SUMMARY

• Security Engineer over 6 years of Experience in development, design, and implementing security in IAM technologies that consist of PingFederate, Ping Access, Ping ID, SiteMinder and LDAP directories.
• Continuously improving and automating in IAM technologies that consist of PingFederate, Ping Access, Ping ID, SiteMinder and LDAP directories.
• Experience in working on Ping federate 8.x, 9.x, SAML 2.0, Oauth 2.0, OpenID/Connect (OIDC).
• Demonstrated POCs for API security like integration with Open AM, Site Minder, OAuth 2.0, JWT token and certificate authentication.
• Created the Federation service between Site Minder federated web services to Ping federate for classic migration of applications that are SAML and WS - FED based applications.
• Experienced with multiple Ping Federate adapter’s HTML form, x509, Kerberos, open token, referenceID, ping ID and composite adapters.
• Creating Adapters, Service Provider and Identity Provider connections, replicating configuration archive, exporting Metadata, importing and exporting SSL s using Ping Federate.
• Installed and configured Ping Access servers, Gateways and Agent to protect the resources. Including in the new infrastructure were the installation of PingFederate and Ping Access
• Worked on Ping Access Integration with Ping federate to Protect the applications using Ping Access Tokens.
• Implemented OAuth and OpenID for mobile and non-browser solutions using Ping Federate.
• Worked on all the Ping Federate OAUTH grant types to get the access token in order to access the protected API.
• Experience in token, FORM based authentication and X.509 certificate based authentication and creating Custom Authentication Schema and adapters.
• Excellent communication skills and working on with SAML Trace, Server log files for trouble shooting the error from client end.
• Maintained both Test and Production servers for Ping Federate along with the cluster management and timely Replications to deploy changes to servers.
• Designed, deployed and supported highly available and scalable Ping Federate infrastructure in AWS and On-premise that provides single-sign-on (SSO) and federation solutions for internal accesses.
• Ping Federate Performance tuning for supporting support heavy traffic.
• Responsible for preparing documentation for each application and also providing the Run Book to the Operations team to troubleshoot issues.As an integral part of the 24/7 On-call team for troubleshooting outages/ issues.

TECHNICAL SKILLS

Identity Access Management (IAM): PingFederate 6.x/7.x/8.x/9.x,10.x PingOne, SiteMinder, ADFS, Ping Access, and PingID.

Data Stores: Sun One LDAP, Active Directory, Policy Servers and Oracle Directory Server, CA Directory store.

Web Servers: Microsoft IIS 6.0/7.0, Apache 2.x, Tomcat.

Operating Systems: Windows 2008/2012/2016 , Windows 7/8/8.1/10, Solaris, Linux, and Unix

Applications: MS Office suite, Eclipse, PuttY, MremoteNG, SoapUI, Apache Directory Studio

PROFESSIONAL EXPERIENCE

Confidential, Eagan, MN

Security Engineer (Ping Identity)

Responsibilities:

• Working with application’s business and technical teams to gather requirement to integrate application with PingFederate/PingAccess/PingID for Single Sign On.
• Designing and implementing applications integration with PingFederate/ PingAccess/PingID in both Non-Production and Production.
• Creating SP /IDP connections in Ping Federate using SAML2.0 protocol based on applications details or metadata
• Creating various Ping Access configurations - creating site, application, Identity Mapping, Web Session etc.
• Worked on Pairing PingID devices in PingOne platforms and adding new users to PingID uses AD group.
• Worked on Active Directory LDAP schema tools for user lookup for troubleshooting purpose.
• Migrated SAML Based SSO partners from Ping Federate 8.3.2 to 9.3.1
• Migrated PingFederate platform to new cloud servers for Future mode of operation.
• Configure Ping ID MFA in ping Federate for providing two factor authentications for some applications Troubleshooting application integration/migration issue with respect to Ping SSO.
• Identify security gaps through Ping; if there is any, then will develop roadmap/solutions that fit with company/customer systems architecture standards.
• Research, evaluate, design, test, recommend, and plan implementation of new and/or improved information security with a focus on SSO and MFA with consumers, caregivers, vendors and partners.
• Manage SSO and MFA server inventory and work with different teams to manage SSO servers, firewalls, storage, network etc.
• Demonstrate a working knowledge of identity and access standards and technology including SAML, OAuth, OpenID Connect.
• Integrate Ping with common identity stores like LDAP, relational databases, application servers, virtual directory servers, physical access management systems.
• Good understanding about the Certificates and the Meta data which are used for exchanging the SAML Standards between the parties like client and customer.
• Used the tools like Splunk for checking the logs and used other tools like SAML Tracer, SAML Decoder, Fiddler for Troubleshooting.

