberArk.
• Worked on Office 365 Integrations with various Applications.
• Supported the CyberArk solutions for the production on-call support.
• Creating safes and adding users and groups to them for privileged access in CyberArk.
• Create CyberArk Safe's and add system and application id's to specified Safe vaults
• Worked with the “Platform Networking” team in the conversion of IP addresses to Subnet Range.
• Worked on MySQL DB mainly on the user account management and data modifications.
• Worked on the Process Documentation of all the tasks and that I had been assigned. Basically this included documenting each and every step that I performed during the process of sites and services clean up.
• Also worked with the team in analyzing and Pointing out the possible risks and pointing out the possible hurdles of the project. Basically worked on BCM.
• Also working on creating the test plan document for the team.
• Worked with Network Platform team on DNS records Clean up.
• Worked with team on SHA1 and SHA2 certificates upgrade.
• The above are the few jobs and tasks that I performed during the course.

Environment: Active Directory, Basic Unix/Linux commands, CyberArk, Service now, SharePoint, IDV vault, MySQL, CA IDM, Siteminder, SSO, SAML, Office 365.

Siteminder Consultant/ IAM Integration Consultant

Responsibilities:

• Worked as Siteminder Consultant and also as Security Analyst for the team.
• Designed and developed various integration guides for the HP Passport team.
• Worked on rebuilding the Team’s website as per the new technological up gradation.
• Worked with the team as a technical writer, managed various documents, and built the new documents within the specified deadline.
• Coordinated with team on drawing conclusions on the integration guides, also publishing them in the specified time.
• Worked as an integration consultant.
• Worked on Role Based Access Controls (RBCA) using RSA AVESKA.
• Hands on experience in RSA AVESKA based Identity and Access Management.
• As integration consultant, held various kick off meetings to initiate a new integration, also based on the client’s requirements suggested the best Application integration method that they can follow.
• Worked on Databases extensively for the Incident and Problem Management.
• Worked on creating the various Application configuration files for the integrating applications.
• Also during the course as an integration consultant, worked on the various application configuration, also supported the clients during the MTP of the application.
• Worked on creating a playbook for the team, which was the base technical document that uses to migrate the application during the split process of the company.
• Also During the split activities, I was assigned 25 applications which were undergoing the split and I was responsible for those applications from Kick off Meetings until sign off during the MTP.
• Worked on various troubleshooting issues for these applications during the tenure.
• Worked on 2 SSO project in these applications also worked on few federation projects as an integration consultant.
• Hands on experience on SAML, Mainly worked and used in the SSO Projects.
• Worked on CA governance Minder, Worked in Identity Monitoring in complex environment.
• To manage the user identities CA IDM was used. Identity Management, Multifactor authentication and Password Management.
• Worked on multi factor authentications in CyberArk using LDAP, Oracle.
• Worked Partially on LDAP.
• Worked on BCM, designed and created the document that included threats, roadblocks and possible interruptions and the work around plan.
• Used SQL to to access the database and retrieve, modify or delete user related information.
• Worked and used Unix as well as Windows OS.
• Acted as technical support for all the applications during the period of MTP.
• Met the deadlines and all the applications were signed off within the specified time.
• During course also worked on creating policies for various applications, also creating federation as per the client’s request.

Environment: CA Site Minder R12, CA Governance Minder, SSO, JBOSS Server, SAML, SOAP, Windows XP/2003/2008, SharePoint, RSA AVESKA,Data Migration tool, Active Directory (Sites and Services, Users & computers) GAP analysis Risk Analysis& Management, MySQL.

Engineering Security Expert

Responsibilities:

• Designed, Developed, Installed, Configured and Administered CA IDM, CA Siteminder and CA e-trust Directory server on Windows and Red hat Linux Operating systems.
• Administered CA Siteminder Policy Servers, CA Siteminder Web Agents, CA Siteminder Application Server Agents and configured custom configuration like Authentication schema's for CA Siteminder Policy Server for Authentication and Authorization.
• Integrated CA IDM with end point systems like SAP HR, AD, Oracle WebLogic and IBM WebSphere Application Servers in both Production and non-Production environments.
• Configured CA Siteminder for third party service providers for SSO using SAML 2.0webservice SP-Initiated Single Sign On for both production and non-production environments.
• Preparing documentation containing the description, procedures and testing for the 1E1C (One Email One Calendar) project which was formulated for creating a common Google email and calendar for Google and Roche employees
• Experience with Ping Federate 6.x/7.x for providing SSO solutions to multiple web based enterprise applications.
• Creating test accounts and performing tests to make sure Active Sync updates required values, using database tables in Toad.
• Construct test accounts with different attributes, both internal and generic, using ENROLL (Roche identity management system) provisioning.
• Testing and resolving issues in password synchronization between various environments like Roche Google, active directory and SIMS(Self Service Identity Management System which is a SUN IDM 6.1 based identity management service) using accounts created using ENROLL.
• Involved in creating and testing of webservice for provisioning user data for Roche and Genentech employees.
• Wrote shell scripts to automate daily Active Sync log transfer from servers to appropriate systems.
• Extensively worked with SIMS to manage day-to-day identity management issues like provide/remove access to certain systems, reset passwords and grant various approvals.
• Used Remedy Action Request System to handle day-to-day tickets and redistribute them to appropriate members of Engineering Security group.
• Skilled in root causes analysis, problem solving and conflict resolution.
• Regularly attended meetings on behalf of Middleware Team & co-ordinate with different teams for task accomplishment.
• Performed 24/7 on-call support on rotation & mentored newcomers during team expansion.

