SUMMARY:

• With 8+ years of IT industry experience in an Identity & Access Management working on IAM technologies including CA SiteMinder Identity Manager, Auth Minder, Risk Minder and Ping Federation to install and upgrade CA SiteMinder to latest versions, providing SSO, Federation and User Access Management Solutions.
• Extensive experience in Installation, Configuration, Deployment and Maintenance of CA SiteMinder Components like the Policy Server, Web Agent, Policy Store, User Store and Key Store on Windows, Unix and Linux Servers.
• Strong experience in up - grade of SiteMinder Policy Server, Policy Store, AdminUI, Web Agents from 6.x to 12.x.
• Experienced in LDAP based directories like CA Directory Server, ODSEE, Active Directory & Confidential Tivoli Directory Server, Unbound Id directory server.
• Created SiteMinder Policy Server Objects like Policies, Realms, Rules, Responses, Agents, ACO and worked with application teams for Web Agent installation and configuration for enterprise SSO integration.
• Configured Single Sign On (SSO) between applications that are deployed in different domains using Cookie Provider.
• Extensive experience in designing and configuring Federations Access for the Partner Applications using SAML, setting up Identity Provider and Service Providers in SiteMinder Policy Server.
• Experience in configuring CA Secure Proxy Server to use as SSO and Federation Gateway for the application accessing from the internet.
• Worked on Performance Tuning for SiteMinder to provide better response time, high availability and maximum throughput.
• Installed and configured Web Agents on IIS, Apache, Oracle and Confidential HTTP servers and troubleshoot issues associated with the Agent configurations.
• Expertise in Enterprise Infrastructure Security, Design & Architecture involving concepts of Access Control Authentication, Authorization and Auditing.
• Expertise in analyzing the logs (trace logs, warn logs, alarm logs) and Trouble Shooting issues in Integration of other applications using CA SiteMinder and Identity Management tools along with LDAP and Web-server agents.
• Experience in installation of various Operating Systems such as Red Hat (LINUX) and Windows.
• Configuring and troubleshooting Webservers like Apache, IHS, OHS, IIS, iPlanet, and Application servers like JBoss, WebSphere and WebLogic.
• Delivered strategic and tactical service and feature enhancements to end users, including Ping Federate SAML & OAUTH SSO for over 25 connections and a services integration layer.
• Worked on upgrading Ping Federate from Version 7.0 to 8.0.
• Worked on updating Certs for ping federate integrations.
• Worked on ping Access and JWT tokens to authenticate the user using ping Federation
• Hands on experience in designing, deployment, disaster recovery, fine tuning, replication and maintenance of Oracle/SunOne Directory Servers on Solaris and Windows platforms.
• Expert in maintaining, troubleshooting issues in production environment.
• Implemented Logging and Auditing system for Siteminder to track and identify user activity as well as acquire intrusion reports of unauthorized Confidential empts at access.
• Production Support 24X7 on call rotation basis, maintain and monitor Siteminder Policy Servers. Strong analytical skills, interpersonal and leadership skills.
• Experience with Ping Federate for providing SSO solutions to multiple web based enterprise applications.
• Experience in LDAP based directories like iPlanet/Sun ONE Directory Server, Active Directory and Active Directory Application Mode (ADAM).
• Experience in designing, implementing and deploying LDAP architecture which includes replication, data synchronization.
• Fine-tuned and set up High availability with LDAP and Siteminder. Tested and implemented back up & recovery. Designed and implemented solutions for fail over and capacity planning.

TECHNICAL SKILLS:

• Security Netegrity/CA Siteminder 5.x/6.x/12.x.Directory Servers Sun ONE Directory Server (5.1, 5.2, 6.3), Microsoft Active Directory, Novell e Directory 8.7x, WebLogic Application Server 7x/8x, WebLogic 11g/12c, JBOSS 5.x, WebSphere MQ 5.3/6.x, Microsoft IIS, Java (JDK), J2EE Java Beans, JSP, Applets, ASP, JNDI, RMI, Java Mail API, C#, C, SQL, PL/SQL, Perl, JDBC/ODBC.
• IDE's/Tools/Utilities, Operating Systems UNIX (Solaris 9/10, AIX), Red Hat Linux, Win 95/98/NT/ 2000, 2003, Packages & Utilities MS Project 2000, Adobe Photoshop, Adobe Acrobat, MS Office (Word, Excel, PowerPoint, FrontPage Performance Monitoring Tools Site Minder 5.x/6.x one view monitor, Tivoli Access Manager, TPV, Log Analyzer, Thread Analyzer.
• Design Methodologies Unified Modeling Language (UML) 1.0, Rational Rose, Rational Clear Case, Identity Federation and Access management Products & Protocols, CA's SiteMinder, Federation Manager, Identity Manager, Confidential 's Tivoli TAM-TFIM, Pingfederate, Microsoft ADFS 1.0/2.0, SymLabs, OpenSSO, OpenSAML, Federation Services platform FuGen MISP, SAML 2.0/1.0 Profiles AuthnRequest, Response, Logout request/response, Artifact Profiles, Confidential ribute queries, IDP Discovery), WS-FED RSTR, STS, WS-TRUST, OpenID and OAuth profiles.

PROFESSIONAL EXPERIENCE:

Confidential, NJ

IT Security Consultant

Responsibilities:

• Extensive experience in installing and configuring SiteMinder policy server and Web agents.
• Installed, configured and maintained CA SiteMinder Policy Server r12.X, CA IDM r12 and Sun ONE Directory Server 5.2 on Solaris, Windows platforms.
• Worked on migrating objects from lower to higher environment also worked on Active Directory server (LDAP) as user store and various Web and Application servers.
• Installed and configured Ping Access with Ping Federate.
• Protected applications with Ping Access gateway.
• Worked on open token authentication to create SAML, both as idp and SP.
• Configured SiteMinder policy server, created Agents, Agent Groups, ACOs, HCOs, domains and framed rules and responses under a domain.
• Supported policy and web servers and resolved issues of customers aroused during upgrades, integrations and web agent installations.
• Implemented CA Identity Manager solution for role based access, protecting applications from unauthorized access, user identities administration, workflow implementation and generating audit reports compliant with enterprise's security regulations.
• Updated Enterprise's User store with revised user base after new business acquisitions by directory acquisition and Correlation schemas using custom Confidential ributes. Moreover, used web services variables to facilitate federation of web services.
• Created and configured custom alerts and e-mail notifications based on the application requirements.
• Created and updated provisioning policies as per changes in business environment using Policy Xpress.
• Worked extensively on creating Custom Password policies and Authentication schemes as per work request.
• Installed SiteMinder Policy Server Optional Pack and Web Agent Optional Pack for Federation web services.
• Configured agents such as web agents, Affiliate agents and RADIUS agents to provide federation of web services in the SSO environment.
• Migrated SiteMinder 6.0 to 12.0 for advanced Load balancing, failover configurations and for facilitation of user impersonation.
• Worked on user provisioning in Identity Provider (IdP) site, Service Provider (SP) site using SAML for SSO.
• Experience with using Integration Kits and Token Translators for integrating identity enabled web services into SSO environment.
• Configured Ping Federate 5.x/6.x for SSO across multiple web based enterprise resources.
• Tuned system to boost SiteMinder performance in web, application and data tier by using best values of SiteMinder parameters as determined after providing assistance to Web and LDAP administrators.
• Experience with configuring IDP initiated and SP initiated SAML profiles with various bindings such as POST, Artifact and Redirect to complete custom business and security requirements.
• Monitored performance of identity management servers and its components using Wily and One View Monitor.
• Modified SSO Integration Adapters for session cleanup for Single Logout(SLO) in SSO environment.
• 24x7 production support for customers and clients.
• Worked on a new Directory Server Schema's according to business requirements.
• Worked with existing user stores and new external LDAP stores. Integrated Active Directory and Sun One directory servers as user stores and SQL Server as Policy store.
• Experience in trouble-shooting the issues by diligently analyzing web traces and TAI logs.
• Created OpenSSL s and used them for Federation of external Services to achieve the purpose of maintaining confidentiality, message integrity and bilateral Authentication.
• Expertise in performance tuning of policy servers and associated components and generating performance reports using customized crystal reports.

