PROFESSIONAL SUMMARY:

• 8+ years of experience in analysis, design, development, implementation and maintenance of enterprise wide SSO security with CA SITEMINDER Policy based services.
• Experienced in SiteMinder Policy Server Up gradations from R .8 R12 to R12.5 and R12 to R12.52 and 6.0 to R12
• Experience in Secure Access Gateway Upgrade from R .8 on Windows Server 2016
• Proficiency in configuration of SiteMinder Authentication Schemes, Policies, Realms, Rules and Responses
• Configured SiteMinder Web Agents on Web Servers like IIS, Apache, Domino Web Servers and Application Servers like Tomcat and Web logic, Web Sphere.
• Experience in SAML 1.1 and SAML 2.0SAMLPOST, Artifact and custom SSO development
• Very good experience in OpenID connect, OAuth protocols
• Configured and defined the policies for SAML Affiliate Agents for federated authentications for users coming from partner sites. Used SAML to implement single sign - on to external web applications.
• Experience in dealing with vendors to gather the requirements and implement the SSO using SAML 2.0, WSfed and other protocols as per the requirement
• Worked on Architecture design with architects for SiteMinder R12.52 and R12.8
• Built a new SiteMinder R12.8 and Secure Access Gateway environment.
• Good Experience in the Web Server and Applications servers such as Apache Servers, IIS, Tomcat,
• Experience in using SiteMinder Federation services and web agent option packs to build and maintain Federation infrastructure to provide SSO functionality to external applications.
• Experience in installing the SiteMinder agent for SharePoint 2010 and SharePoint 2016
• Experience in installing and configuring Secure Access Gateway formerly known as Secure Proxy Server.
• POC on CA API Gateway.
• Experience in OAuth and OpenID connect to integrate client facing applications.
• Experience in implementing the SSL and very good understanding concepts of Cryptography.
• Issued several certificate via internal PKI
• Knowledge on Risk Based Multi Factor authentication
• Knowledge on SAML authentication for single sign on for cloud applications
• Experience using PING Identity Solutions for performing the federation aspects in large enterprise networks.
• Experience with working on PING adapters for SiteMinder to implementing federated login
• Maintaining and providing OPS support to large scale Access Management systems on both Enterprise and Consumer level.
• Worked on setting up and maintaining X509 Cert based authentications
• Experience and knowledge of Centralized login servers implementations
• Experience in implementing IWA authentication schemes.
• Experience with GlobalScape EFT, MailExpress and Payeezy, CyberArk Administration.
• Experience in management for renewing the product support.
• Experience in several security protocols such as SFTP, FTP, FTPS.
• Knowledge on DMZ, Firewall, ports, DNS.
• Completed courses CISCO CCNA: Network Fundamentals, CCNA LAN Switching and Wireless, CCNA Accessing the WAN.
• Experience with working on Assertion Generator Plugins to customize SAML assertions
• Experienced in installing and configuring CA Directory Services, Directory Tree, Schema, Indexes and Replication
• Experience in using programing languages like Java script, XML and HTML and UNIX shell Scripting.
• Using Secure Access Gateway/SPS for Federation and Proxy solutions
• Experience in LDAP for creating users and provide authorization and creating ADSI objects
• Proficiency in SiteMinder Administration, Load Balancing, Performance Tuning and High Availability in both UNIX and Windows based environments.
• Worked with CA core teams to understand and analyze corporate infrastructures to provide performance improvement suggestions.
• Proficiency in managing, maintaining, troubleshooting, and resolving User Authentication and Access issues in a 24x7 production environment.
• Experience in working with SPLUNK to handle the issue resolutions more efficiently and quickly.
• Experience in working on multiple monitoring systems to understand and analyze various logs and reports to provide a more reliable and efficient support infrastructure.
• Used Monitoring tools like HP BAC and WILY to perform the above tasks
• Provided close support to Identity management teams w.r.t SiteMinder.
• Experience in HPSM for the incident management very good knowledge in creating RFC’s.
• Experience in Identifying process improvements and provide recommendations for more effective troubleshooting of complex hardware and software problems.
• Good experience on Remedy ticketing system (ITSM) and Service now.
• Excellent client facing and customer interaction skills
• Strong organizational, interpersonal, and project management skills

TECHNICAL SKILLS:

SiteMinder Products: CA SiteMinder Policy Server 6.0/12 SP1,SP2,SP3 and R12.52, Web agent 6.x/12.x/12.52.x, PING federate, OAuth, SAML, WSfed, OpenID connect.

