SUMMARY

• About 7+ years of Professional Experience which includes Technical Support and penetration testing, Access Management and CyberArk EPV Operations
• Around 4 Years of experience in CyberArk EPV Operations. (EPV, CPM, PVWA, PSM, PUU, ENE, PSMP)
• Expertise in development of Policies, Processes and Workflows according to business needs.
• Cyberark Privileged Identity management, Oracle Identity and Access Management and Tycotic secret server.
• Maintain extra - ordinarily good relationship with internal, external clients and 3rd parties.
• Resolve customer problems with speed and diplomacy. Possess exemplary speaking and listening communication skills.
• Building CyberArk safes and adding different applications/portfolios in the safes.
• Active Directory group/user authentication and maintenances.
• Authentication and Authorization of Privilege user working with Cyber Ark and Access Management.
• General managing of Cyberark Security that offers any enterprise a wide range of services and support options to making digital vault solution a success; these services include implementation, consulting, training, maintenance, online support and vault scripting, SIEM, and Digital Certification supporting.
• Decommissioning servers as need be or as requested by server Engineers.
• Automated vault activity reports and audit reports via scheduled tasks.
• Integrated Password Vault log reporting to the SIEM solution (Splunk).
• Setup AD integration, email alert notifications (Exchange Integration) and SNMP monitoring. Setup the Vault backup and replication processes.
• Presented to management an overview of the Enterprise Password Vault infrastructure, implementation and deployment; Presented a demo and conducted end-user trainings on how to use the Password Vault to retrieve administrator as well as application and database passwords;
• Developed and documented a trouble-shooting guide and provided solutions to Level 1 Problem Resolution group.
• Mentored and trained a group of 4 associates on Password Vault.
• Prepared, tested and verified the Business Continuity Plan for Password Vault (using LDRPS - Living Disaster Recovery Planning System) detailing automatic failover to the stand-by Disaster Recovery site and subsequent failback to the Production site.
• Configured RemoteApp feature for transparent RDP to windows server local accounts as well as domain accounts.
• Experience in implementation of Security Management tools in enterprise wide Applications to achieve Authentication, Authorization and Accountability.
• Experience with Multi Master LDAP configuration in distributed environment and performance tuning for high availability and optimized response time.
• Experience in integrating WebLogic Portal Application Server driven Portal with CA SiteMinder as Identity Provider and External Third-Party services as Service Providers.
• Experience in administering LDAP based directory servers like iPlanet/Sun ONE Directory Server and Microsoft Active Directory.
• Proficient in tools like JXplorer and Softerra, as LDAP browsers also Fiddler and Wireshark to analyze user flows and TCP dump for network related troubleshooting.
• Experience with using IDP initiated and SP initiated SAML profiles with different binding methods like POST, Artifact, and Redirect to deliver a custom SSO environment as per the requirement.
• Developed custom solution to completely automate the certification in Identity governance using kettle scripts.
• Experienced in writing complex kettle scripts and using client tools for auditing and role harvesting.
• Configured CA Site Minder System objects like Agents, Agent Conf Objects, Host Conf Objects, User Directories, Domains, Administrators and Schemas.
• Configured Domain objects like Realms, Rules, Responses and Policies.
• Configured User Authentication Stores, Policy Stores and Key Stores on LDAP and maintained replicated environment for load balancing and failover.
• Experience with Directory server administration, LDAP programming and various databases like Oracle, SQL, MYSQL, DB2.

TECHNICAL SKILLS

Operating Systems: Linux,Oracle Solaris, IBM AIX, HP-UX, Windows Server.

Databases: SQL Server, Oracle DB 9i, 10g, 11g, RAC 10g, 11g, Grid Infrastructure/Data Guard

PAM: CA Site minder, CyberArk, EPV, CPM, PVWA, PSM, PSMP.

Others/Tools: Putty, PuttyGen, PL/SQL, SQL Server Management Studio, Toad, VNC, Basic Shell scripting.

Integration Technologies: Webservices, BPEL, AIA, ESB/Mediator, Human Workflow, Oracle B2B Document Editor, Business Rules.

WEB Technologies: XML, XSD, XSL, HTML

IDE & Editors: Eclipse 3.1, JDeveloper, Net Beans.

