SUMMARY

• 9 Years of total experience in Implementation, Administration and Operations of IAM Products (CyberArk, Oracle Identity Manager) in different domains with 6 years of experience in CyberArk and 3 years of experience in Oracle Identity Manager.
• Proficient in Implementation and Administration of CyberArk PIM/PAS solution for the large - scale enterprises.
• Extensive experience with CyberArk security products such as Enterprise Password Vault, CPM, PSM, AIM, PSMP, OPM and PVWA including design & Implementation of automatic failover/failbacks to Disaster Recovery sites.
• Implementing and Managing Master Policy, Directory Mapping, LDAP integration, Platform and Safe via Private Ark client and PVWA as per the Project requirement.
• Experience in performing Privileged Access Reviews, Compliance Reporting, Entitlements Reporting, Access Control Processes and other associated tasks in the space of Privileged Accounts Security Management.
• Supported for privileged account administration of Windows, UNIX and Racf accounts using CyberArk.
• Experienced in day to day operational support in adding and deleting accounts, applying policies, assigning safes, synchronizing failed accounts, Password rotations.
• Interacts with different platform owners & recommends the right solution for CyberArk Implementation.
• Monitoring of services for CyberArk. Experience in managing AD implementations.
• Created and Managed Accounts, Safes, Owners, Reconciliation and Verify accounts password.
• Patching & Monitoring Vault, Central Password Manager, Two-factor authentication, Privileged Session Manager, Password Vault Web Access servers and services.
• Adroit in providing effective resolution to customer queries related to product & improving relationships with the customer and Vendor by asking and submitting feature requests to CyberArk for enhancements.
• Fallback from DR vault server to production in case of production vault server failure.
• Worked with CyberArk utilities, PAR explicate, PACLI and PAR client.
• Integrated Active Directory to the Vault Server to discover devices using bind account.
• Managed sessions in Privileged session management (PSM).
• Managed failed accounts synchronization and password rotations.
• Experienced in Development, administration and support kind of activities in OIM 11GR2 PS2,PS3.
• Experience in installation and configuration of OIM 11gR2 PS2, PS3 and integrating with different LDAP’s on UNIX and WINDOWS platform.
• Functional areas of expertise include Identity Management, Provisioning Reconciliation and implementation using workflows.
• Good knowledge in Identity and Access Management Architecture.
• Involved in Unit testing, day-to-day maintenance and trouble-shooting activities. ProvidedL2 and L3 support.
• Have experience contributing to OIM operations - Managing Organization Units, Users and Groups, Roles and modify access policy based provisioning.
• Verify Account provisioning in OIM and resolve issues surrounding account provisioning. Perform reconciliations from target systems. Performing bulk load of users into OIM.
• Adept in requirement gathering, safe designing, bulk loading, testing, troubleshooting and documentation.
• Maintained the support of the CyberArk and OIM servers including but not limited to daily monitoring, troubleshooting and analyzing the performance.
• Good interpersonal Skills, effective communication & presentation skills and good team player with team building capabilities. Can handle everything individually with minimal supervision.

TECHNICAL SKILLS

IDAM Tools: CyberArk 9.2/9.5/9.7, Oracle Identity Manager 11gr2 ps2/ps3,Oracle SOA, Web logic

Directory Servers: Microsoft Active Directory, Oracle Internet Directory, ODSEE, Oracle Virtual Directory, Sun One Directory

Languages: SQL, Pl/Sql, HTML, Python Scripting, Unix/Linux, Core Java

Databases: Oracle Database 9i10g/11g, SQL Server

Database Tools: SQL Developer, SQL Client

Operating Systems: Windows 7/8.1/10/2012 r2, Linux(Red hat), Centos, Ubuntu14

Ticketing Tools: Service Now, Remedy

Monitoring tools: Splunk, Alert Logic

Utilities: Putty, Mobaxterm, sqlcmd, I-SQL

Web Servers: Web logic, Apache, Jboss

Software: VMware 10/12,Ms Office, Eclipse, MS visual Studio 2013,VDI,Apache Directory, Softerra LDAP

