SUMMARY:

• Around 8+ years of experience in IT field including Installation, Configuration, Development, Deployment, Administration, Trouble Shooting and network security, database systems, and Enterprise Document Management in large scale organizations.
• Experienced in IAM/PAM tools with deployment, configuration, integration and troubleshooting CyberArk Privileged Account Security product suite - Enterprise Password Vault, Password Vault Web Access, Central Policy Manager, Privileged Session Manager, Application Identity Manager, and Privileged Threat Analytics
• Experience in handling various modules of CyberArk, mainly Enterprise Password vault (EPV), Application Identity management (AIM), Central Policy Manager (CPM), Privileged Session management (PSM), Event Notification Engine (ENE). Upgrading CyberArk suite of products from 7.x to 9.x. (CPM, PSM, EPV and PVWA)
• Experience as a security professional in installing, managing and monitoring of CyberArk Privileged account security tool modules.
• Part of Privileged Access Management (PAM) Remediation and Engineering team whose role is to secure Web Based applications on user access and authorization.
• Performing daily operations support and maintenance of all security technologies centric to Privileged Access related information security solutions.
• Hands on experience with IIS, IBM IHS, Apache, Sun One Web servers and WebLogic and WebSphere Application servers in Identity and access management environment.
• Worked with Active Directory, LDAP/UNIX groups, Networks, Human Resource systems for Identity and Access Management.
• Designed SailPoint deployment activities - connector configuration, custom rule development, workflow configuration, and development and third-party system integration.
• Experience with Implementation and Administration of Sail Point for large population of users
• Experience in SailPoint tool customization, Report Generation, Integration with end/target systems, SailPoint API's and Application Development.
• Experience with Installation and configuration of CyberArk Vault, CPM, CyberArk PVWA, OPM CyberArk PSM, AIM, and PSM SSH proxy Architecture and design.
• Extensive experience on boarding Windows, UNIX, Database servers, RACF and Network device into CyberArk
• Experience in managing applications access in Okta and Active Directory. Exposure in design and architecture of PIM using Cyber-Ark. Account management i.e. adding /deleting accounts /group management.
• Managing policies and platforms. Creating and assigning Safes, reconciling accounts, rotating passwords.
• Create AD users and groups for safe delegation and updates. Conduct workshops with application and infrastructure teams about on-boarding privileged accounts.
• Assist application teams with CyberArk application Identity Manager Integrations and linked accounts.
• Coordinating with existing Provisioning Team for the application in order to get the existing User Access Management (UAM) model to make it fit in to IIQ.
• Provisioning application's requests in IdentityIQ to Create/Amend/Delete user access for the on boarded applications. Good understanding of policies in CyberArk Central Policy Manager (CPM) and PAM.
• Developing Application instances and entitlements and Integrating New Application (Connected and disconnected) with OIM.
• Good knowledge in Active Directory and Involved in AD integration and adding user to with their privileges. Identified and tested vulnerabilities and conducted research in the areas of information system and network security.
• Have good knowledge in troubleshooting various issues related to CyberArk.

TECHNICAL SKILLS:

Security tools: CyberArk 7.x,8.x,9.x,10.x CA Identity Manager 12.5.x/12.6.x, CA SiteMinder 6.x/12.x, Oracle Identity Manager 10g/11g R1/R2 PS1/PS2/PS3 and Access Manager 10g/11g E1/R2 PS1/PS2/PS3, ADFS and UAG, Microsoft Active Directory

Web & J2EE Technologies: XML, HTML, DHTML, JDBC, CA Identity Manager, CyberArk, OPM (On-demand Privileged Manager), CPM (Central Policy Manager), PAM (Privileged Access Management).

Linux, Windows, UNIX AIX/HP: UX/

Network Protocols: TCP/IP, HTTP, FTP, SNMP, and SMTP

Web/App Servers: Tomcat, Apache Web Server, WebSphere, WebLogic

Databases: Oracle, Microsoft SQL Server, MS Access, MySQL

PROFESSIONAL EXPERIENCE:

Confidential, NY

IAM /CyberArk

Responsibilities:

• Primary responsibilities include Installation and configuration of CyberArk Vault, CPM, CyberArk PVWA, AIM, OPM CyberArk PSM and PSM SSH proxy Architecture and design.
• Upgrading Cyber Ark suite of products from 7.x to 9.x. (CPM, PSM, EPV, PVWA & AIM).
• Worked on Privileged Account Management with CyberArk PIM suite Administration.
• Built two new datacenters with Policy Servers and SunOne LDAP Servers on East Coast to reduce the network latency for Wachovia applications Migrated SAML infrastructure including SAML Policy Servers, Web and Application Servers from Windows2003 to Solaris platform.
• Configured and supported SAML based Identity & Service Provider connections.
• Administration experience of CyberArk vault with Safe creation, integration with LDAP and other authentication methods. Mitigation of the risks using CyberArk, Aveksa and policy changes on servers.
• Worked with different teams to implement single sign on using SAML 2.0, OAuth 2.0.
• Identified different SAML 2.0 issues and fixed the issue in NetIQ Access Manager 3.2.
• Coordinated with the Service providers and identity providers during the SAML Certificate upgrade and architectural changes.
• On boarding applications and configuration of privileged accounts in CyberArk.
• Produced policies, realms, rules, and responses to implement the single and dual factor authentication using RSA Secure ID Token based on the business requirements.
• Applied Single Signon using SAML2.0 for Federation Applications.
• Resolved CyberArk issue's in CPM to communicate with a host to accommodate credentials.
• Executed password policies for all the applications using SiteMinder Policy Server. Configured APS, FPS, Rules, and Help Desk Functionality Replacement.
• Strong familiarity on UNIX administration, and networking concepts.
• Installed and configured CA Wily Monitoring Tool and created dashboards and metrics to monitor Siteminder and LDAP Infrastructure.
• Understanding on Soap/Rest calls and tested the apis's with Soap Ui tool.
• In charge for Netegrity/CA SiteMinder infrastructure maintenance, support and deployment in development, test and production environments on 24/7 basis.

Environment: CyberArk Enterprise Password Vault version 7.x, 8.x,9.x, CA Identity Manager 12.5.x/12.6.x, JDK 1.6/1.7, J2EE, JDBC, XML, SAML 2.0, CA SiteMinder 5.X/6.X,12.X, Federation, Sun ONE Directory Server, Ping Federate 5.x/6.x, Microsoft Active Directory, Azure AD, ADFS, Tomcat 5.5, Apache 2.0, Solaris 8/9/10, Windows 2000/2003, Oracle 10g/11g, SQL Server 2005, DB2 8.X.

Confidential, AZ

Security Engineer

Responsibilities:

• Involved in CyberArk significant updates from 8x to 9x versions for domestic and worldwide clients.
• Good comprehension of policies in CyberArk Central Policy Manager (CPM) and (PSM).
• Resolved CyberArk issue's in CPM to communicate with a host to accommodate credentials.
• On-boarded Privileged Accounts and Super User IDs in the CyberArk Safes utilizing Bulk upload utility.
• Part of Privileged Access Management (PAM) Remediation and Engineering team whose role is to secure Web Based applications on user access and authorization.
• Implementation and create of web policies, password policies. Vault Back-up Management process, AD Configuration (User to connect AD & Branches). Load Balancer architecture, Application Identity Manager Design, On-Demand Privileges Manager Design.
• Break Glass Access Management Process, Integration with other Systems (email configuration). Change Management Process Plan (OS, patch updates). Responsible for Create New User, Activate, enable user, group and OU account in Active Directory.
• Configured AD pass-through authentication for Identity Access Manager (IAM). Installed and configured the LDAP Sun ONE Directory Server. Configured the multi master. Workflows and Integration of various target system privilege account integration.
• Application involves intranet and internet usage of users, running on different platforms Linux, Unix, Windows, etc.
• Involved in troubleshooting issue work requests on day-to-day basis for the applications integrated with CyberArk in QA and Production Environment.
• Hands on experience with CyberArk implementation and configuration of Vault, CPM, PVWA, AIM.
• Experience in trouble shooting various issues, checking and maintaining health of UNIX environment.
• Experience in Providing technical guidance to the team to ensure successful service for physical access deliverables for the enterprise
• Good knowledge in scripting technologies like Windows Shell, JavaScript. Experienced in day to day operational support in adding and deleting accounts, applying policies, assigning safes, synchronizing failed accounts, Password rotations.
• Experienced in using IAM/PAM tools for deployment, configuration, integration and troubleshooting of CyberArk Privileged Account Security product suite - Enterprise Password Vault, Password Vault Web Access, Central Policy Manager, Privileged Session Manager, Application Identity Manager, and Privileged Threat Analytics.
• Worked with other platform teams and external suppliers to consistently deliver on physical access objectives or requirements.
• Excellent communication and interpersonal skills and a very good team player with the ability to work independently.
• Daily administration of CyberArk Enterprise vault Management includes. Safe Management, Master Policy Management, Platform Management and Access Management.

