We provide IT Staff Augmentation Services!

It Security Architect & Lead Resume

Riverview, FloridA

PROFESSIONAL SUMMARY:

  • 9.11 Years of Extensive exposure to Identity & Access Management, Federation, Directory, Application & Web Servers
  • Strong experience on Architecture Design and Implement Identity and Access Management solutions, Programming Skills with sufficient R & D exposure.
  • Strong process understanding, encompassing technical as well as business processes, and mapping the same to each other.
  • Fundamentals of technology with ability to add values to the business using technology.
  • Proficient in Analysis, Design, and Implementation of Business Applications using the Identity and Access manager.

IT SKILLS:

Identity Management: Oracle Identity Manager (OIM) 11gR2 & PS1, PS2 and SOA, IBM Tivoli Identity Manager (ITIM, ISIM), Sun Identity Manager, Oracle Waveset, CA Identity Manager/ IdentityMinder r12.5

Access Management/Single Sign On Solution: Oracle Identity Governance (OIG), Oracle Access Manager (OAM) 11gR2 & PS1, PS2 Oracle Adaptive Access manager, Oracle Identity Federation (OIF), Webgates IBM Tivoli Access manager (ITAM) 6 & 7, IBM Security Access manager (ISAM) 8.0 Virtual Appliance for Web and Mobile, IBM Security Access manager 9.0 Virtual Appliance for Platform & Advanced Access Control, Web Reverse Proxy, IBM Federated Identity Manager (IFIM), Webseals, Web Services Security Sun Access manager, Open SSO, OpenAM, Policy Agents, CA Netegrity Siteminder r6.0, R12, R12.5, ADFS Identity Federation, Ping Federation SSO, SAML, SOAP, API, OAUTH, NTLM, LDAP, Kerberos, PKI, etc.

Directory server: Oracle Unified Directory 11g, Oracle Virtual Directory 11g, Oracle DSEETivoli Directory Server 6, Sun Directory Server 5.2, 6.2, 6.3, Open DS, iPlanet Directory server, CA Directory r12, & Microsoft Active Directory

Application/Web Server: BEA/Oracle Weblogic, IBM WebSphere, Sun Application/ Web ServerJBoss, Sun proxy server, IIS, Apache, Tomcat, Glassfish IBM/ Oracle HTTP Server

Languages: C, C++, Java, J2EE, JNDI, JSP, HTML, XML, SAML, Perl, Bash, Xpress, PowerShell

RDBMS: Oracle, MS SQL, MS Access, My SQL, IBM DB2

IDE: Eclipse, NetBeans, JDeveloper, SQL Developer, IBM Directory Integrator

Operating Systems: Solaris, Linux, Unix, AIX, HP UX, Windows

PROFESSIONAL EXPERIENCE:

Confidential, Riverview, Florida

IT Security Architect & Lead

Responsibilities:

  • Understanding existing IAM environment and analyzing the IAM requirements.
  • Working as Team lead and handling customer Confidential onsite and team in offshore (3).
  • Supporting existing Tivoli Identity manager, access manager, federation identity manager, and Tivoli Directory Integrator and directory service applications.
  • Designing High availability, Disaster recovery, Replication and Clustering for production environment
  • Done upgradation of Tivoli Access manager 6.1 to Security Access Manager 7. Tivoli Federation Identity Manager 6.2.1 to 6.2.2. Tivoli Directory server 6.2/6.3 to 6.4. Tivoli Directory Integrator 7.1 to 7.2. WebSphere application server 7 to 8.5. IBM DB2 9 to 10.5 And Tivoli Identity Manager 5.1 to Security Identity Manager 6 FP10
  • Performed Separate system upgrade and data migration of Tivoli Identity Manager Version 5.1 that is deployed on WebSphere Application Server 7.0 to Security Identity Manager Version 6.0.0.10 that is deployed on WebSphere Application Server 8.5
  • Architecture Designing and Migrating production environments to Microsoft Azure cloud environment
  • Setting up TFIM SAML 2.0 / OAuth Federation with many separate entities
  • Worked on different Federation methodologies like SAML, OAUTH, NTLM, LDAP, Kerberos, PKI, web services security, role - based access control, multi-factor authentication, and SSO
  • Creating complex TDI Assembly Lines to Automated employee provisioning based on HR flat file / Employee Termination / send updates to Service Now using SOAP web services call / schedule monthly report based on Mosaic requirement.
  • Integration Microsoft Active Directory and FIM
  • Setting up IAM development environment same as production environment
  • Configuring new application with Security Access manager and configuring SSO and Desktop Single Sign On (SPNEGO)
  • Configuring High availability & replication setup (Master-Master, Master-Replica and Master-Gateway) for ISIM/SAM TDS instances, SAM WebSeal instance.
  • Creating and using ACL, POP, Dynamic rules, Virtual hosting and Junctions as per the application SSO requirement.
  • Setting up Role based provisioning and role based access in Tivoli identity manager.
  • Performing advanced performance tuning on all IAM tools. And timely updating the latest fix packs to the production IAM applications.
  • Created Identity manager delegation administration with ACL’s views and groups.
  • Configured different Security Identity manager adapters: SAP Net viewer, Oracle, UNIX/Linux, Salesforce, Windows Active Directory, Maximo - Tivoli Service request, Service Now and different feeds.
  • Configure Windows Active Directory Agents and Reverse password sync agent
  • Generate Security Identity manager custom reports and provide run report access to L1 teams
  • Implementing Contractor certification process in Tivoli Identity manager Forms and Workflows.
  • Configuring Static and Dynamic roles, Provisioning policies, LCR’s
  • Creating new / modifying Workflows, adding approval and escalation activities
  • Install IBM Security Access Manager 8.0 Virtual Appliance for Web and Mobile, IBM Security Access Manager 9.0 Virtual Appliance for Platform & Advanced Access Control on ESXi 5.0 for development environment
  • Configuring Network Interface, User registries, Web Reverse Proxy (Authentication, Authorization, Junction, Virtual Hosting, ACL, POP, QOS, Authzn Rule etc)
  • Worked on ISAM 9 Advanced Access Control Configuration, Managing application interfaces, runtime components, user registries, external authorization service, isamcfg, Custom PIP (Policy Information Point), STS (Secure token service)
  • Create and manage cluster, HA and Front end load balancer
  • Administering Local management interface (LMI) and command-line interface (CLI)
  • Administering Web Reverse Proxy or Webseals and Security Access Manager Base
  • Configuring one-time password, Consent-based device registration, Device fingerprints, Authentication Policies, Attributes, Context-based authorization or Risk based access
  • Log Monitoring, Generating Support file, Auditing and Troubleshooting
  • Creating TDS ACL's and Rules to restricting access to different applications
  • Migration of data and solutions from an instance of a previous version (6.2/6.3 to 6.4). Built new TDS instance with same and diff seed/salt and configured two-way cryptographic synchronization between multiple TDS Instances.
  • Configuring SSL for production TDS Instances.
  • Configured DB2 clustering (Active-Active, Active-Passive), creating metadata repository database which is shared between nodes installed on different machines. And also maintained a Remote Disaster Recovery instance.
  • Configuring DB2 Backup (Full and incremental), Weekly full backup and nightly incremental delta backup
  • Installation of WebSphere application server with Single server and Network Deployment (dmgr, nodeagents, nodes, cells, bus, jms, jdbc, ssl, security, ldap and many other configurations)
  • WebSphere application server clustering and configuring webserver in front of WebSphere instance in DMZ layer.