Web Servers: IIS 6.0/7.0/7.5/8/8.5 , Apache2.2/2.4, DOMINO Web Server 8.x and 9

Directory Servers: Sun ONE Directory Server 5.x, 6.0, Microsoft AD. CA Directory Servers, Oracle 11G directory

Operating Systems: Windows Server 2003/2008/2012 , Red Hat Enterprise Linux 5,6 UNIX (AIX, Sun Solaris 10,11)

Application Servers: BEA Web Logic 8.1, Tomcat 3.3/4.1.3/5.5 , JRUN 2.0, JBOSS

Programming and Scripting Languages: Java, HTML, XML, Unix Shell scripting, Perl, Java Scripting

Monitoring Tools: HP BAC, WILY Introscope. Usage of Splunk for Log monitoring and analysis.

CCNA: Network Fundamentals, CCNA LAN Switching and Wireless, CCNA Accessing the WAN

PROFESSIONAL EXPERIENCE:

Confidential, Harrisburg, PA

Sr. IAM Engineer

Responsibilities:

• As a SiteMinder SME have worked on the projects to design, develop and enforce the Single sign on infrastructure with internal and external clients
• Working on SiteMinder Upgrade from R12.52 sp1 to R12.8 on Windows 2016 Servers.
• Working on Secure Access Gateway upgrade from R12.52 SP1 CR06 to R12.8 on Windows 2016 Servers.
• Assisting the team to upgrade SiteMinder policy servers, policy stores and web agents on multiple platforms as part of the SiteMinder upgrade project.
• Worked on Architecture design with architects for SiteMinder R12.52 and R12.8
• Built a new SiteMinder R12.8and Secure Access Gateway environment
• Installing SiteMinder Agent for SharePoint 2016
• Troubleshooting experience in IIS, Apache and Tomcat servers.
• Understands clearly how Apache and Tomcat work together.
• Worked on providing Single Sign on between internal and external clients via federation using different protocols like SAML 2.0, WS-fed
• Experience implementing OpenID connect and Oauth.
• Knowledge of JWT Tokens.
• Working on LDAP (Active Directory) to setup users and provide authorization to the users via groups and ADSI objects.
• Started POC on Ping Federate as the organization plans to move to different IAM solution.
• Co-ordinate the changes for an optimized plan to minimize downtime across the DEV, SYST, UAT and PRODUCTION environment.
• Worked on day to day tasks including creation of SiteMinder configuration objects and working with application teams to resolve issues.
• Used MultiFactor authentication for many applications in the organization
• Worked on creating policy objects as required by the application teams to implement sound and secure SSO solutions and preventing cross site scripting.
• Concepts of cryptography and excellent knowledge of how SSL works.
• Knowledge on SSO for cloud based authentication.
• Experience in apache server configuration and SSL certificate implementation.
• Installed SiteMinder agent for SharePoint for protecting the SharePoint applications and provided support for it.
• Worked on PING federate to provide the SSO solution with external clients.
• Working on POC for CA API Gateway.
• Working on GlobalScape EFT which is product used by Confidential for the file transfer internally and externally.
• Experience in SFTP, FTP and other security protocols.
• Worked on integrating new applications with SiteMinder by creating the required realms, rules, and policies as required. Completed the protection and provided support as needed
• Worked on multiple projects to provide SSO with SiteMinder federation setup with 3rd party vendors using the SAML protocol
• Helped application teams to design and implement the SSO solutions for the internal and external applications
• Assisted the application teams to design necessary infrastructure to support SSO solutions with our existing setup
• Used to manage AGP deployments to facilitate customizations for the federated solutions in case complex requirements.
• Worked on a project to add additional infrastructure capacity to increase the load handling capability in the Production environment by adding 4 new servers in the Production environment.
• Hands on experience with configuring IdP initiated and SP initiated SAML profiles with different bindings like POST, Artifact, Redirect as per the custom business and security requirements.
• Experience with the implementation of RSA two factor authentication tokens for the integrated web service security in a SSO environment for the service provider applications.
• Responsibilities included to attend the preliminary discussions and further work with the technical teams to gather requirements and attend multiple calls to complete the integrations.
• Worked on a large corporate project from initial stages to design and build the SSO solution to support the project until it was pushed live.
• Provided support and troubleshooting facilities to existing SAML federation partners for issues and quick fixes
• Worked on introducing Assertion customizations functionality as per the case requirements.
• Worked on a project with the CA core team to discuss and design health check suggestions to improve the health and performance of the SiteMinder environment within the NM Infrastructure
• Worked on developing the design and implementation plans for the Confidential check recommendations.
• Lead and worked with the team to implement the Health check recommendations