PROFESSIONAL EXPERIENCE

Cyberark engineer

Confidential, NJ

Responsibilities:

• As a CyberArk Engineer, prepared POC environment for upgrade from 10.8 to 11.1 (with Installation & Implementation of CyberArk 8.2 later upgraded to 9.5 on AWS cloud, as platform as a service), assisted pre-sales on SOW preparations, prepared project plan, conducted requirements gathering, Worked with VM Infra Team, cloud team and Windows Server team.
• Documentations: Prepared Requirements documentation, Pre-requisites documentation, High Level Design, RAID log, Weekly Status Reports (WSR), Low Level Design, Use Cases, Test Cases, provided Run books with team specific end user trainings for Linux, Windows and Network devices.
• Integration of CyberArk with AD (1st factor) and RADIUS for 2nd factor authentication.
• Conducted workshops with various teams to understand existing systems of the organization and creating solution blueprint for solution and creating approach to on-board new privileged entities.
• Upgraded various components of CyberArk 10.4 to 11.1 (EPV, CPM, PVWA, PSM), worked with CyberArk Professional Services on various issues during upgrade.
• Worked extensively in implementation and deployment of On-demand privilege manager (OPM), PSMP for UNIX servers.
• Involved in writing upgrade test cases and conditions.
• Provided the resolutions for technical issues in the project during upgrade.
• Performing Cyber ark License clean up activity.
• Perform DR (disaster recovery) vault test.
• Administration of user accounts & safes in cyber ark.
• Experience with Privileged Account Password Vaulting and Rotation, Just in Time and Just Enough Access, Cloud Privileged Access Management and Secrets Management
• PowerShell or Python scripting experience.
• Cloud PAM integration experience.
• Strong experience with windows servers, active directory and/or Linux (Sudo).
• Strong analytical and verbal communication skills.
• Comfortable interfacing with customers and internal stakeholders
• On boarding Privileged accounts and moving accounts between safes in Cyberark.
• Creating Safe and updating Safe Permissions in Cyberark.

Cyberark ADMINISTRATOR

Confidential, LA

Responsibilities:

• Administration experience of CyberArk vault with Safe creation, integration with LDAP and other authentication methods.
• Responsible for defining access control, user entitlements, and managing applications (EPV, CPM, PSM, PVWA).
• Experience in implementing and integrating various other components like Password upload utility, LDAP, SMTP and SIEM.
• Responsible for maintaining the CyberArk environment, and work closely with the CyberArk Professional Services for overall optimization.
• Good knowledge of CyberArk PACLI to automate tasks related to user and safe management.
• Responsible for the creation of documentation indigenous to CyberArk Administrator of CyberArk's Privileged Account Management solution with enormous number of Safes and over 10,000 Accounts.
• Experience in handling internal and external audit; responsible for conducting audit on different tools of CyberArk within the team.
• Experience in Defining Access Control, User Entitlements, Manage Applications Credentials, User Access Policy Management etc.
• Experience in performing Privileged Access Reviews, Compliance Reporting, Access Control Processes and other associated tasks with Privileged User Management.
• Liaise with account teams to ensure that business processes are adequately captured, and key risks are identified and assessed.
• Effectively supported Enterprise Password Vault (EPV) for generic account on application side through CyberArk product suite.
• Securing and maintain privileged accounts into EPV (CyberArk Enterprise password vault)
• Perform Bulk updates of password using password upload utility.
• Generating Entitlement report, privileged Accounts Inventory Report, SYS failed verification, Application Inventory reports, Activity Logs.
• Providing access for users on safes, Adding SYS, SVC, DMZ-SYS, DMZ-SVC accounts.
• Monitoring the Vault. Troubleshooting common User issues and Application issues.
• Monitoring and tracking incidents to ensure resolution occurs within the customer Service Level Agreement.
• Hands on with onboarding of different types of accounts like windows, Linux, Unix, database, SQL sever
• Creating Storage-Only safe in CyberArk, Unlocking accounts in CyberArk.
• Creating the proper safes before on boarding the accounts into EPV based on Line of Business
• Make Sure that authorized Support group is added to the safe and making sure that the default support groups are not missed
• Creating the support groups in EPV Tools based on Line of Business
• Worked on ‘server file category’ in vault.
• Worked on object level access control for password object permissions.
• Creating the support groups in EPV Tools based on Line of Business
• SMTP server IP’s integration in PVWA to trigger email notifications.
• Integrated LDAP for authentication in test environment.
• Hands on with Master Data Policy and Exceptions in Master Data Policy.