Environment:: CA IDM 12.x, IBM Websphere Application Server 7.x,Unix-Solaris 10, Ping Federate 6.x/7.x, Sun ONE Directory Server 5.1, Sun ONE Webserver 6.1, Netegrity Siteminder Policy Server 6.0, SUN IDM 6.1,Apache Directory Studio LDAP browser v2.0, Windows XP/2003/2008, Toad for Oracle v11.6, Remedy Action Request System v5.01.02, Poster v3.1.0

Security Analyst

Responsibilities:

• Resolved day-to-day Active Directory and eDirectory issues like force restart on crashes and password lockout removal.
• Worked with Novell Identity Manager to create new group policies and for daily health checks of all drivers.
• Requesting new ESP (Enterprise Systems Platform) Workload Automation jobs to transfer Audit Trail files from IIS and Web sphere servers to syslog server
• Wrote scripts to merge IIS and Websphere Audit Trail logs, store them to a specific location and send an email if any errors detected.
• Scheduled jobs in crontab for daily sequential execution of scripts.
• Wrote scripts to automate creation of H drive for new employees.
• Extensively worked with CyberArk Privileged Identity Management 5.50 to create and managefire call IDs which are used for temporary password dispensation for various approved admin rights.
• Creation and management of new safes, accounts and groups associated with those safes and issues with password changes in CyberArk.
• Setting up new domain controller password sync, which involves adding the new DC to the remote loader.
• Coordinated with Novell support team in recovering root password for Linux SUSE 10 serversdue loss of password.

Environment:: Novell Identity Manager 3.7.0, Active Directoryon Widows Server 2008, eDirectory 8.8, CyberArk Privileged Identity Management 5.50, Soft Terra LDAP browser 4.5, Windows XP/2003/2008, Linux SUSE 10, VBSedit 5.5.2.

Middleware Security Expert

Responsibilities:

• Coordinating with application teams to finalize the requirements for Siteminder setup.
• Implementation of various changes as required integrating Siteminder with new applications and new application modules.
• Migrated Siteminder Policy Server from version 6.0 to 12.0.
• Implementation of SAML 2.0 federated solution to enable SSO between NT authentication (IdP) and external applications
• Implement SAML Federation Services with partner sites
• Managed engagement with multiple partners and established SLAs for IT services.
• Involved in various projects like Web agent upgrade for various applications to version r12 and Policy Server migration project.
• Extensively worked on Vulnerable issues like XSS on to the Siteminder Protected Resources
• Involved in UAT analysis for new applications before they are moved into production environment.
• Supports Reverse Proxy Environment to protect a web resource authentication to provide SSO to protected resources.
• Designed logical security application architecture integrating WebSphere Application Server, SunOne Web Server, iPlanet LDAP Directory Server, Netegrity Siteminder and implemented Single Sign-On security.
• Used smldap setup tool to manage and migrated Policy Stores between different environments.
• Responsible to check and configure the integration of Siteminder 6.0 policies to work with roles defined in Identity Manager 8.1.
• Installation and trouble shoot in implementation of Siteminder Trust Authentication Interceptor (TAI) for IBM Websphere 6.0.
• Clustered Policy Servers for failover and high availability solutions.
• Integrated Policy Store with LDAP to use LDAP user repository.
• Exported LDAP databases to LDIF files and imported databases from LDIF files using Admin Console and command line utilities.
• Wrote shell scripts to automate the maintenance process of the WebSphere Application Server and recover the backed up WebSphere configuration.
• Implemented Multi master replication and Hub Replication on LDAP Sun ONE Directory server. Effectively maintained the policy store, key store and the user store.
• Involved in server, policy store and key store configuration file backups. Experience with Change management procedures.
• Troubleshooting Siteminder environment using Siteminder test tool and Siteminder policy server log files and agent log files.
• Administered policy and user stores using the Sun ONE Directory servers while also providing redundancy and availability
• Implementing SSO (Single Sign-On) among the applications configured with Access Manager.