PROFESSIONAL EXPERIENCE

Confidential, Atlanta, GA

Sr. Security Consultant

Responsibilities:

• Implemented CyberArk 9.7 in HA Environment for Prod and Standalone for Pre-Prod
• Responsible for privileged accounts onboarding for Windows domain and UNIX accounts.
• As part of CyberArk implementation installed and configured Vault, CPM, PVWA, PSM, OPM, PSMP, AIM and DR Sites across multiple datacenters.
• Prepare Standard Operating Procedures and Process Documents.
• Good experience with PAM Operational tasks which includes Creating Safes, Defining Access Control, Policies/Platforms, User provisioning and entitlements, Managing Applications Credentials, Password Upload Utility Usages, CSV file creation, passwords related issues and User Access Policy Management.
• Integrated the organization LDAP directory with the CyberArk. Integrated active directory into the vault server to find devices using bind account.
• Configured an automatic or transparent failover of components to the Disaster Recovery Vaults and Configured Incremental Vault data backups on component servers.
• Aligned the CyberArk out of the box platforms and policies per customer’s standard security policies.
• On-boarded 10,000+ high-risks privileged generic accounts on multiple target devices such as Domain, Windows, UNIX and Databases, Applications, Websites and Network Devices for a large enterprise.
• Integrated the Windows services, Scheduled Tasks & Text Config for password hard-coded accounts.
• Experienced in day to day operational support in adding and deleting accounts, applying policies, assigning safes, synchronizing failed accounts, Password rotations.
• As part of support activity resolve incidents by providing proper root cause investigation of performance, configuration and data related issues. Configured the Export Vault Data Utility to automate the daily, weekly and monthly reporting tasks.
• Implemented the Reconciliation Account & Logon Account features for Password Synchronization.
• Implementing and managing master policy, directory mapping, LDAP Integration, platform as per the Project requirement. Reported and Visualized Threats by CyberArk, windows & UNIX platform. Worked with CyberArk authentication process for all kinds of accounts.
• Configured the Dual Control, OTP and Exclusive Check-In/Check-Outs & Auto-Reconcile for accounts.
• Generated reports of the account and devices inventories in the CyberArk.
• Process Design, SOP creation and Run book Maintenance for CyberArk Operations Team & customer. Acting as a L2 and L3 support and SPOC for troubleshooting for existing customers.
• Worked on administering of User accounts, Group memberships, and Organizational Units using Active Directory. Build/Rebuild/Decommission servers and Post-Installation tasks.
• Involved in the installation and configuration of OIM 11gR2 ps3 in the Development and prod Environments.
• Perform day to day administration of Identity Access Management in Dev, Test and Production environments to maintain business services and configuration of IAM.
• Good understanding and working knowledge of OIM Reconciliation and Provisioning and OIM integration with target systems like AD, Mainframe, ODSEE, Flat File etc.
• Involved in the creation and configuration of custom User Defined Fields in OIM.
• Automated provisioning - Created Access policies for resource provisioning.
• Involved in migrating the AD, ODSEE, Mainframe (Racf) entitlements into OIM from SAFE application and managing the access of users across the organization.
• Installed, Configured, and Integrated BI Publisher with OIM to generate reports.
• Creating Request Profiles. So that whenever users want to raise the requests in the form of bulk they can use this option.
• Involved in Generic Technology Connector with Flat File Reconciliation and Database Provisioning.
• Involved in Creating Approval workflow. Complex & multi level approvals configuration. Created Self Service provisioning and Implemented Self service Password Reset.
• Setting up the Password Policies for new Users provisioned to Target Resources.
• Designing of the UI look and feel as per client’s requirements. Forms and UI customization.
• Involved in creating the process of disconnected resources. I have involved in creating around 25 disconnected applications in this environment.
• Involved in Certification Campaign. We have quarterly certification campaign. Implement automated Access Certification/Attestation processes and procedures.
• Create a foundational platform which allows users to request for access in target systems. Adds/removes the requested groups in targets after going to required approvals. Certifies users’ access in target systems from time to time.
• Automatically provision Active Directory groups, Oracle Directory Server groups and Mainframe groups for SOX, PCI, PII and Privileged access.
• Daily Health Check and Server Maintenance. Trouble shooting of various issues reported by application teams and customers.

