SUMMARY:

• 8 years of experience in Installation, Configuration, Deployment and Maintenance of Web Application servers, Web servers, LDAP servers and SiteMinder components like the Policy Server, Web Agent, Policy Store and Key Store. Deployed, Installed, Upgraded and configured and documentation of the whole process/flow of Layer 7 8.x Gateway, Policy Manager 8.x and API Portal 3.x.
• Administration and Configuration of CA Siteminder version R6.0/12.x/12.5x on the cross platform with diversified web servers to the Web Agents and policy Servers. Good exposure in implementing the SAML based Single Sign - on (SSO) and Single Log-Out (SLO) involving service with third party applications.
• Migrated SiteMinder 6.0 to 12.x in both development and production environments (QA, UAT and Production). Expertise in working with web servers - IHS (IBM HTTP Server),Sun One Web server, IISand Apache Web servers and configurations.
• Excellent working knowledge with Netegrity Site minder while maintaining the security for WebSphere and other Web servers. Installed, configured and integrated Web servers (plug-in file), SiteMinderWeb agents and LDAP user directory with Websphere Application Server.
• Experience in installation and configuration of iPlanet/Sun ONE, Apache, IHS and IIS Web Servers in various environments like Sun Solaris, Red Hat Linux, IBM AIX and Windows 2003/2008 and Integration of the same with the WebSphere.
• Involved in driving the migration of existing ADFS SSO integration with Office 365 to Okta. Identities are currently federated to Office 365 via ADFS, which involves a lot of infrastructure maintenance cost on-premise, hence Okta SSO solution has been introduced to reduce on-premise overhead.
• Develop architecture and strategies for integrating diverse business applications into SSO, set ‘IT Security standards, design the architecture for various SSO integration profiles like - Certificate based authentication, Radius authentication, header based authentication, Agent API solution etc.
• Expertise in Installation, Deployment and Administration of IBM WebSphere Application Server 7.x/8.5.x, Oracle WebLogic Application Server 8.x/9.x/10.x, 4.x/5.x/6.x, Sun Java System Identity Manager 6.0/7.0/8.0, Sun Java Access Manager 6.0/7.0/7.1, IBM HTTP Server, IIS and Apache Tomcat Server.
• Design the architecture for different integration options, ex: IDP initiated SSO, SP Initiated SSO, Artifact and POST profile, Open SAML API, using integration adapters to integrate third party applications like Sales force, People soft etc. Development of transitional data flows from Oracle/Sun Identity Manager to Radiant Logic Identity Correlation Server.
• Extensive experience in Installation configuration and maintenance of Netegrity SiteMinder Policy Server version 5.x/6.x and implement Single Sign on (SSO) with various web servers like Apache, IIS and SunOne. Maintain the production/ DEV / UAT and testing environment.
• Used CA Identity Manager 12.5 tool, which helps automated workflow around the creation, management and deletion of user accounts and entitlements. Experience in Installation/configuring and troubleshooting the Web Servers (IIS5.0/6.0/7.x), Apache, Tomcat, IBM-Domino, IBM HttpServer (7.x, 8.5.x) and SunOne 6.0, 7.x).
• Working experience in the development ofWebsphere Portals, Portlets, CA-Siteminder Single sign-on Services with Siteminder configurations (setting up policies, realms, rules and responses), Google Federation along with posting credentials to FCC from a custom Application Login JSP/HTML pages.
• Installed, configured and maintained Siteminder policy servers by integrated with LDAP for Policy Store. Excellent communication and interpersonal skills. Highly motivated, detail oriented and organized with the ability to multi-task projects, maintaining a high degree of proficiency.