Environment: IBM Tivoli Identity Manager 5.1, IBM Security Identity Manager 6fp10, IBM Tivoli Access Manager 6.0, IBM Security Access Manager 7.0, Tivoli Federation Identity Manager 6.2.2, IBM Security Access manager 8.0 Virtual Appliance for Web and Mobile, IBM Security Access manager 9.0 Platform & Advanced Access Control, IBM Security Access Manager Web Reverse Proxy, Tivoli Directory Integrator 7.1/7.2, Tivoli Directory Server 6.2/6.3/6.4, IBM Security Access Manager Webseal, IBM DB2 9.5/10.1, IBM WebSphere Application Server 7.0/8.5, IBM HTTP Server 7.0, Java & Eclipse, Fiddler, HTTP Analyzer, SOAP Debugger, F12 Developer Tool, Java/JNDI, PowerShell, Java Script, SAML, XSI

Confidential, MN

IAM Module Lead

Responsibilities:

  • Working as Team lead and handling the team and transition from Vendor Accenture.
  • Discussing directly with the client on the requirement gathering and the future enhancements.
  • Supporting the existing Sun IAM, Directory Server, OpenSSO, Ping Federation and ADFS setup.
  • Create new federation partners with ADFS (SAML 2.0, OAuth)
  • Developing the existing Sun Identity Manager functionality with Oracle Identity Governance suite/ Oracle Identity Manager 11g (in development environment)
  • Installation of Oracle Identity manager setup in Solaris and Windows environment and configuring it with Weblogic & SOA.
  • Installed/ Configured Windows Active Directory, Exchange, Oracle Database and Sun Java System Directory Server Connectors.
  • Added user-defined fields and associated them with Lookup Definitions.
  • Created Flat File Generic Connector as an authoritative source and ran a scheduler.
  • Configured Directory Server as an authoritative source and performed Trusted Source Reconciliation to bring Directory Server users into Oracle Identity Manager.
  • Written Adapter Factory to pre populate the resource forms and done automated provisioning using Access Policies using AD Groups
  • Developed an Approval Process using the graphical workflow designer.
  • Configured delegated administration and role based access
  • Implemented different Password Policies for different type of users.
  • Configured event triggers to trap and push account profile changes to/from Oracle Identity Manager user attributes
  • Configured different reports and helped Auditing team with generating different reports.
  • Setting up ADFS and Ping Federation SAML 2.0 / OAuth Federation with many separate entities
  • Worked on different Federation methodologies like SAML, OAUTH, NTLM, LDAP, Kerberos, PKI, web services security, role-based access control, multi-factor authentication, and SSO
  • Developing the existing Oblix and OpenSSO functionality with Oracle Access Manager 11gR2.
  • Migrating current Ping Federation and ADFS solution with Oracle Federation Manager Suite. Configured different type of partners.
  • Configured TFIM as Identity provider and Service provider using SAML 2.0, OpenID, OAuth
  • Performed POC for Security Token System, Mobile and Social SSO using REST Service.
  • Installed and configured Oracle Access manager 11g, Oracle database, Oracle Unified Directory, Weblogic application server, Different Webgates
  • Configured different LDAP servers as Access Manager Default Store and System Store
  • Configured different Password Policies and Manage sign-on, sign-off, and sessions.
  • Configured Risk based Authentication using Oracle Adaptive Access Manager (OAAM), Oracle Mobile & Security Suite, Oracle Identity Federation and SAML customizations.
  • Developed Oracle 11g, Oracle 10g, mod sso, OpenSSO adapters and also Custom Webgates using 11g Access SDK and APIs and Web Services security using OAM.
  • Configured Detached Credential Collector (DCC) and configured different type of login pages.
  • Configured Weblogic cluster and OUD Replication and HA availability of Webgates with session failover
  • Configuring replication (dsreplication) between multiple OUD instances and configuring it with Proxy and Load Balancer.
  • Managing OUD Privileges, ACI’s and creating account for other application teams with read-only permissions.
  • Managing OUD with Oracle Directory Services Manager ODSM and through command utilities.
  • Managing OUD schema and Extend the schema over LDAP & Create a custom schema file
  • Performing performance tuning on Oracle Identity Governance tools. Making the required appropriate changes.