Confidential, Bloomington, CT

IAM Engineer (Ping identity)

Responsibilities:

• Experience in gathering Business requirements documents, Functional requirements documents.
• Involved in all the stages of software development lifecycle like design, development and implementation and testing.
• Worked on configuring the connections to application in achieving the SSO using Ping Federate and Ping Access in various domains.
• Worked on different protocols like SAML 2.0, WS-FED, OAuth and have a good understanding in Access Token Management, Authentication Policies, selectors in Ping Fed.
• Worked on writing few scripts and updating the Archiving scripts into the Linux servers.
• Used Winscp Client for transferring the files between servers and local machines.
• Documented everything in the shared OneNote related the daily touch bases and important key points.
• Followed and created Method of procedures (MOPs) standards to save the templates in repository for future reference which explained about whole process of the build in a detail.
• Used different adapters like Kerberos, NTLM, IWA and HTML form based.
• Configured redirection validation to restrict Service provider connection usage to only a few domains for security reasons.
• Worked on token processor creation on PingFederate for Ping Access and Kerberos.
• Worked heavily on SAML 2.0 in configuring applications which are hosted internally and Azure Cloud.
• Worked on both internal and external vendor applications and third party.
• Created both IdP and SP initiated connections using Ping Federate
• Worked on Linux and windows environment where the servers are installed.
• Also worked on Mobile connectivity supported applications using the Citrix secure hub.

Confidential, New Jersey

Security Engineer (Ping/SiteMinder Engineer)

Responsibilities:

• Experience in installing, configuring SiteMinder policy server, Web agents, Active Directory server (LDAP) and various Web & Application servers.
• Implemented CA Identity Manager solution for provisioning, delegated administration, workflow implementation and generating audit reports to be compliant with the security regulations.
• Implemented custom attributes properties to track the information about the recipients of the application site.
• Configured custom alerts and e-mail notifications based on the business needs.
• Worked extensively on creating Custom Password policies and Authentication schemes as per the requirement.
• Experience in Configuring CA SiteMinder policy server, framing Rules and Policies, Policy Server maintenance, SSO call clearance, Web Agent & Application agent installations, troubleshooting production problems.
• Migration of SiteMinder 5.5 to 6.0 & 6.0 to 12.0 for advanced Load balancing, failover configurations and for facilitation of user impersonation.
• Installed, configured and integrated Web servers (plug-in file), SiteMinder agents and LDAP user directory with Weblogic Server V10.
• Installation of SiteMinder Policy Server Optional Pack and Web Agent Optional Pack for Federation web services.
• Experienced in assisting Web Administrators, LDAP Administrators to determine what the best values for SiteMinder parameters and tune the system to boost SiteMinder performance in the Web Tier, the Application Tier, and the Data Tier.
• Created SP/IDP connections using Ping Federate with external partners via metadata.xml, URL's files and Manual connections.
• Migrated SAML Based SSO partners from Ping Federate 7.1 to Ping Federate 7.3, 7.3 to 8.2.
• Supported development with integration of Mobile Apps using OAuth/SAML in Ping Federate.
• Maintained both Test and Production servers for Ping Federate along with the cluster management and timely Replications to deploy changes to servers.
• Designed, deployed and supported highly available and scalable Ping Federate infrastructure in AWS and On-premise that provides single-sign-on (SSO) and federation solutions for internal accesses.
• Responsible for preparing documentation for each application and providing the Run Book to the Operations team to troubleshoot issues.

Confidential

SiteMinder and LDAP Consultant

Responsibilities:

• Installed, Configured and administered SiteMinder and Sun One Directory Server.
• Installation, Configuration and Administration of IBM WebSphere Application Server 5.1 on UNIX platform, Linux, I series.
• Used Site Minder for authenticating the user passwords for the web application.
• Worked with SiteMinder administration for user directories, agents, logs and cache management, agent configuration objects.
• Worked on Configuring the Domains, User directories, Rules, Realms and Policies.
• Worked on Load balancing the SiteMinder for high performance.
• Involved in the Upgradation of SiteMinder Policy Servers from version 5.5 to 6.0 and SiteMinder Web Agents from version 5.5 to 6.x
• Installed and configured the LDAP Sun ONE Directory Server. Configured the multi master replication in Sun ONE Directory server.
• Worked on Fine tuning of Web agent and policy servers for optimized performance
• Implemented password policies for all the applications using SiteMinder.
• Trouble shooting errors both Application & JVM also analyzed heap/core plus error logs - configured tuned JVM for optimum performance.
• Monitored Applications and WAS performance through Tivoli Performance Viewer and tuned the system caching, queuing, JVM parameters, DB Connection Pooling.
• Created IBM Problem Management Records (PMR) to report WebSphere Application Server problems. Analyzed log files to solve problems using debugging tools like Log Analyzer, First Failure Data Capture Tool and Collector Tool.