TECHNICAL SKILLS:

Platforms: Apache Web Server 2.0/2.2, Microsoft IIS 5/6/7, IBM HTTP Server 6.0/6.1/7.0/8.5. x, Microsoft IIS 5/6/7, BEA Web Logic Server 8.1/9.2, IBM Web Sphere Process Server 6.X, 7.X, 8.5.x BEA Web Logic Server 8.1/9.2, Tomcat 5.0/5.5/6.0, iPlanet/Sun ONE Web Server

Tools: Fiddler, Site Scope 8, Jmeter, Load Runner, CVS, Clear Case, Clear Quest, SVN, MS Visio, MS Project

Security platforms: Siteminder 5.x/6.0, 12.x, CA Identity Manager r12, Oracle Identity Manager (OIM) 10g/11g, Oracle Access Manager(OAM) 10g/11g, Oracle Role Manager (ORM), Oracle Adaptive Access Manager (OAAM), IBM Tivoli Suite (ITIM/TIM/TAM) 5.2/6.0/6.3, Sun Identity Manager 7.0/8.0, Layer 7, Ping Federate, Single Sign On (SSO), Secure Proxy Servers 12.x, SAML, RadiantOne VDS v6.2, 7.1.x, Layer 7 Gateway 8.x/9.xx, API Portal 3.x, WAS 8.5.x

LDAP Directories: Oracle Internet Directory (OID)10g/11g, Oracle Virtual Directory (OVD) 10g/11g, Active Directory, Tivoli directory Server, Sun ONE Directory Server, Novell eDirectory

Programming: C, C++, Java, Korn Shell Scripting, HTML, XML, WLST, Perl, Jython, Python, Ant

Operating Systems: SUN Solaris 8/9/10, IBM AIX 5.2/5.3, Windows 2000/2003/2008 / R2/2012, Red Hat Linux 4/5

Markup Languages: HTML, XML, DHTML

Databases: DB2, Oracle 8i/9i/10g, MS-Access, SQL Server

Protocols: TCP/IP, FTP, SMTP, LDAP, SOAP, JSON, RMI and HTTP

PROFESSIONAL EXPERIENCE:

Confidential, Rochester, NY

IAM CyberArk/ Layer 7 Consultant

Responsibilities:

• Experience in Installing and configuring web based applications. Administration of CyberArk safes and creating of Vaults for the privileged users. Onboarding privilege accounts in CyberArk 9.11.2, Generating reports from CyberArk for checking the productivity of the organization. Providing access to users to put passwords in CyberArk through Private Ark and creating vaults.
• Generate DNA report from CyberArk and setting up of the Service accounts and Local Accounts in the server for compliance. Creating shared drives and drive mapping for the users through active directory.
• Active Directory server (LDAP) and various Web & Application servers. On Tivoli LDAP. Provide technical expertise and support to security administrator on distributed systems security and implement automated solutions for security administration requests.
• Perform as the subject matter expert for information security technology, processes and practices internally to the health plan provided by the client. Providing access to shared drives and administrating the inactivity of the internal users through Active Directory.
• Document detailed technical steps to be executed by administrator’s to accomplish federation configuration switch from ADFS to Okta. Auto provision user’s mailboxes and Office 365 licenses via Okta. Configure AD domains for user import into Okta’s cloud repository and provisioning users based on AD group membership to Office 365.
• Privileged Access Management (PAM) project which includes implementing CyberArk Password Vault, Web Access, Central Password Manager and Privileged Session Management. Deployed and configured SailPoint Migrated Stealth Audit v8.0 from v7.6.
• Deployed, Installed, Upgraded and configured Layer 7 8.x Gateway, Policy Manager 8.x and API Portal 3.x, Documented the process and flow of Layer 7 Infrastructure Builds implemented with aspect to Servers, F5 (VIPs) and firewalls, Worked on SOAP/REST calls between SOAP UI & Layer 7 8.x/9.x.
• Generating Inactive users report from Stealth Audit for further auditing and maintaining the data for Active Directory. Working with vendors in retiring the Oracle based applications completely from the Organization.
• Experience in CyberArk Privileged Account Security product suite - Enterprise, Password Vault, Password Vault Web Access, Central Policy Manager, Privileged, Implemented all grant flows for OAuth 2.0/Open ID connect usingPingFederate. Document client’s Okta SSO implementation and user guides
• Experience in installingPingAccessin clustered and high-availability mode, Have knowledge in Upgrade and maintenance of Ping Access and Federation product tools. Experience in implementing Password Policies and reading the password blob using SM agent API.
• Involved in requirements gathering discussion with Workday app team and helped them utilize Okta’s SSO feature for Workday. Involved in configuring Okta for user provisioning to Office 365(Azure AD), Box, Workday and SFDC.
• Implemented and Customized the SailPoint product to configure products (such as Blade logic, TAM, and OIM), systems administration, operational support and problem resolution.
• Involved in knowledge sharing sessions for SailPoint Compliance Manger component and involved in creation of design documents, code reviews and statement of deployment methodologies for the clients.
• Migration of critical 200+ applications that are secured using CA SiteMinder to Ping Federate version 7.1/7.3 Providing support to internal and external teams for integration of applications with CA SiteMinder and Ping Federate, Integration of third party applications with various Single Sign On matrix like Open Token, Agentless and SAML based services.
• Prepare a plan for user communication to switch from ADFS to Okta SSO. Created a detailed implementation and migration guide for Office 365 Okta SSO integration.
• Working on integration of web applications with SiteMinder and various affiliate agents, Defining various SiteMinder Policy Server System objects and Domain objects, Password Services and associated different realms, rules, responses and policies.
• Installed and configured RACF SailPoint connector to integrate with Mainframe systems. Performed Installation and configuration of SailPoint 7.0. Configured Flat files and JDBC connectors in SailPoint.
• Respond to support tickets and provide timely resolutions for issues, Technical writing for internal HP teams, Coordination on trouble shooting issues for the test teams with the backend support teams to resolve the issues in a timely manner.