Environment: JDK 1.5/1.7, J2EE, JDBC, XML, SAML 2.0, CA SiteMinder 6.X/12.X, Sun ONE Directory Server 5.X/6.X, CA Identity Manager r12, Tomcat 5.5, Apache 2.0, Wily Introscope 9.2, Solaris 9/10, Windows 2000/2003, Oracle 10g/11g.

Confidential, IL

IT Security Consultant

Responsibilities:

• Worked on installing, configuring and administering CA SiteMinder r12 and Sun One LDAP 5.2, 6.3 on Wintel, Solaris, AIX, and Linux Platforms.
• Migration of SiteMinder 12.0.X to 12.51.X for advanced Load balancing, failover configurations and for facilitation of user impersonation.
• Experience in installing, configuring SiteMinder policy server, Web agents, Netegrity Transaction Minder, Active Directory server (LDAP) and various Web & Application servers.
• Implemented CA Identity Manager Solution for provisioning, delegated administration, workflow implementation and generating audit reports to be compliant with the security regulations.
• Experienced in assisting Web Administrators, LDAP Administrators to determine what the best values for SiteMinder parameters and tune the system to boost SiteMinder performance in the Web Tier, the Application Tier, and the Data Tier.
• Installed, configured and maintaining NetIQ eDirectory & Identity Manager.
• Integrated SM 12.0 and IDM 12.0 and also SM 12.51.X to IDM 12.6.X.
• Updated Corporate User store with the expanded user base as a result of new business acquisitions by directory acquisition and Correlation schemas using custom Confidential ributes.
• Extensively used web services variables to facilitate federation of web services.
• Experience in Configuring CA SiteMinder policy server, framing Rules and Policies, Policy Server maintenance, SSO call clearance, Web Agent & Application agent installations, trouble shooting production problems.
• Involved for automating various tasks with Shell scripting, e.g., maintaining log files, backup of LDAP schema and data files, handling downtime activities.
• Experienced in assisting Web Administrators, LDAP Administrators to determine what the best values for SiteMinder parameters and tune the system to boost SiteMinder performance in the Web Tier, the Application Tier, and the Data Tier.
• Created and updated the provisioning policies as per the change in the business
• Implemented Policy Stores to utilize Sun ONE Directory Server (LDAP) as the user and policy repository on Linux.
• Worked extensively on creating Custom Password policies and Authentication schemes as per the requirement.
• Experience in Configuring CA SiteMinder policy server, framing Rules and Policies, Policy Server maintenance, SSO call clearance, Web Agent & Application agent installations, trouble shooting production problems.
• Installed, configured and integrated Web servers (plug-in file), SiteMinder agents and LDAP user directory with WebSphere Server V7, V8.0.X.
• Installation of SiteMinder Policy Server Optional Pack and Web Agent Optional Pack for Federation web services.
• Configured SiteMinder web agents, Affiliate agents and RADIUS agents to provide federation of web services in the SSO environment.
• Configured user impersonation feature to enable Customer service department to provide a better service to the business clients.
• Configured Ping Federate SSO across multiple web based enterprise applications.
• Performed user provisioning in Identity Provider(IdP) site Service Provider(SP) site using SAML for SSO.
• Has basic experience on scripting python, Perl and VB.
• Experience with using Integration Kits and Token Translators for integrating identity enabled web services into SSO environment.
• Installation configuration and maintenance of RSA authentication manager for enabling token based authentication along with the form based authentication as a part of the security solution.
• Experience with the implementation of RSA two factor authentication tokens for the integrated web service security in a SSO environment for the service provider applications.
• Hands on experience with configuring IdP initiated and SP initiated SAML profiles with different bindings like POST, Artifact, Redirect as per the custom business and security requirements.
• Configured SSO Integration Adapters for session cleanup as part of Single Logout (SLO) in the SSO implementation.
• Creating OpenSSL s and using the same for Federation of external Services to achieve the purpose of maintaining confidentiality, message integrity and bilateral Authentication.
• Rotating backup and log files
• Worked on new Directory Server Schema's as per the needs of the business.
• Experience in developing applications using java, j2ee and using databases oracle 10g
• Worked with existing user stores and new external LDAP stores.
• Integrated Active Directory & Sun One directory servers as user stores & SQL Server as Policy store.
• Experience in trouble-shooting the issues by analyzing the trace and TAI logs.
• Experience with using Wily and One view monitor for performance monitoring of identity management servers and components.
• Experience with performance tuning of policy servers and associated components and generating performance reports using customized crystal reports.
• 24x7 production support.