Environment: CyberArk PAM 9.7.2, CA SiteMinder Policy Server v 6.0/12.51, CyberArk 9.6 & 9.8 Web Agent QMR7, Apache Web Server 2, CA Identity Minder 12.6.x, WebSphere 8.4, OKTA, RSA, Oracle RDMS, Korn shell scripting, Perl, XML, UNIX, Windows Active Directory.

Confidential, Jersey city, NJ

Security Engineer

Responsibilities:

• Primary responsibilities include Installation and configuration of CyberArk Vault, Vault Client, Active CPM, Network load balanced CyberArk PVWA, Clustered CyberArk PSM and PSM SSH proxy Architecture and design.
• Implementation and create of web policies, password policies. Vault Back-up
• Load balancer architecture, Application Identity Manager Design, On-Demand Privileges Manager Design.
• Primary responsibilities include Installation and configuration of CyberArk Vault, Vault Client, Active CPM, Network load balanced CyberArk PVWA, Clustered CyberArk PSM and PSM SSH proxy Architecture and design
• Change Management Process Plan (OS, patch updates). Responsible for Create New User, Activate, enable user, group and OU account in Active Directory.
• Installed and configured the LDAP Sun ONE Directory Server. Configured the multi master. Workflows and Integration of various target system privilege account integration.
• Experience with the implementation of RSA two factor authentication tokens for the integrated web service security in a SSO environment for the service provider applications in both environments.
• Managing User Accounts, Server Space & other Log files on servers and Maintaining Mail Accounts in Microsoft Office Outlook & Backup of Emails. Helping organization target architecture for infrastructure privileged access and the high-level requirements for the privileged access management solution.
• Implementing the strategy for infrastructure privileged access control in organization, and the drivers in terms of risk and regulatory control. Cyber-Ark as a platform for managing privileged access to infrastructure. An initial project is focusing on managing networking devices accounts. In parallel, analysis is ongoing.

Environment: CA IDM 12.x, JDK 1.4/1.5, CyberArk 8.2, CA Identity Manager r8/r12Solaris 8/9/10, Active Directory, Windows 2000/2003, Oracle 10g/11g, SQL Server 2005.

Confidential, Jersey City, NJ

Security Engineer

Responsibilities:

• Creating Static and Dynamic roles, Provisioning policies based on the requirement
• Working on user identity issues like password issues, inactive profile/accounts issues
• Documentation of TRD, BRD & DLD, analysis of current and future processes/systems
• Worked on Cyber Ark Enterprise Password Vault and PVWA.
• Installed and configured Private Ark to Client to manage Vault server.
• Managing, monitoring and Supporting systems hardware, software, and applications.
• Resolved CyberArk issues in CPM communicate with host to reconcile credentials.
• Researching, recommending, and implementing new solutions in support of project and business requirements with focus on security and privacy.
• AIM to remove hard coded password from application and stored those credentials in Vault.
• Integrated Active Directory to the Vault Server to discover devices using bind account.
• Efficiently Managed Active Directory implementations across multiple domains.
• Worked on administering of User accounts, Group memberships, and Organizational Units using Active Directory.
• Coordinating efforts with vendors for upgrades and system maintenance.
• Managed failed accounts synchronization and password rotations.
• Confirming that all projects and infrastructure are properly documented.
• Cyber Ark integration with SIEM tool Arcsight.
• Managed sessions in Privileged session management (PSM).
• Generated reports of the account and devices inventories in the Cyber Ark.
• Perform system, security, and application log and reports reviews following established procedures.
• Good understanding of policies in Cyber Ark Central Policy Manager (CPM) and (PSM) on boarding windows and Linux accounts.
• Fallback from DR vault server to production in case of production vault server failure.
• Performed real-time proactive security monitoring and reporting on various security enforcement systems, such as NITRO (SIEM), Anti-virus, Internet content filtering/reporting, malcode prevention, Firewalls, IDS & IPS, Web security, Anti-spam, etc.
• Analyzed output from network vulnerability assessments and recommend mitigation strategies. Reviewed and provided feedback on security plans and procedures regarding all aspects of LAN, WAN or MANs as applicable. Worked with Cyber Ark utilities, PAR explicate, PACLI and PAR client.
• Responsibility includes maintenance of the system by installing and upgrading the application packages for Siteminder Policy server, Web servers and LDAP.
• Involved in performance tuning activities for SiteMinder and Sun One LDAP Directory Server.
• Installed and configured Apache, Microsoft IIS and Sun iPlanet web servers, Weblogic application servers, with Netegrity Siteminder authentication, and Sun One LDAP Directory Server.
• Installed and configured various web agents in accordance with the web servers involved.