CA siteminder administrator

Confidential, WI

Responsibilities:

• Experienced with cross-system identity mapping and reconciliation to OIM identity repository database
• Actively involved in the Requirement gathering for the enhancements to the existing project.
• Analysis and Implementation of the EJB code and making enhancements to the existing code.
• Installed, Configured and Maintained Policy Servers, Sun ONE Directory Server,
• Configured and maintained Policy Store, User stores and key stores in Sun ONE Directory Server.
• Created, Maintained Policy server objects Agents, Domains, Rules, Realms, Policies, and Responses
• Installed, Configured Web agents and Application Server Agents for IIS, Apache and BEA WebLogic
• Created and configured organizational units, groups and users in Sun ONE Directory Server.
• Involved in troubleshooting of Netegrity Site minder policy server, web agent and Active Directory issues.
• Worked on writing Shell script and Linux script for command line interpretation of Operating system.
• Intercept access requests for protected resources and work with the Policy Server to determine whether a user should have access.
• Design, Implementation and Unit Testing of different federation features. Creation of functional specification documents
• Worked with LDIF files (import and export) on Sun ONE Directory Server.
• Fine tuning of Web agents and policy servers for optimized performance.
• Have created logics to edit the display about the doctors for few users using logical Task Handler (LTH).
• Worked on enabling Multi-Factor authentication for PVWA in order to enforce two-step auth for end users, systems admins, and auditors.
• Involved in various projects like Web agent upgrade for various applications to version r12 and Policy Server migration project.
• Experience in Installation/configuring and troubleshooting the LDAPS’s (AD, ADS, ADAM, CA-Directory, SunOne-iplanet and Red Hat Directory Server 7.1).
• Managed engagement with multiple partners and established SLAs for IT services.
• Extensively worked on Vulnerable issues like XSS on to the Site minder Protected Resources
• Involved in UAT analysis for new applications before they are moved into production environment.
• Designed logical security application architecture integrating WebSphere Application Server, Sun One Web Server
• I Planet LDAP Directory Server, Integrity Site minder and implemented Single Sign-On security.
• Responsible to check and configure the integration of SiteMinder 6.0 policies to work with roles defined in Identity Manager 8.1.
• Clustered Policy Servers for failover and high availability solutions.
• Exported LDAP databases to LDIF files and imported databases from LDIF files using Admin Console and command line utilities.
• Involved in server, policy store and key store configuration file backups.

Environment: Integrity Site minder (6.0/6.5), Sun ONE Directory Server 6.1, Microsoft Active Directory, IIS 5.0, BEA WebLogic (7.x, 8.x,10.x), Policy Xpress, Solaris 8, Windows Server 2000/2003, Apache Web Server 1.3x, Apache

CA siteminder administrator

Confidential, TX

Responsibilities:

• Installation, configuration and administration of SiteMinder Policy Server (5.5/6.0) and Sun one LDAP Directory (5.2/6.x/7.0) for multiple high-profile projects.
• Installed, configured and integrated Web servers (plug-in file), SiteMinder agents and LDAP user directory with WebSphere Application Server on Solaris and Windows Platforms
• Experienced in SiteMinder policy server log files for troubleshooting SiteMinder environment.
• Also used UNIX/LINUX tools to analyze these logs and was part of the 24/7 on-call team for troubleshooting.
• Experience in manipulating displays for the users using LTH.
• Evaluated few business logics like checking limits using BLTH (Business Logic Task Handler).
• Installed and configured Web agents on various Webservers like IIS 5.0/6.0, Apache 2.x, Sun One Webserver 6.1/7.0 on different platforms.
• Created Open SSL Certificates and used them to maintain confidentiality and two-way authentication while integrating with third party applications.
• Worked on installation, configuration and maintenance of Sun Identity Manager 7.0/8.0 under Unix.
• Installed and configured CA Identity Manager R12.
• Configured System objects like Agents, Agent Conf Objects, Host Conf Objects, User Directories, Domains, Administrators and Schemas.
• Work on implementing and supporting SAML-based Federation technologies and Active Directory Federated.
• Integrated IDM into Active Directory, Multiple Exchange servers, eTrust Directory, and bulk loaded all users from a flat-file dump from their Auth Source.
• Responsible for working with the SiteMinder team to configure ACO and Policy Server settings
• Involved in ADFS work in providing desktop Single Sign On
• Deployed Sun Java System Identity Manager 8.x full lifecycle implementation.
• Provided architectural guidance for provisioning workflows, physical architecture and design.
• Configured the integration of Siteminder 5.5/6.0 policies to work with roles defined in Identity Manager.
• Worked on Connect Xpress to configure build and deploy connectors, both inbuilt and custom.
• Experience in Installation/configuring and troubleshooting the LDAPS’s (CA-Directory, SunOne-iplanet and Red Hat Directory Server 7.1).
• Installation, configuring, deploying, upgrading, monitoring, performance tuning and maintaining of Web Logic Application
• Portal Servers 7.x/ 8.x/ 9.x/ 10.x on multi Servers and Cluster environment.
• Was involved in integrating custom portals with Ca IDM using Web services.
• Worked on Load balancing and clustering under Siteminder for ensuring high availability.
• Effectively maintained the policy store, key store and the user store.
• Involved with deployment teams in troubleshooting and daily maintenance for applications in production.