- Experienced in the developing, Reviewing and updating Security documents such as system (SSP), contingency Plans, Disaster Recovery Plans, Incident Response Plans/Training. And configuration Managements Plans, System Security Checklists, Privacy Impact Assessments, POA&M
- Deploy Single Sign On configurations to Production and validate deployments and functionalities
- Expertise in National Institute of standard and Technology Special Publication (NIST SP) documentation, Performed Assessment, POA&M Remediation and document creation using NIST SP 800 - 53 Rev 4.
- Troubleshoot and resolve SAML, OAuth and OpenID connect issue uncovered in testing and report in production incidents.
- Good knowledge of TCP/IP, firewalls, routers, and network protocols and technologies
- Exhibited client facing skills and capability to articulate technical concepts to a variety of technical and non-technical audiences.
- Perform Security reviews of application designs, source code and deployments as required, covering all types of applications (web application, web services)
- Assisted in developing appropriate security measures to remediate system flaw
- Executed daily vulnerability assessments, threat assessment, mitigation and reporting activities to safeguard information assets and ensure protection has been put in place on the systems
- Experience working with NIST SP 800 series and FIPS documents
- Experience with vulnerability scanning tools like NESSUS, WEB INSPECT,NEXPOSE
- Experience in vulnerability scanning analyzing results and reports from scanning
- Supports critical functions such as IAM tech deployment group, operations group, data governance and service delivery functions for the IAM programs.
- Use of Virtual Directory Service to implement enhanced Authentication and coarse-grained authorization controls.
- Implement Web Access Management and SSO
- Design, configure, troubleshoot and supports IAM initiatives and solutions.
- Participate in on-call rotation to support Confidential product authentication issues
- Network Monitoring and reviewing logs
- Experience with developing and updating security policies and procedures
- Experienced in Incident Response Plan and update
- Used Confidential Internal Proprietary ticketing tools to assist with remote server issues to repair identified hardware issues with servers.
- Used Confidential Internal Proprietary ticketing tools to create service tickets for on-site personnel to repair identified hardware issues with servers.
- Reimaging, Deploying, patching, troubleshooting, and maintaining Windows bare metal servers.
- Experience with new datacenter buildouts, expansions, consolidations, migrations, and capacity planning.
- Experience using PowerShell, DMS (Datacenter Management System), and Kusto for CRUD operations, script/cmdlet/workflow execution to validate/prep/deploy Windows servers. •
- Experience deploying Backend machines, taking them out of rotation for planned maintenance and bringing them back into rotation.
- Adhere to SOPs for the deployment process and project SLA.
- Perform ticket analysis, server diagnostics, triaging, and follow-ups with the appropriate team for incident resolution.
- Update screenshots, daily recorded discussion to track the issue, blocker updates, and custom fields for KIP tracking.
- Ensure timely resolution or escalation within the agreed SLA based on incident severity. Adhere to SOPs for the mitigation process and SLA
Software Engineer\ IAM Analyst
Confidential - Redmond WA
- Conducting technical client interviews related to IAM investigation with application owners
- Collaborate and communicate with Security Architecture, Security Consulting, Enterprise Infrastructure and other internal departments and vendor partners to deliver solutions
- Experience configuring single sign-on for applications with leading commercial IDPs
- Supporting the initial assessment of client IAM programs and initiatives resulting in a technical roadmap for remediation
- Ability to assess potential threats and weaknesses in existing IAM processes and procedures
- Responsible for creating users accounts and modifying memberships using SailPoint.
- Analyzing and resolving complex authentication, integration, and automation issues.
- Knowledge of directory server (LDAP, AD)
- Experience in designing and implementing access management - SSO, Federation & Identity management, Directory services, Recertification, and Window Hello For Business biometric provisioning capabilities such as fingerprint scanning, and facial recognition.
- Act internally as customer advocate
- Implementation and upgrades of user attributes in SailPoint and IIQ
- Familiarity with identity synchronization technologies (AAD Connect, AAD Connect Health)
- Knowledge of Active Directory Federation Services (ADFS), Web Services protocols, DirSync/Azure AD Connect
- Knowledge of Office 365 Identity Management
- Experience with Cloud Domain Management, Cloud User Management, and Configuration
- Familiarity with Active Directory Federation Service (ADFS)
- Maintain technical expertise in Confidential and IAM technologies.
- Experience rolling out modern authentication, legacy authentication with and implementing solutions leveraging OAuth, OpenID Connect, SAML, and MFA
- Provide high-level training /knowledge transfer to customer
Information Security Analyst
- Support Client with documenting and reviewing security plans SP (SP), Contingency plans (CP), Contingency Plan test (CPT), Privacy Impact Assessment (PIA) and Risk management (RA) document per NIST 800 Guidelines for various government agencies.
- Support Client in conducting Vulnerability Scanning using Nessus, Web Inspect and Nexpose.
- Analyzing Vulnerabilities from security Assessment Report and drafting remediation strategies.
- Mitigate weakness as part of POAM remediation from findings using SAR.
- Administration of enterprise Cloud-based SSO solution and integrating application.
- Analyzed HP Fortify results, fixed the code that has defects cross-site scripting XSS, session hijacking, SQL injection, CSRF Cross-Site Request Forgery.
- Performed white box security assessments to identify the client's strengths and weaknesses in their web applications Major initiatives includes testing intranet application subjected to be exposed to Internet. I used HP Fortify for checking code vulnerabilities.
- Evaluate threats and Vulnerabilities of each system and ensure proper safeguard are in place to protect the environment.
- Responsible for ensuring appropriate collection and analysis of technical requirement based on critical project IAM use cases and expectations.
- Development of process documentation and standard, procedures and baseline policies in Azure Conditional access.
- Utilize process within the security Assessment and Authorization environment such as system security and contingency plans. Security testing and evaluation, system accreditation and continues monitoring.
- Supporting client during any Risk based decision.
- Supporting client with internal facilities and systems security control assessment SCA for pre-OIG efforts.
- Design, implement and support highly automated reliable and available IAM Azure solutions in SailPoint.
- Supporting client in conducting Risk assessment, cloud system and conducting security control assessment.
- Oversee and address risk assessments, justify security projects, manage budgets and bring projects in on time.
- Experience with Authentication and Authorization mechanism and protocol (SAML, OAuth, OpenID,)
- Risk assessment, cloud system experience, conducting security control assessment.
- Lead security efforts assisting with the integration and initial implementation of IAM solution like CA, MFA, IDP
- Perform current as well as emerging security threat and design IAM architecture to mitigate threats where possible.