Role: Sr. Systems Analyst
Provide nationwide IT consulting services in contracting and sub contracting role capacities demanding Subject matter or Solution Architect expertise primarily involving the customization and implementation of CA Siteminder, Sun One LDAP Directory server, and Sun Identity Manager software products.
Technical Environment: Windows 2008/2003 Server, Sun Solaris 10.0, Sun Identity Manager 7.1.1, IBM Web sphere 6.0, SAP E.C.C 6.0 System of Records, Active Directory 2003/2008, Net beans, MS Exchange server 2003/2007, MS Visio 2007, Lenel RFID Badging system, Remedy server
- My role at eBay is providing IT services for the overall development and maintenance of Sun Identity Manager version 220.127.116.11 for the automation of provisioning, de-provisioning, administration and management of eBay's employees, and alternate workforce. I am the lead responsible for enabling the IDM team to perform data refresh operations in order to maintain data consistency and uniformity across several disparate systems integrated with Sun Identity manager. I am also responsible for the platform migration project until completion.
- Established the procedure to perform data refresh operation for full refresh and delta refresh respectively.
- Have effectively gathered, utilized and documented the source code ldapfilt.jar, ldapjdk.jar, and ldapsp.jar from the netscape.ldap.util, netscape.ldap.controls and JNDI LDAP service provider packages respectively to derive the logic for coding the Search Utility and the Logic to perform data refresh operation between two LDAP based instances. The source code is part of the LDAP API package from Mozilla.
- Have written and documented the code to perform LDAP search queries during the data refresh operation.
- Have written and documented the code to execute the data refresh operation between two LDAP instances.
- Assist in upgrading the Sun Identity manager infrastructure from IBM web sphere 5.5 to 6.0 and Solaris 9 to 10.
- Serve as the senior team member to assist operational requests for maintaining excellent end user experience.
- Day to day modification to the xpress logic in order to assist in workflow enhancements and debugging the xpress and Java classes to ensure proper maintenance of workflow processes and sub processes
1 Liberty Mutual: -
Technical Environment: Windows 2008/2003 Server, IIS 7/6.1, Solaris 10, Sun One DS 6.3/5.2, Big IP, HP Service Center, IBM Data Power, BMC Proactive Analytics, Apache HTTP Server 2.2.6, CA SiteMinder Policy Server 6.0 SP5/Option Pack 6, Solaris 8, BEA Web Logic Server 9.2, CA SiteMinder Web Agent 6QMR5CR32, Cyber-Ark Enterprise Password Vault and Checkpoint Integrity.
- The daily operations at Liberty Mutual data center located at Portsmouth, NH involved assisting in the upgrade of Sun One Directory Server from version 5.2 to 18.104.22.168. I gained real hands on Perl programming experience while assisting the sun one architect in migration of user data from 5.2 to 6.3. Additionally, I assisted various development teams in configuring Siteminder SSO for their IT applications in the Dev, QA and Production environments. I also assisted the Firewall team in their day to day operations to monitor approve the requests from various application teams in order to be able to bind and perform read/write operations onto the Sun One LDAP DS.
- Obtain Validations and Sign offs from the various application teams for running the user data migration scripts.
- Assist the Sun one directory server architect in writing and modifying the user data migration scripts, reporting script runs, and send warning and error notification emails to the directory services team in Perl.
- Provide tree design improvements for performance improvements and administration effectiveness document technical functional Specs for sun one LDAP directory server best practice implementation.
- Support provide workarounds for various CA Siteminder deployments like Trust Association Interceptors troubleshooting Siteminder implementations at the core.
- Integration of external Sales Force Application site in to Liberty Mutual Corporate site using Siteminder SAML.
Technical Environment: CA Siteminder Policy Server 6.0 5.5, CA Siteminder Policy Server Option Pack 6, CA Siteminder Web Agent 6QMR5CR16 5, CA Siteminder Affiliate Agent, IIS 6, IIS 5.1, Windows 2008 2003 Server, HP UX, BEA Web Logic Server 9.2, Sun One DS 6.0, Sun One DS 5.2, Snort, and Nessus
- Provided IT services to develop and integrate directory enabled applications for the authentication, authorization of end customers, corporate portal users and support the portal applications hosted by the Carlson group's corporate IT management team located at Minnetonka, MN. Part of the assignment also involved integrating affiliate sites into the corporate group's SSO environment to support health care services for the employees
- Requirements gathering for the implementation of a centralized user directory repository which included the day to day collection of user data from customer registration forms and customer lists.