Environment: CA SiteMinder R12 SP2, Identity Manager 6.0, CyberArk, Active Directory, Web agents 5.x/6x, IBM WebSphere Application Server 5.x/6.x/7.x/8.x,CA Wily 8.x,, Okta SSO 3.4.x CyberArk PxM 9.5,J2EE, JDBC, XML,JBOSS 7, SAML 2.0, Sun ONE Directory Server 5.X/6.X, CA Identity Manager r8/r12, Apache 2.x, Ping Federate IIS 7.1/7.3, Solaris 8/9/10, Red hat Linux 5.x, Oracle 10g/11g, SQL Server 2005, DB2 8.X.

Confidential, Marlborough, MA

IAM Consultant

Responsibilities:

• Configured SiteMinder for SAML Federated Authentications by configuring ID Provider/Consumer using SAML 2.0 POST binding. Installed Web agent Option Pack and created Partnerships, Documented Visio for SAML, AuthSchem and Day-to-day maintenance ofSiteMinderpolicy servers and troubleshooting production issues
• Coordinated with the Service providers and identity providers during the SAML Certificate upgrade and architectural changes Active Directory server (LDAP) and various Web & Application servers. On Solaris, Windows platforms and Red hat Linux Operating systems.
• Developed and documented to assist IBM on how to create functional / system accounts and the administration of the CyberArk application in order to vault system accounts for privileged access. The CyberArk application is a privileged account security solution.
• Privileged Access Management (PAM) project which includes implementing CyberArk Password Vault, Web Access, Central Password Manager and Privileged Session Management. Upgraded CASiteMinderto R12 from 6 and installed the Admin UI and configured the FSS Admin GUI, Involved in developing REST services to integrate AEM applications.
• Leveraged CyberArk Auto Detect (DNA) to perform auto detection of privileged administrative accounts from Active Directory for multiple platforms including UNIX, Linux, I Series and Windows. In charge of operation, security and maintenance of the CyberArk stack.
• Configuring User Authentication Stores, Policy Stores and Key Stores on VDS and maintained replicated environment for load balancing and failover Installed and Configured SiteMinder 5.5 Policy Servers, Web Agents, Sun ONE 5.2 and Active Directory Servers.
• Configuring CASiteminderSystem objects like Agents, Agent Conf Objects (ACO)Host Conf Objects (HCO), User Directories, Domains, Administrators and Schemas. Administered the RSA/ACE servers for issuing the Soft tokens for the VPN purpose as well as the applications which uses RSA Token authentication.
• Migration of SiteMinder 5.5 to 6.0 for advanced Load balancing, failover configurations and for facilitation of user impersonation. Installed and configured Web agents on Webservers like IIS 5.0/6.0, Apache 2.x, and SunOne Webserver 6.1/7.0 and upgrading CA Siteminder version 6.0 to R12, Ping Identity Federated Services in both Production and Non-Production environments.
• Monitored and implemented the failover and load balancing strategies between the Layer 7 and Backend Servers. Created forms to On-board companies, On-board external/tertiary users profile using Layer 7. Configuring User Authentication Stores, Policy Stores and Key Stores on VDS and maintained replicated environment for load balancing and failover.
• Coordinated with IAM team in creating new Site ID, Implemented password policies for all the applications usingSiteminderPolicy Server. Configured APS, FPS, Rules, and Help Desk Functionality Replacement, Involved in configuring RSA Authentication.
• Experience in installation and configuration of PingFederate 6.6/6.10/7.0. Involved in the migration of PingFederate from 6.6 to 6.10. Documented all the Siteminder related on JERA Digital Confluence.
• Installed and administered Radiant Logic Virtual Directory Server (VDS) and bootstrapping the VDS branches and service accounts. Worked on designing schemas for Radiant Logic virtual directory server (VDS LDAP) and creating root branches in VDS i.e. DN,CN.
• Responsible for day to day maintenance of Policy Servers and provided 24X7 support to the testing as well as productionSiteminderinfrastructure, Underwent the training for AuthMinder from CA and did the installs/setup for AuthMinder in sandbox and DEV environments.

