SUMMARY:

• Information Technology professional with 16+ years of overall IT experience out of which about 9 years in Information Security, Identity Management, Access governance, Confidential, Single Sign - On (SSO), Federated access management, Authentication and Authorization technologies, multifactor authentication & LDAP Directories.
• Application owner / cross functional team interaction and requirement analysis in IAM space
• Architecting / Designing, development and configuration of complex technical solution
• Development, installation, configuration, and deployment of IAM solutions for various projects in development, testing and production environments.
• Operations support and troubleshooting for large production infrastructure
• Escalation point and L3 level support
• Lead and actively contributed for tech refresh initiatives such as version upgrade, technology migration, patch deployment and cloud adaption.
• Cross functional, inter team and offshore team communication and co-ordination.
• Strong analytical, logical and ability to adapt to newer technologies as needed.

SKILLS:

Cyber Security, Identity Management, Access Management, Access Governance, Single Sign On, CA Access Gateway (CA Secure Proxy Server), CA Siteminder SSO, Federated Access Management, CA Advanced authentication, SAML 2.0, OpenID Connect, OAuth, Okta SSO, RSA Aveksa, SailPoint IIQ, Multi Factor Authentication, CyberArk Privileged Identity Management, Public Key Infrastructure (PKI), SSL/TLS, Active Directory (AD), LDAP concepts, Oracle Unified Directory (OUD), Oracle Directory Server Enterprise Edition (ODSEE), Red Hat Linux, Windows, Corporate and DMZ Network Architecture, Firewall, Load Balancer Concepts, Apache, Tomcat Webservers, ServiceNow, BMC Remedy, CA Wily, Splunk Enterprise and Solarwinds. Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure.

EMPLOYMENT HISTORY:

Confidential, Dublin, OH

Environment: CA Access Gateway, CA Single Sign On, Sailpoint IIQ, CA Identity Manager, Okta SSO and Okta Multifactor Factor Authentication, Redhat Linux 5.x/6.x, Windows Server 2003/2008/2012 , Microsoft IIS 6.x/7.x/8.x, Oracle DSEE 11g, Oracle Unified Directory, Apache2.x, WebLogic and WebSphere, Amazon Web Services, Google Cloud Platform.

Lead Consultant/ Engineer

Responsibilities:

• CA Single Sign On, Web agent, CA Access Gateway design, environment build, installation and configuration
• Requirement analysis, design and build SSO access policy objects, reverse proxy rules setup for various business applications.
• Configured SSO for various business applications such as SAP, Biller Direct, Sharepoint, and custom built applications.
• Configured SSO across multiple cookie domains using Cookie Provider
• Configured SAML 2.0 federation partnerships for over 100 SaaS applications
• Documented the application SSO on-board process and other knowledge documents.
• Lead cloud adaption program by actively planning, designing and migration of on premises servers to AWS and GCP
• Actively participated in IDaaS and cloud adaption design and strategy
• Configured Okta multifactor authentication for CyberArk, O365, VPN/VDI and few other high secure business applications
• Configured SAML based SSO for new applications for using Okta IDaaS
• Installation, Configuration, Administration of CA Identity manager, Directory Server, Provisioning Server/Manager, Admin Tasks, screens, Bulk loader, Policy Xpress policies
• Bi-directional password synch.
• Provisioning: Provisioning Roles, Account templates, Endpoints, Explore and correlate, ETA UTIL scripts, Provisioning directory, Connector Server, Connector Xpress, custom connector.
• Integration of CA IDM with siteminder
• Worked complex issue troubleshooting, defects and enhancements implementation from dev, test to prod.
• Worked as escalation point for Sev 1 productions service restoration events
• Monitoring setup for IAM components using solarwind, CA Wily and Splunk enterprise
• Scripting and automation of repeated activities using Confidential scripts, Run deck etc
• Supported security compliance audits such as Sox

Confidential

Environment: RSA Aveksa 6.x, SQL Server 2008, BMC Remedy IT Service Manager Suite, Forefront Identity Manager (FIM), Active Directory.

Lead Consultant / Engineer

Responsibilities:

• Managed the L2.5 support engagement for AVEKSA access provisioning solution
• Incident Management, Change Management
• Identify improvement opportunities & help in building AVEKSA Solution
• Set the support levels and workflow for offshore team
• Support Imprivata SSO Solution
• Contract discussion with customer & internal management on new line of business like RBAC, privileged access management.

Confidential

Offshore Lead / Project Manager

Environment: CA siteminder12.x, Cloudminder 1.5, CA Secure Proxy Server

Responsibilities:

• Installed siteminder components on client environment
• Lead application onboarding on siteminder / cloudminder environment from initial engagement, terms of reference, federation parameters agreement, integration & testing for various SAAS & onpremise applications.
• Hands on experience in preparing federation agreement document & integration design document.
• Hands on experience in co-ordinating with other stake holders like CA support team, Cloudminder team, ISPs, Wintel, LDAP etc for application onboarding & various client service desk units.
• Hands on experience in setting up support model, 24*7 support set up & team management
• Contributed towards preparing OLA, SLA documents for support set up.
• Played the role of Level 2 escalation point for production incidents & CRs

Confidential

Offshore Lead / Project Manager

Environment: CA siteminder12.x, Java 6, ASP, JBoss, IIS 7.0

Responsibilities:

• Managed team & Co-Ordinated with onsite offshore team to understand the requirements & Confidential Identity Access Management Single Sign On (SSO) environment details.
• Installed CA Siteminder 12.0 components on Windows and Linux Environment
• Prepared design solution build document
• Configured CA siteminder SSO Access Policies for custom applications & Federated SSO for Cloud based SaaS applications.
• Proactively documented, tracked & reported project issues & risks.

Confidential

Offshore Lead

Environment: Aveksa compliance tool 4.0, HP Quality Center, Siteminder

Responsibilities:

• Managed both modules as offshore team lead / manager
• Discuss with project team to understand the requirements on recertification & eSSO.
• Created & executed test cases for different types of Aveksa access review work flows
• Created reviews for joining, moving & leaving users
• Extensively contributed towards implementation test planning, test case writing & execution of complete recertification process
• Created test data for role based access recertification.
• Executing the test cases.
• Created ESSO test cases for both internal & external users.
• Guided the team in defect documentation, analysis & tracking.
• Co-ordinated with onsite team for task assignment & issue resolution

Confidential

Offshore Lead

Environment: Tivoli Identity Manager, HP QC, Active Directory, Unix, Racf

Responsibilities:

• Managed the testing efforts of offshore team Created functional & regression test cases for
• This is a lotus notes based in-house access request management work flow engine create, modify, delete & termination requests.
• This is a web based interface designed on top of IBM TIM to complete automated provisioning or de-provisioning of accounts of various target systems like AD, Unix, RACF, interchange etc.
• Central Data Repository ( Confidential ). This is a staging area database of various accounts & other demographic information of employees, contractors, vendor partners etc
• Confidential password & profile reset (self-service system). This is a self-service system for password resets for of employees, contractors, vendor partners etc
• Voice Biometrics. This is designed to minimize helpdesk manual intervention where in a user can identify himself over phone thr IVR & carry out various self-service activities like password reset, account unlock etc., also have an option to talk to an security helpdesk agent, if any additional information is required.