- Perform capacity planning in terms of hardware and user load for Siteminder policy servers, LDAP directory servers.
- Installation and setup of Dev, QA, Staging, and Prod Instances of Sun one directory server.
- Migration of employee and contractor information from previous relational Oracle database repository Windows 2000 active directory implementation.
- Creation of directory server schema for the intranet users and customers based on the hierarchy, organizational structure, departments and groups in the business and based on the applications and services provided by the business respectively.
- Write UNIX shell scripts for the automation of modifications/periodical updates to the user objects stored in the directory server which also included for new user additions.
- Customize the shell script utilities in order to automate alarm the process of checking/ polling the replication statuses among the directory server instances aka status monitoring scripts.
- Installation of Siteminder policy server in the Dev, QA, Staging and Prod environments respectively.
- Configuration of the sun one directory server instances as Siteminder policy and key stores.
- Installation configuration of Siteminder web agent for the Web Logic server platform to provide SSO between the applications in the portal environment.
- Creation of trusted hosts, host configuration objects, agents, agent groups, and agent configuration objects and implementation of trusted host registrations.
- Customize and automate the process of migration of configuration settings corporate user access policy settings from development to QA, and QA to Prod environments respectively.
- Integration of affiliate healthcare provider site with the corporate portal site.
Installation of option pack for Siteminder policy server, policy configuration for federation web services and affiliates.
- Configuration of SAML artifact authentication scheme and assertion generator.
- Installation and configuration of SAML affiliate agent on IIS for the affiliate sites.
- Performed ethical hack testing and penetration testing of applications.
- Active participant in weekly group meetings organized by the Carlson Corporate Group's Information Security Committee.
- Suggested and acted on implementing intrusion detection mechanism and vulnerability scanning tools for the businesses IT infrastructure.
Technical Environment: Sun Identity Manager 7.1, Windows 2003 server, MS Active Directory, Solaris 9, Tandem Computers, PeopleSoft, Oracle, MS SharePoint Server, Sub Version, Net beans, Apache web Tomcat Application server, Lotus Domino Server and IIS.
- I was one of the two Off-Shore team members of the iPass team responsible for the day to day maintenance of Sun IDM version 7.1 deployments at The Western Union Company. Additionally, I was part of the TRM operations and played an active role in the betterment of the Technology Risk Management functions as part of due diligence to my job duties at The Western Union Company. I provided recommendations and workarounds to IT security best process and enhancing the overall system security
- Prepare POC, automate identification of who has access to do what , create policies, rules and reports, report on roles and responsibilities, developed and tested the resource adaptors.
- Interaction with application teams that manage major user repositories and/or need to automate/standardize user access request process, to gather requirements, design and deliver solution to integrate with Sun IDM implementation.
- Customize the xpress language code to integrate with custom java classes in order to provide automated email notification.
- Install and configure Sun IDM Gateway for provisioning user accounts in Active Directory.
- Installation of 'Password Sync' on AD Domain Controllers and configuration of JMS resource adapter for user password synchronization on resources.
- Develop custom code to set ACLs in AD for create/update after resource actions.
- Customize workflows to notify the resource owners, managers, and administrator of records.
- Write one time workflows, modify and test rules for various IT requests to create and delete resource accounts, enable disable users, unlink resource accounts from the users, and update resource groups.
- Workflow verification, plan and assist for regression testing.
- Configure custom capabilities for role based delegated access to various resources through SUN IDM.
- Configure the Sun IDM reconciliation process modes full and incremental to send retrieve updates from a resource while maintaining optimum speed, performance, integrity and data availability with respect to the current end systems.
- Configure reconciliation processes for AD to resolve the user account conflicts and duplication.
- Performance tuning and load balancing the SUN IDM instances for reconciliation processes and end-user self service requests.
- Configure active synchronization adapters, loading accounts into Sun IDM system through 'Extract to file' and 'Load from file' discovery processes and loading employee accounts from PeopleSoft oracle database HR tables into the Sun IDM system through 'Load from Resource' discovery process.
- Hands on implementation of end user automation of delegated administration, self-registration, password management, auditing and reporting functions.
- Customize JSP pages in IDM for manager search, owner selection, department selections and date selections etc. while provisioning user accounts.
- Configure scheduled task to run deferred tasks to notify and disable the contractor accounts and move them to disable container in AD if the manager or account owner doesn't approve the extension of the contract period.
- Support Sun IDM and troubleshoot user provisioning and de-provisioning issues, document the customization of work flow process, forms and views.