Environment: Sun Identity manager, Open SSO, SJS DS, Oracle DSEE, Oracle Identity manager 11gR2, SOA, Oracle Access manager 11gR2, Oracle Unified Directory, Webgates, Oracle Internet Directory, IBM WebSphere AppServer, Weblogic Application Server, Apache webserver, Oracle Database 10g, 11g, Windows AD 2003, ADFS, Ping Federation, Open SSO Policy Agent 3.0, Java & Eclipse, Fiddler, HTTP Analyzer, SOAP Debugger

Confidential

Senior Technical Associate

Responsibilities:

  • Understanding existing IAM environment and analyzing the IAM requirements.
  • Working with 2e2 UK Consultants for taking Knowledge transfer, understanding Day-to-Day support activities and maintaining Confidential IAM servers.
  • Working as Team lead and handling the team and transition plans.
  • Discussing directly with the client on the requirement gathering and the future enhancements.
  • Supporting the existing Sun IAM and Sun Secure Global Desktop setup.
  • Design and Upgradation from Sun Identity manager to Oracle Waveset 8.1.1 on Glassfish application server
  • Providing knowledge transfer to internal team members on different IAM technologies and Confidential project.
  • Worked in Design and Implementation of the existing Sun IAM System Improvement Plans (Phase 2 of Development).
  • Developing the existing Sun Identity Manager functionality with Oracle Identity Manager 10g
  • Installation of Oracle Identity manager setup in Solaris and Windows environment and configuring it with JBoss & Weblogic application servers.
  • Installed/ Configured Windows Active Directory, Exchange, Oracle Database and Sun Java System Directory Server Connectors.
  • Added user-defined fields and associated them with Lookup Definitions.
  • Created Flat File Generic Connector as an authoritative source and ran a scheduler.
  • Configured Directory Server as an authoritative source and performed Trusted Source Reconciliation to bring Directory Server users into Oracle Identity Manager.
  • Written Adapter Factory to pre populate the resource forms and done automated provisioning using Access Policies using AD Groups
  • Developed an Approval Process using the graphical workflow designer.
  • Implemented different Password Policies for different type of users.
  • Configured event triggers to trap and push account profile changes to/from Oracle Identity Manager user attributes
  • Implementing Oracle Access Manager Solution for web applications.
  • Configuring different LDAP as default and system store.
  • Configuring different Authentication modules, Authentication and Authorization policies, Host Identifiers
  • Configured access manager DCC and ECC login solutions in internal and DMZ network.
  • Performed High availability and replication setup for Oracle Access manager, Database, Data and System stores
  • Installation of OVD server and manager, creating new project. Configuring LDAP and Database JDBC adapters
  • Definition of overall virtual directory structure.
  • Configuration and processed to join records from different directory sources into a single view
  • Managing OUD Privileges, ACI’s and creating account for other application teams with read-only permissions.
  • Managing OUD schema and Extend the schema over LDAP & Create a custom schema file
  • Performing performance tuning on Oracle Identity Governance tools. Making the required appropriate changes.

Environment: Sun JES-5, SJS Application server, Sun Solaris 10, Sun Identity manager, Oracle Waveset, Sun & Glassfish Access Manager, Sun Secure Gateway Desktop, SJS DS, Oracle Identity manager 11gR2, Oracle Access manager 11gR2, Oracle Internet Directory, Weblogic application server, JBoss AppServer, Oracle Database 10g, Windows AD 2003, AM PolicyAgent 2.2 & 3.0, Java & Eclipse

Confidential

Senior Technical Associate

Responsibilities:

  • Performed setup in development environment
  • Installation and configuration of TDS and TDS Upgrade Component, Web Admin Tool, TAM - Policy Server, TAM - Authorization Server, Development Kit, Web portal Manager, WebSeal, IBM Tivoli Directory Integrator
  • Using PDADMIN Command for the Policy Server Administration.
  • Creating New domain and new web seal instance through GUI and command line.
  • Tivoli Federated Identity manager installation and configuration as IDP and SP
  • Configuring High availability setup
  • Creating and using ACL, POP, Dynamic rules, Virtual hosting and Junctions
  • Configuring Form based authentication, Trust Association Interceptor Plus
  • Configuring different sign on functionalities like - Single Sign On, Same Sign On, Cross Domain SSO and Desktop Single Sign On (SPNEGO)
  • Worked on Common Auditing and Reporting Service - CARS and WebSeal Session management
  • Writing java program using TAM API’s

Environment: IBM Tivoli Access manager 6.0, IBM WebSphere application server, IBM Tivoli Directory Server, Webseal, Apache webserver, IBM HTTP Server, IBM Tivoli Directory Integrator, Windows AD 2003, Java & Eclipse

Confidential

Senior Technical Associate

Responsibilities:

  • Understanding existing Confidential IAM environment and analyzing the IAM requirements.
  • Working with IBM India Consultants for taking Knowledge transfer, understanding Day-to-Day support activities and maintaining Confidential IAM servers.
  • Working as Team lead and maintaining the team size of 5.
  • Prepared a detailed plan document to move from Sun IAM to Oracle IAM solution.
  • Done POC to move Sun Identity manager v8 to Oracle Identity manager 10g
  • Discussing directly with the client on the requirement gathering and the future enhancements.
  • Maintenance of Active sync and reconciliation process for synchronization across resources such as: Oracle database resource, WBI Message Queues, Windows Active Directory and Directory servers.
  • Working on different Sun/Oracle Identity and Access Manager Software’s: Sun Identity Manager, Oracle Identity Manager, Sun Access manager, Sun Directory server, Sun Application server, Sun Web server (Reverse Proxy configuration) and CISCO Hardware Load balancers.
  • Providing knowledge transfer to internal team members on different IAM technologies and Confidential project.
  • Prepared Confidential IAM System Operation Manual and System Appreciation Document. Published the same to team and Client (VHA).
  • Performed POC to implement the solution with CA Siteminder Access manager R12 and perform single sign on, same sign on, Kerberos and multi factor authentication.
  • Configured 2 end applications with CA Siteminder and ran different test cases.

Environment: Sun JES-5, SJS Application server 8.1, Sun Solaris 10, Sun Identity manager, Sun Access Manager, SJS DS, Oracle Identity manager & connectors, Windows AD 2003, AM PolicyAgent 2.2 & 3.0, Java

Confidential

Senior Technical Associate

Responsibilities:

  • Understood existing Confidential IAM environment and analyzed the IAM Ph2 requirement.
  • Installed and configured Sun Access Manager with sun Directory server and Windows Active directory.
  • Configured Single sign on, same sign on, Desktop Sign on for Confidential applications.
  • Configured different Authentication types: Realm, Module, and Role based authentications.
  • Configured multiple authentication module and authentication chains for a Realm.
  • Protected Confidential application which is deployed on WebSphere application server, WebSphere portal server, SJS Application server, Apache Tomcat, Sun web server, sun web proxy server, sun Glassfish.
  • Created self signed & CA certificates (PKI) imported the same to sun identity and access manager domains.
  • Configured Web services security in Sun Access manager by certificate based and user identity based.
  • Configured the Access Manager Load Balancer & Setting up the Multi-Master, Master-Consumer replication of Directory Server instances.
  • Worked on requirement analysis and created Technical/Low level design and Operation manual documents.
  • Implementing Sun Identity Management Infrastructure and deployed it in various Application servers.
  • Created custom reports to satisfy Confidential needs.
  • Configured database, LDAP, AD, JMS resource adapters and also created custom resource adapters.
  • Created robust workflows and multiple approval processes.
  • Customized end-user page to provide ability to request for Target applications.
  • Worked on Activesync, Reconciliation, Bulk uploading, Launch bulk action functionalities.
  • Created process documents and deployment manuals for IAM security and AD Synchronization processes. Shared the document with Confidential .
  • Installation and configuration of TDS and TDS Upgrade Component, Web Admin Tool, TAM - Policy Server, TAM - Authorization Server, Development Kit, Web portal Manager, WEBSeal, IBM Tivoli Directory Integrator
  • Using PDADMIN Command for the Policy Server Administration.
  • Creating New domain and new web seal instance through GUI and command line.
  • Tivoli Federated Identity manager installation and configuration as IDP and SP
  • Configuring High availability setup
  • Creating and using ACL, POP, Dynamic rules, Virtual hosting and Junctions
  • Configuring Form based authentication, Trust Association Interceptor Plus