Environment: CA SiteMinder R12 SP2, Identity Manager 6.0, CyberArk, Active Directory, Web agents 5.x/6x, IBM WebSphere Application Server 5.x/6.x/7.x/8.x,CA Wily 8.x, (VDS Active Directory J2EE, JDBC, XML, JBOSS 7, SAML 2.0, Sun ONE Directory Server 5.X/6.X, CA Identity Manager r8/r12, Apache 2.x, Ping Federate IIS 5.0/6.0, Solaris 8/9/10, Red hat Linux 5.x, Oracle 10g/11g, SQL Server 2005, DB2 8.X, Radiant One VDs v6.2.

Confidential, Nashville, TN

Siteminder/LDAP /CA IAM

Responsibilities:

• Involved in providing security to applications and application servers and setting up SSO in Web Sphere environment, Technical liaison with new business partners in the Federation protocol space - working with Ping Identity and Trustgenix. Implemented SAML server with pinged libs, (java & eclipse).
• Installed and Configured CA Siteminder 12.0, CA Identity Manager r12/12.5, Sun ONE LDAP Directory server 5.2/6.3, in Development, Break-fix, QA and Production environments on UNIX and Windows Platforms, Implement the SSO for new applications with Ping Access and Federation Managers.
• Installed, configured and administrated CA Identity Manager12.5., Integrated CA Siteminder with CA Identity Manager12.5.Performed business logic tasks using BLTH and LAH API’s Experience in configuring SSO withPingAccessusing out of the box and custom developed authentication schemes.
• Automated identity management tasks such as user provisioning and application access based on each user's relationship with and role within our organization using CA Identity Manager in both Production and Non-Production environments.
• Migrated Siteminder Policy Server from version 6.0 to 12.0, Integrated CA Siteminder with CA Identity Manager, Configured One View Monitor to monitor CA/Netegrity Siteminder components like Policy Servers and Web Agents in both Production and Non-Production.
• CA Identity Manager is used for Role Planning, Admin roles, Admin tasks, Self-service tasks, users. Deployed Applications of various formats like WAR, JAR and EAR on Web Sphere Servers in both Production and Non-Production environments.
• CA Identity Manager is used for Password Management, Configured databases for Policy Stores, Key Stores, Audit Logs and Token Data. Used smldap setup tool to manage and migrated Policy Stores between different environment Worked with Sun ONE Directory Servers to configured Directory Server instances as User Stores and Policy Stores for Siteminder Policy Servers
• Involved in planning and accessing directory data, designing schemas, directory trees, directory topologies and replication process Implemented Ping Identity’s Ping Federate v.2.1 using SAML 1.1 protocol to provide authentication, attribute and authorization portability across autonomous security domains for customers.
• Involved in setting up Multi-Master Replication for User Stores and integrated Policy Store with LDAP to use LDAP user repository, Installed and Configured Siteminder 12.0 Policy Servers, Web Agents, Sun ONE 5.2 and Active Directory Servers.
• Installed Web Agents on Web Servers like Apache, IHS and integrated Policy Servers with LDAP Policy stores and user stores, Configured Web Agents to protect and manage the access to enterprise resources and configured responses depending on the type of resource requested.
• Configured Authentication and Authorization Services to secure the resources. Configured various domains with rules, responses and policies. Involved in fine-tuning of the Siteminder web agents for the accomplishment of the business and user requirements.
• Configured failover, load balancing and high availability solution for Policy Servers, Policy Stores and User Stores Involved in implementing SSO functionality between multiple domains and applications.
• Responsible for installation, configuration and maintenance of BEA WebLogic 8.1 Server Domains in Clustered and non-clustered environments. Installed and configured WebSphere Application Server 6.0 and deployed various applications on it.
• Responsible for troubleshooting various production issues and providing root cause analysis.