Technical Environment: Solaris 9, IBM HTTP Server 6.0.23, Sun One Directory Server 5.2/5.1, CA SiteMinder Policy Server 6.0 SP4/5.5/5.0, Windows 2003/2000 Server, IIS 6.0/5.1, CA SiteMinder Web Agent 6.0/5.0/4.0, Cisco Pix, Sun One Web Server 6.1, IBM Web Sphere 6.1, Active Directory
- The SSO project assignment at Citigroup involved providing 24/7 technical support to the portal applications serving the needs of intranet users and partners logging into the Citigroup's technology portal from worldwide locations. The SSO implementation project had also provided an excellent hands-on opportunity to learn and upgrade the Siteminder Sun one LDAP environment/s from time to time. Citigroup maintained a Java based portal site hosted on IBM Web Sphere Application server for its employees and partners.
- Support eTrust Siteminder, Sun One Directory, RSA SecurID and RSA Adaptive Authentication, eTrust Access Control, eTrust Audit, eTrust Admin, BoKS, Decru, Vasco, RADIUS, RSA SecurID, Safe Word, APANI, ESM, OVSI, Citisafe, CAAS, Entrust, PPAK, CiscoSecure, Autosys, SSH Tectia, PKWARE, SecureZIP, HIPS, USB Protection, Laptop Encryption, McAfee, and their administration via command line and GUI.
- Install, configure and maintain a centralized Sun One LDAP Directory Server for the Citigroup portal users, create schema based on the functional spec document, create LDIF files to import data into the directory server, modify and create security statements for special access permissions ACL's .
- Write UNIX Shell script to automate weekly directory server backups db2bak and perform log rollovers.
- Understood and performed backups, restores of Sun One directory server, installations, upgrades, configuration and administration of Sun One Directory Server 5.2, upgrades of Sun One Directory Server from 5.1 to 5.2, migration of 'user data' from Sun One Directory Server 5.1 to 5.2 and developed custom Java code for differencing the directory schema/s and migrating the user data for the same.
- Provide user store management weekly 'performance enhancement' routines to Sun one directory server: db2ldif exports, ldif2db imports, db2bak backups, bak2db restores, db2index, cache tuning and log rollovers.
- Provide LDAP support Analyze and troubleshoot LDAP operational issues.
- Prepare installation, test and back-out procedures for UAT and production Siteminder environment changes install Siteminder 5.5 policy servers, migrate the settings from 5.0 to 5.5 for all of the policy servers, install Siteminder 5.5 web agents for IIS and IBM HTTP web servers.
- Customization of Siteminder functionality to automate the processes of verification and validation for the cases generated from UI testing in order to be able to complete the process of application sign offs and push the changes from UAT to production environment Write migration scripts for the same in Perl.
- Integration of Siteminder with RSA SecurID for two factor authentication for employees and contractors.
- Integrate of Siteminder with RSA adaptive authentication system for image based recognition of the end user aka Site-to-user authentication for all of the classifications among partner profiles.
- Upgrade to Siteminder version 6, install SAML affiliate agents to include new business groups, authorize and direct the new users to legg mason affiliate sites.
- Perform daily Siteminder updates to the UAT and development environments like creating, modifying domains, rules, realms, policies, responses, HCO's, ACO's and Agents, implement Citigroup policy based security and create HTML forms authentication schemes.
- Provided technical support to the end-users of the Citigroup portal site, performance tuning of Siteminder to provide better response time, low latency, high availability and maximum throughput, perform technical review of all changes in conjunction with Change Management team.
- Perform Maker/Checker roles for all changes in the production UAT environments.
- Handle SSO operational issues and troubleshooting Siteminder production implementations.
- Handled all escalations for customer requests/tickets, provide 24 X 7 coverage during emergencies, resolved 1400 Siteminder, LDAP group requests and day-to-day reporting to Level II Team Lead.
- Follow information security concepts as applied to end-user authentication and authorization.
- Maintain and operate logging structure, and conduct end user training as needed.
- Serve as technical point person for all production outages, security incidents and other emergencies.
- Perform Net meeting support as needed.
- Perform Level 2 daily, weekly and monthly health checks.
- Perform Level 2 troubleshooting, advanced problem analysis and system configuration validation.
- Maintain working relationship with application owners and subject matter experts to determine current and future needs.
- Prepare project plan and submitted weekly progress reports, throughout the project duration.
- Provide secure reverse proxy administration and proxy service protection for internal web infrastructure.
- Provide SSL, fault tolerance and load balancing.
- Resolve performance problems, outages and forecasting for capacity.