Environment: Sun JES-5, SJSApplication server 9.1, Sun Solaris 10, Sun Identity manager 8.1, Sun Access Manager 7.1, OpenSSO 8, SJS DS 6.2,6.3 Windows AD 2003, AM PolicyAgent 2.2 & 3.0IBM Tivoli Access manager 6.0, IBM WebSphere application server, IBM Tivoli Directory Server, Webseal, Apache webserver, IBM HTTP Server, IBM Tivoli Directory Integrator, Java, Eclipse, CA Certificates, PKI keytool, certutil & openssl, web services and SAML assertion

Confidential

Senior Technical Associate - I&AM Developer

Responsibilities:

  • Installed and configured Sun Access Manager with sun Directory server.
  • Installed and Configured AM Distributed Authentication User Interface.
  • SSO protecting Confidential applications with Sun Access manager and troubleshooting the problems.
  • For Access manager configured Reverse proxy settings with web server and web proxy servers.
  • Implementing Sun Identity Management Infrastructure and deploying it in various Application servers.
  • Configured and worked on LDAP, Oracle, Flat file & JMS Queue ActiveSync’s.
  • Worked on Identity manager with SPML and SPML2.0 web services.
  • Configured JMS Queue resource adapter and written Java programs to write into Queue.
  • Worked on Backup and recovery activities of SIM, SAM and DS.
  • Installed Siteminder Policy Server6.0 and configured Siteminder Web Agents for different application servers like IIS, WebSphere, JBoss, Sun Application Server and Tomcat.
  • Created different Realms, Policies, Rules, Responses, Authentication Schemes, and User Directories.
  • Configured High availability with CA Siteminder instances, and configured multi master replication between Siteminder User Stores and Policy Stores.
  • Upgrade CA Siteminder 6.0 to R12 and migrate the SSO applications to new version.
  • Installed and configured Login servers, Cookie servers configured it with policy server.
  • Install and configure CA Identity manager and implement the solutions running on Sun Identity manager.
  • Worked on CA Identity manager functionalities like: provisioning/de-provisioning, fine- grained entitlement management, policy modelling using Xpress, Bulk updates, Task scheduling, self-registration, Forgot/reset password functionality, request based provisioning, approval based provisioning, Delegation administration, Workflow design with manual approval process, Role administration, Out-of the Box connectors and Xpress connectors, Reconciliation and standard/custom reporting.
  • Troubleshooting SSO enabled applications and web agent related issues
  • Prepared Installation, Implementation & Process Flow documents.
  • Training and Knowledge transfer to other team members.

Environment: Sun JES-5, SJSApplication server 9.1, Sun Solaris 10, Sun Identity manager 8.1, CA Netegrity Siteminder 6.0 & R12, CA identity manager, Sun Access Manager 7.1, SJS DS 6.2,6.3 Windows AD 2003, AM PolicyAgent 2.2, Java, Eclipse

Hire Now