Environment: CA Siteminder 5.X/6.X/12.0, Sun ONE Directory Server 5.X/6.X, Sun ONE 7.0/6.1, Apache, AIX, Solaris, RHEL Linux, Windows 2000/2003/2008 , ADFS, Site scope, Ping CA Identity Manager r12/12.5, Oracle Internet Directory 10g.

Confidential, Beaverton, OR

Siteminder/LDAP/TIM Administrator

Responsibilities:

• Worked on defining various Siteminder Policy Server System objects and Domain objects, Password Services and associated different realms, rules, responses and policies with it. Installed and Configured IBM Web Sphere Application Server 5.0 on Solaris.
• Worked on user and group profile auditing using Tivoli Identity Manager (TIM).Developed Functional User interface design, Expert in JAD techniques Involved in the upgrade of Siteminder Policy Servers from version 5.5 to 6.0 and Siteminder Web Agents from version 5.5 to 6.x.
• Experience in implementing LDAP security models. Utilized Resource Analyzer and Log Analyzer for performance testing and troubleshooting and Knowledge on managing LDAP Policy Store. Integrated Siteminder with Sun ONE Directory Server to use directory server instances as Policy Stores and User stores for Policy Servers. Installed, configured and administered Tivoli Access and Identity Manager.
• Implemented FTP infrastructure that uses LDAP for authentication and supports virtual domains. Created custom LDAP schema to support infrastructure. Developed a system that uses data from LDAP and local templates to dynamically provision and re-provision virtual domains.
• Installed patches on policy servers, Installation of SSL certificates on Apache, IIS, Weblogic & Websphere servers, Installed, Configured, Administered and Monitored PingFederate 4.4/5.0 on UNIX platform.
• Experienced in Defining and Developing Domains, policies, realms, rules, responses in Siteminder environment for Protected authorized access. Worked on Load balancing the Siteminder for high performance. Implemented password policies for all the applications using Siteminder.
• Monitored Applications and WAS performance through Tivoli Performance Viewer and tuned the system caching, queuing, JVM parameters, DB Connection Pooling. Created Open SSL Certificates and used them to maintain confidentiality and two-way authentication while integrating with third party applications.
• Effectively maintained the policy store, key store and the user store and involved in server, policy store and key store configuration file backups. Experience with Change management procedures. Troubleshooting Siteminder environment using Siteminder test tool and Siteminder policy server log files and agent log files
• Created IBM Problem Management Records (PMR) to report Web Sphere Application Server problems. Analyzed log files to solve problems using debugging tools like Log Analyzer, First Failure Data Capture Tool and Collector Tool.
• Implemented a strong authentication and authorization framework for the well maintenance of the SSO environment by defining user policies and rules. Integrated web applications with Siteminder, Sun ONE LDAP server using custom APIs and various affiliate agents.