Environment: CyberArk 9.7, OIM 11gr2PS3, Oracle Weblogic Server 10.3.6,SOA 11.1.1.7,Active Directory, ODSEE, Mainframe, Oracle Database 11g, Service Now

Confidential, Philadelphia, PA

Sr. IAM Engineer

Responsibilities:

• Involved in installation of CyberArk components on various servers EPV (Enterprise Password Vault, CPM(Central Policy Manager), Password Vault Web Access (PVWA), OPM, Private Ark Web Client Interface, Privileged Session Management(PSM) and Privileged session Management proxy(PSMP), High Availability Vault Cluster, Secure Zone Access and Load Balancing.
• Responsible for privileged User account administration of various Windows and UNIX accounts.
• Coordinate and work with vendors support to provide optimal solutions to resolve all customer issues and provide support to all system design.
• Resolved major issues related to backup, Restoration, DR Replication, Password object reconciliation and verification. Handling PIMSU issues in CyberArk (OPM).
• Perform quarterly activity like DR Drill and Vault data restoration.
• Analyze new request in operation related to privileged access of servers, database, and network and prepared various SOP, POC, Integration and Troubleshooting guide for the Managed Services.
• Educate DC managers and account/server owners that how CyberArk EPV works and its benefits.
• Involved in AD integration and adding user to it with their privileges and Setting up privileged password management policies from CPM component.
• Creation of remediation plan, roll out plan, impact plan, install plan, test plan and back out plan with change control management team to get the schedule change approved.
• Worked on ticketing tool (REMEDY/SERVICENOW) related to CyberArk raised by internal and external clients.
• Troubleshooting servers unsynchronized with EPV on the basis of notification sent by CyberArk notification services. Session monitoring and CyberArk reports. User, group and policy creation.
• Documentation/Process: Create standard operating procedures and detailed sets of instructions and system configuration, flowcharts, diagrams, and other documentation as needed to maintain the Cyber Ark operational excellence.
• Coordinating with application teams globally to verify the use of Unix/windows admin accounts in application to avoid application breakage.
• Coordinating with network team globally to provide access to CyberArk on servers behind firewalls.
• Educate DC managers and account/server owners that how CyberArk EPV works and its benefits.
• Discuss about roll out Plan, impact plan, install plan, test plan and back out plan with change control management team to get the schedule change approved.
• Troubleshooting servers unsynchronized with EPV on the basis of notification sent by CyberArk notification services.
• Managing the services of CyberArk and day to day operational support in adding and deleting accounts, applying policies, assigning safes, synchronizing failed accounts, Password rotations.
• Implement PIM/PAM suite in client data center in different location of US, UK and Canada and implementation of password policies for privileged (SHARED admin) accounts, audit user access.

Environment: CyberArk 9.2, Apache Directory Studio, Replicate, MS - Office Suite, Active Directory, RedhatWindows Server 2012

Confidential

Security Consultant

Responsibilities:

• Involved in the installation and configuration of OIM11gR2 ps1 in the Development and SIT Environments and Configuration of connectors for Microsoft Active Directory. Configured Target Reconciliation for getting users from Active Directory into OIM.
• Automated provisioning: Newly created users are provisioned to Active Directory and also Involved in Custom attribute provisioning in Active directory. Auto Provisioning of users to target systems based on Access policies.
• Implemented a service request catalog and user self-service interface to consolidate and expedite user provisioning to target applications using OIM.
• Worked on development of OIM customizations related to login pages, error pages and page flow, authentication and authorization plug-in, setting up OIM policies, installing components. Involved in the creation and configuration of custom UDF's in OIM.
• Create and configure IT Resource, Resource Object, adapters and lookup definitions required and Configuring Pre-populate adapter and Process Task Adapter which are used for user management during provisioning to target systems.
• Defined IT resources to establish a connection between OIM and target applications.
• Create and Manage the Sandboxes, Custom UDF forms, Application Instances. Added custom attributes for both reconciliation and provisioning.
• Involved in customization of Resource form and Object form in Identity Manager.
• Configured Password Synchronization with Microsoft Active Directory. Implemented Password synchronization in all the AD Domain Servers.
• Developed Entity, Pre-populate, Process task adapters to support the work flow.
• Participated in meeting with onsite team, gather the customer requirements and prepared documents as per the requirement.
• Implemented Provisioning and De-Provisioning of user accounts across various target systems.
• Involved in Unit testing, day-to-day maintenance and trouble-shooting activities. Provided L1 and L2 support. Managing the Oracle identity manager server which is deployed on Web logic in cluster mode.
• Built and tested workflows, reconciliation and provisioning components of the IAM solution by working with application teams. Work with Bulk Load Utility to load users, roles, role membership, role hierarchy, account data into OIM from csv file and DB table.
• Having hands on Experience in Configuring Workflows like Approval, Access Policies and Password Policies. Experience in User Provisioning & De-Provisioning of User Accounts like Create, Delete, Enable, and Password modify & Disable User Operations.
• Troubleshoot and Monitor Bulk load logs to fix performance issues. Build OIM reporting to meet Client Audit/Compliance requirements by using BI publisher.

Environment: OIM 11gr2PS1, Oracle Web logic Server 10.3.6, SOA 11.1.1.7, Active Directory, Oracle EBS Oracle Database 11g, Service Now

Confidential

IAM Engineer

Responsibilities:

• Responsible for privileged User account administration of various Windows and UNIX accounts using CyberArk components.
• Involved in CyberArk usage projects including all segments like Vault, PSM, CPM, PVWA, OPM, Application Identity Management (AIM). Acted as an L2 support and SPOC for L2 troubleshooting for existing clients.
• Experience with setting up multi factor authentication like LDAP.On-boarded various platforms with CyberArk, such as Windows, ESX, UNIX servers, Mainframe.
• Managing CyberArk PIM and Implementation of new technology and design security policies and guidelines for all system and servers so that confidential data can be saved from leakage and non-compliant activity as well.
• Prepare Test Scenarios & documentation.Alerts monitoring and Ticketing.
• Performing administrative L2 supports for CyberArk & Databases in Oracle, Sybase & MSSQL.Manging the services of CyberArk and perofming day to day health checks.
• Provided 24/7 (on-call) production support including troubleshooting CyberArk, Databases & Application issues and performing general fulfillment work.
• Good experience with CyberArk PIM Operational tasks which includes Creating Safes, Defining Access Control, Policies/Platforms, User provisioning and entitlements, Managing Applications Credentials, Auto upload and User Access Policy Management.
• Involved in writing test cases and conditions.Troubleshooting the specialized issues in the project during implementation.Granted/Modify/Terminate Privilege Access in the CyberArk.
• Created Safe and Password Objects in CyberArk across platforms - Windows, UX, DB and AD.Reconciliation, Password Synchronization, Service definition for Target System.
• Involved with day to day operational support in adding and deleting accounts, applying policies, assigning safes, synchronizing failed accounts, Password rotation. Expertise in Access/Incident Management across platforms (CyberArk, Servers and Databases).
• Coordinated with Cyber Ark support teams for escalation and resolution of issues in Prod & DR and Configured Event notification engine (ENE) with Cyber Ark. Review and submit all official outage Reports to the outage owner's Director for root cause and mitigation.
• Resolved Cyber Ark issue's in CPM to communicate with host to reconcile credentials. Prepared tickets about the issue and informed to the higher specialists. Alerting clients to suspicious activity or instances observed on their network, such as DDoS attempts, Cross-Site Scripting, or malware infections, then providing recommendations and solutions to handle them.

Environment: CyberArk 9.0,Apache Directory Studio, Service Now, MS-Office Suite of products