Environment : Cyber Ark 7, 8, 9. PIM, LDAP, AD Integration, UNIX, Firewall, IDS/IPS, SIEM, IIS, IBM HTTP SERVER, PVWA, PSM, AIM or CCP, CPM, PTA ACS, DNS, TCP/IP, Security, VB script, Powershell.

Confidential, PA

Security Administrator

Responsibilities:

• Performed SiteMinder Policy Server and Web Agent installation, and upgrades including Quarterly Maintenance Releases, Service Packs and Solution Modules for SiteMinder.
• Installed, Configured and administered Sun One Directory Server, Novell eDirectory. Designed and implemented SSO and authentication using SiteMinder.
• Integrated new applications with SiteMinder, including IPlanet Web Server, IIS, and IPlanet Directory Server, across multiple environments including Windows, Solaris, NT, and Linux.
• Implemented password policies for all the applications using SiteMinder.
• Cyber Ark Vault Maintenances. Building CyberArk safes and adding different applications/portfolios in the safes.
• Active Directory group/user authentication and maintenances.
• Manager (CPM) where all account resides.
• Maintain Privilege Vault Web Access (PVWA) for RDP/VPN users, experience with PKI Vault encryption & decryption. Maintain Active Direction for Privilege Users, groups, and users.
• Building CyberArk safes and adding different applications/portfolios in the safes.
• Active Directory group/user authentication and maintenances. Authentication and Authorization of Privilege users working with Cyber Ark and Access Management.
• General managing of Cyber-Ark Security that offers any enterprise a wide range of services and support options to making digital vault solution a success; these services include implementation, consulting, training, maintenance, online support and vault scripting, SIEM, and Digital Certification supporting. Decommissioning servers as need be or as requested by server Engineers.
• Setting security policies to enhance orderliness in the usage of security issues.
• Knowledge of CPM/PPM/EPV/PSM&PSM Recorder for RDP connections and session recording of activity logs in the PVWA, such as SIEM.
• Authentication and Authorization of Privilege users working with Cyber Ark and Access Management.
• General managing of Cyber-Ark Security that offers any enterprise a wide range of services and support options to making digital vault solution a success; these services include implementation, consulting, training, maintenance, online support and vault scripting, SIEM, and Digital Certification supporting.
• Carried out bug fixes and/or report bugs back to the development team.
• Worked as a part of 24x7 on call support for production team.

Environment: Cyberark, Siteminder, IBM WebSphere Application Server, IBM BPM, IBM ODM, Apache, IBM WebSphere MQ , Linux, AIX, IBM HTTP Server, Apache HTTP Server, LDAP, Tivoli Performance Viewer, Oracle 10g, DB2, Python, JACL, Shell Script.

Confidential

Software Engineer

Responsibilities:

• Technical resource on the product development team in building Federal Retirement benefits (FRBWEB) application. FRBWEB was developed as an ASP model to serve the needs of Federal Employees.
• The Contract Information and Reporting System (CIRS) is a US state-of-the-art Web-based system that allows VISN Coordinators, VA Revenue Coordinators, and other VA users to collect, track, and exchange information about contracts awarded by VA Headquarters, VISNs or individual medical facilities for services relating to US revenue operations.
• Requirement Analysis and gathering Information related to Civil Service Retirement System and (CSRS) and Federal Employees Retirement System (FERS) retirement systems in both production and non-production environment.
• Detailed study of the System specifications provided by the client.
• Developed PL/SQL scripts for porting data from custom database to FRB database. Unit tested the screens for validity.
• Used JavaScript as the standard client side validation code and created several templates using HTML in both production and non-production environment.
• Participated in post-implementation support and problem resolution. Involved in development of user interface layer using HTML and JSP. Involved in development of data access classes using JavaBeans.
• Actively participated with team for maintaining quality management procedures for developing code. Handled client communication, deliverables.
• Developed user interface to access U.S. federal government PDF forms. Developed acrobat validation scripts to validate PDF input fields.
• Developed business components for easy storing and retrieval of data to FRB database in both production and non-production environment.
• Testing, Debugging and Implementation. Actively participated with team for maintaining quality management procedures for developing code.

Environment: Java, J2EE, SOA services, JPA, JSP, Agile/Scrum, Eclipse, HTML, DHTML, XML, JavaScript, AJAX, WebLogic 10.3, ANT, Apache Axis, WSDL (Restful), SOAP, XML, LDAP, TCP/IP, JavaScript, OSS, Clear Case, XSLT, CSS, JMS, Oracle 10g, Spring, SQL, Pl/SQL.