Environment: JDK 1.4/1.5, J2EE, JDBC, XML, SAML 2.0, CA SiteMinder 5.X/6.X, Sun ONE Directory Server 5.X/6.X, CA Identity Manager r8/r12, Ping Federate 5.x/6.x, Tomcat 5.5, Apache 2.0, Wily Introscope 7.0/7.2, Solaris 8/9/10, framework (VB.Net, C#, ASP.Net) Shell Scripting, Windows 2000/2003, Java, J2EE Oracle 10g/11g, SQL Server 2005, DB2 8.X.

Confidential, CA

IT Security Consultant

Responsibilities:

• Installed and manually configured the SiteMinder web agents on the Apache web servers on Red Hat Linux OS.
• Policy store consolidation was designed to consolidate the existing R6 and the latest r12 in the production environment is a plus.
• Installed and manually configured the SiteMinder web agents on the Apache web servers on Red Hat Linux OS.
• Upgraded CA Siteminder Policy Server 6.0SP5 to R12.
• Installed/Upgraded Siteminder Web Agents 6.x/R12 on IIS 6.0/7.0 and Apache 2.x.
• Creation of trusted hosts, host configuration objects, agents, agent groups, and agent configuration objects, and implementation of trusted host registrations
• Creation of application based Domains, Realms, Rules, Policies and Responses.
• Used smobjexport and smobjimport and migrated policies from SunOne Directory 5.2 to DSEE 6.3.
• Configured load balancing and failover mechanisms for various Siteminder components including Policy Server, Policy Store in QA and Production Environment.
• Was responsible for infrastructure design and development of R12SP3 infrastructure including creating cluster of policy servers on the failover subnets at different datacenters.
• Applied operating system patches to Siteminder according to the system requirements to resolve authentication, authorization, and performance issues.
• Created Identity Provider and Service Provider policies for SAML2.0 Post Federation Assertions.
• Extensively created documents on Root Cause Analysis and the solutions implemented.
• Experience in Troubleshooting urgent priority tickets with minimum response time.
• Worked on integrating many third party applications using CA SiteMinder Single Sign On Services.
• Used to communicate security requirements with software development teams, network engineering and Security.
• Tuned Policy Servers and Web agents for optimum performance, provided recommendation for necessary OS and hardware resources.
• Implemented SiteMinder monitoring using SiteMinder Key note, Site Scope and BMS monitoring system.
• Primary point of contact for identifying and tracking SiteMinder-related issues and maintained SiteMinder Environments on a daily basis.
• Implemented SiteMinder password policies for external Sun One LDAP user repositories.
• Participated in SiteMinder Integration on shore, off shore meetings.
• Responsible for creating and managing processes for SiteMinder support and external user management.
• Primary point of contact for identifying and implementing internal audit processes for SiteMinder-based Authorization and authentication processes.

Environment: CA SiteMinder6.x/R12.x, Sun Solaris10, Windows 2003/2008, IIS 6.0/7.0, Sun One 5.2/ DSEE 6.3, Apache 2.x.

Confidential, TX

IT Security Consultant

Responsibilities:

• Installation of CA Federation Manager, configuring the scenario for federation on development and Production environment and procuring s PKI.
• Meta data Exchange and establishing Circle of Trust Creation (COT)
• Enabling SSL for IdP, SP Domains and for obtaining, Signing, E Confidential yption from authority
• Confidential ribute Exchange and Enabling Provisioning.
• Modifying the Clarity Application, to consume SAML 2.0 Assertion.
• Refining the Oracle DB store to fetch user information from IDP.
• Worked extensively on SMKeyTool, Fed Export and SM Objects.
• Worked with the CA Team to modify the Siteminder FSS Product for a customer specific requirement i.e. incorporated a in FSS smkeystore with quotes in its Issuer DN.
• Federation partner onboarding and: Used FuGen MISP tools in a cloud/virtualized environment to create virtual scenarios, onboard, test, validate and certify the federation partnership.