Environment: CA SiteMinder r12.52 Sp1, SiteMinder Web agent option pack, Oracle Directory, IIS 6.0/7.x, Apache 2.x, JBOSS app servers, Windows Server 2003/2008, and RHEL 5.

Confidential, Tampa, FL

Sr. SiteMinder Engineer

Responsibilities:

• To work as part of the IAM designer team to plan and implement the SSO infrastructure for the PWC IT in USA and work with the other IAM teams from the PWC global
• Work on the DEV environment to test and implement new solutions with respect to the IAM space to meet the ever changing requirements of the PWC IT security specifications
• Worked on projects under the IAM space to upgrade the SiteMinder infra from the R12 version to the R 12.52 version of the CA SiteMinder suite of products
• Worked with various application teams to upgrade the web agents on multiple platforms to facilitate the over upgrade procedures.
• Worked with the app teams to discuss the planning and execution of the upgrade projects with minimum downtime.
• Worked on linux and windows platforms.
• Worked on and managed central web login servers to provide uniform login experience to various applications according to the Firm standards.
• Worked on day to day tasks including creation of SiteMinder configuration objects and working with application teams to resolve issues.
• Handled federation more than 100 projects end to end between PwC and other entities
• Worked on creating policy objects as required by the application teams to implement secure SSO solutions.
• Worked to integrate new applications under the SiteMinder infrastructure to provide Single Sign On from the corporate portals.
• Experience in OAuth and OpenID connect to integrate client facing applications.
• Expertise with configuring IdP initiated and SP initiated SAML profiles with different bindings like POST, Artifact, Redirect as per the custom business and security requirements
• Configured Single Sign On via federation between PwC and several entities using agentless and SAML 2.0, OAuth
• Worked on incorporating the Single Sign On Solution to both internal and external clients using the SAML based federation services solution.
• Worked with external clients to discuss and resolve the issues with the existing Federation infra under the legacy and partnership based setups
• Used HPSM for the incident management very good knowledge in creating RFC’s.
• Worked with the Operations and support teams to work on escalated day- to day issues.
• Worked to debug and resolve issues during the initial project testing phases to move the application to successful implementation phases.
• Experience Configuring Encryption and Signing of SAML assertion.
• Performed user provisioning in Identity Provider(IdP) site Service Provider(SP) site using SAML for SSO
• Experience in debugging the SAML Errors by using fiddler trace and SAML Tracer.
• Worked on tools like trace analyzer to identify more information and provide better troubleshooting services to the application teams.
• Worked with the support teams to provide production support in case of escalated issues.

Environment: CA SiteMinder r12.52 Sp1, SiteMinder Web agents for multiple Webservers and platforms, IIS 6.0/7.x, Apache 2.x, JBOSS app servers, Windows Server 2003/2008/2012 , and RHEL 5.X. Domino webservers, IHS servers

Confidential, Lakewood, CO

Sr. SiteMinder Consultant

Responsibilities:

• Worked on the project to design, develop and enforce the upgradation of the Enterprise infrastructure from CA SiteMinder R12 SP3 to CA SiteMinder R12.52
• Participated in the planning and implementation phase of the upgrade project and successfully worked thru the implementation in the DEV, TEST and also the Production environment.
• Worked with PING Identity Solutions to facilitate Federation with 3rd party vendors.
• Worked on Ping Federation in conjunction with SiteMinder adapters to implement various flows of authentication to provide SSO solutions to different clients in different scenarios.
• Used a combination of Ping Federation and SiteMinder to provide SSO solutions to SaaS applications like Sales force.
• Worked with the team to upgrade CA SiteMinder 6.0 to SiteMinder R12 SP3 in the initial stages of my project start.
• Design CA SiteMinder r12 Enterprise infrastructure and provide high availability by configuring Clusters across two different data centers.
• Created Policies, Realms, Rules and Responses in SiteMinder policy server to protect the applications and validate the users to work under SSO environment.
• Provided solutions for custom Authentication schemes developed by the App teams as part of the requirements
• Worked with various vendors to develop SSO solutions for federated setups with applications outside the firm.
• Worked on developing a common across the board Enterprise login scheme in conjunction with Windows authentication using enterprise login server architecture.
• Performance Tuning for SiteMinder to provide better response time, low latency, high availability and maximum throughput.
• Worked with IDM teams to provide SiteMinder integration with IDM and gained some working knowledge of the IDM infrastructure.
• Work with IIS 6, IIS 7, IIS 7.5, Apache Web Server 2.xx Web servers, JBOSS App server to deploy the Admin UI for Policy Server. Also worked on WebLogic Servers as part of the Consumer app level support.
• Worked on the Terumo owned custom Access management Application CIMA, under Consumer Infrastructure.
• Worked on supporting and debugging issues with and implementing SSO solutions with Business Partners using PING identity solutions for the federations’ setup.
• Provided OPS support to the CIMA architecture to deploy and maintain, provide monitoring and L2 support for the applications.
• Used enterprise level tools to monitor and provide 24X7 support to the CIMA Enterprise and Consumer infrastructure within Confidential .
• Used tools like SPLUNK, WILY and HP BAC to provide the above mentioned support.
• Worked towards building, maintaining and providing high availability and the best quality of support for any issues within the scope of the Enterprise and Consumer Infrastructures at Confidential

Environment: CA SiteMinder r12 Sp3, CA Directory Server 5.2, IIS 6.0/7.x, Apache 2.x, JBOSS app servers, Windows Server 2003/2008, Solaris 10 and RHEL 4/5.

Confidential

Sr. SiteMinder Engineer

Responsibilities:

• Worked on the projects to design, develop and enforce the Single sign on infrastructure
• Worked on a project to add additional infrastructure capacity to increase the load handling capability in the Production environment by adding 4 new servers in the Production environment.
• Worked on SiteMinder Upgrade from R12 sp3 to R12.52
• Assisted the team to upgrade SiteMinder policy servers, policy stores and web agents on multiple platforms as part of the SiteMinder upgrade project.
• Co-ordinate the changes for an optimized plan to minimize downtime across the DEV, TEST, STAGE and PRODUCTION environment.
• Worked on day to day tasks including creation of SiteMinder configuration objects and working with application teams to resolve issues.
• Worked on creating policy objects as required by the application teams to implement sound and secure SSO solutions.
• Worked on integrating new applications with SiteMinder by creating the required realms, rules, and policies as required. Completed the protection and provided support as needed
• Worked on multiple projects to provide SSO with SiteMinder federation setup with 3rd party vendors using the SAML protocol
• Helped application teams to design and implement the SSO solutions for the internal and external applications
• Assisted the application teams to design necessary infrastructure to support SSO solutions with our existing setup
• Used to manage AGP deployments to facilitate customizations for the federated solutions in case complex requirements.
• Hands on experience with configuring IdP initiated and SP initiated SAML profiles with different bindings like POST, Artifact, Redirect as per the custom business and security requirements.
• Experience with the implementation of RSA two factor authentication tokens for the integrated web service security in a SSO environment for the service provider applications.
• Responsibilities included to attend the preliminary discussions and further work with the technical teams to gather requirements and attend multiple calls to complete the integrations.
• Worked on a large corporate project from initial stages to design and build the SSO solution to support the project until it was pushed live.
• Provided support and troubleshooting facilities to existing SAML federation partners for issues and quick fixes
• Worked on introducing Assertion customizations functionality as per the case requirements.
• Worked on a project with the CA core team to discuss and design health check suggestions to improve the health and performance of the SiteMinder environment within the NM Infrastructure
• Worked on developing the design and implementation plans for the Confidential check recommendations.
• Lead and worked with the team to implement the Health check recommendations

Environment: CA SiteMinder r12.52 Sp1, SiteMinder Web agent option pack, Oracle Directory, IIS 6.0/7.x, Apache 2.x, JBOSS app servers, Windows Server 2003/2008, and RHEL 5.