Environment: JDK 1.4/1.5, J2EE, JSP, Servlets, EJB, JDBC, XML, DB2 8.X, CA Siteminder 5.X/6.X, LDAP, Sun ONE Directory Server 5.X/6.X, Sun Identity Manager 7.0/8.0, PingFederate 4.4/5.0, Sun ONE 7.0/6.1, Tomcat 5.5, Apache 2.0, WebSphere MQ, Wily Introscope 7.0/7.2, Ant, WLST, AIX, Solaris 8/10, Windows 2000/2003.

Confidential, Boca Raton, FL

Siteminder/LDAP Admin

Responsibilities:

• Proactively involved in SDLC, design and planning for implementing the security infrastructure, Worked on implementing Siteminder environment from the scratch and integrating enterprise applications with siteminder. Worked on Fine-tuning of Web agents and policy servers for optimized performance.
• Installed and configured CA Secure Proxy Server R6 SP3, which comes with an in-built HTTP listener (Apache) and a Tomcat servlet container. Involved in configuring Secure Proxy Server with mod jk module acts as the Tomcat connector, which enables communication between the Apache web server and Tomcat.
• Performed trusted host registration of Secure Proxy Server (SPS) web agent with Policy Server and configured bootstrap information such that SPS can initialize communication with PS. Wrote proxy rules on SPS such that depending on the incoming request & proxy rule the request is forwarded or redirected to the backend server which hosts Novell GroupWise mailbox.
• Configured System objects like Agents, Agent Conf Objects, Host Conf Objects, User Directories, Domains, Administrators and Schemas. Integrated Policy Store with LDAP to use LDAP user repository. Exported LDAP databases to LDIF files and imported databases from LDIF files using Admin Console and command line utilities.
• Assembled and deployed the application in production, staging for following change management practices.
• Audited, Reported and Monitored SiteMinder log files effectively, including using One View Monitor for identifying performance bottlenecks.
• Leveraged multiple commercial products, including Netscape’s iPlanet and Netegrity’s SiteMinder. Installed and configured Web Agents on multiple platforms.
• Involved in server, policy store and key store configuration file backups. Experience with Change management procedures. Troubleshooting SiteMinder environment using SiteMinder test tool and SiteMinder policy server log files and agent log files.
• Administered policy and user stores using the Sun ONE Directory servers while also providing redundancy and availability Implementing SSO (Single Sign-On) among the applications configured with Access Manager.

Environment: Siteminder 5.x/6.x,CA Access Control 12.x, eTrust Integrated Threat management 8.1, iPlanet/SunOne Directory Server 5.x/6.x, IIS Webserver 5.x/6.x, Apache 2.x, SunOne Webserver 6.x, BEA Weblogic 8.1 SP2, Solaris 8/9/10, Windows 2000/2003/2008 , SQL Server, Identity Manager 8.1, AIX 5.2/5.

Confidential

Middleware administrator

Responsibilities:

• Contributed to J2EE development by writing Servlets, JSP, participated in navigation and functionality testing and validating using java script.
• Developed UI by using Applets Installed, configured, and maintained Web Logic Application Server 7.1.Well versed with Shell Scripts for Unix System backups monthly, yearly and annual.
• Implemented creation of server groups and clusters in Web Sphere Application Server. Implemented standard backup procedures for applications Database. Backup of configuration files.
• Involved in applying patches and fixes for Web Logic Application Server. Installed and configured the iPlanet Web Server. Worked closely with software developers on feature specifications and design.
• Designed and executed thorough test plans from developer feature specifications. Correlated with programmers to identify, resolve, and verify the resolution of software bugs.
• Worked with JSP, ColdFusion run-time code, and Dreamweaver UltraDev's JavaScript extensibility layer while testing features on nine different operating systems.
• Contributed to J2EE development by writing Servlets, JSP, participated in navigation and functionality testing and validating using java script. Developed UI by using Applets. Developed Custom tag Libraries, which will pass the data to the JSP pages.
• Developed user personalized dashboard, which facilitates the user to save his/her interested report pages along with related notes. Worked on cached graph and data refreshing and optimized by using threads. Tested and developed server side helper classes and Servlets.

Environment: Web Logic Server 7.x, Web Logic Portal 4.0, Java, J2EE, Oracle 8i, JUnit, Ant, Together/J.