SUMMARY:

• Over 14 years of USA experience in design, implementation and delivery of high - performance technology solutions with specialization in Identity and Access Management, Enterprise User Security, Application Security, Single Sign on (SSO) and LDAP. Skilled in all phases of the project life cycle, from initial feasibility analysis and conceptual design through implementation and enhancement within all versions of IAM. IAM experience including configuration, administering and installation of IAM suite. Worked across several industry sectors (Govt, Mobile, Retail, and Defense). Managed infrastructure of ForgeRock OpenOpenAM,OpenDJ and OpenIDM. Integrated a lot applications across different platform using Confidential, Sailpoint,CA Siteminder and Forgerock. Most of my experience is supporting Govt project including Confidential, Confidential, Confidential, Confidential and Doc.gov and semi Govt like United Technology. Recognized at several projects for best performance, including IT head of Confidential and Confidential
• Currently working with CMS to migrate their applications from OAM to Okta and Saviynt. Actively participating in all the design and integration tasks. Managing Okta FedRamp environment.
• Supported different size projects as big as Confidential that support 30 million users account creation per min to total 30k user bases in some projects.
• Managed configuration, operations and maintenance support for all the environments(Development, Integration & Testing, and Production)
• Resolved serv1 production issues.
• Provided and maintained migration plans and process documentation for preparing and implementing software patches and new releases of application components
• Prepared documentation for a software development lifecycle (SDLC) for developing, testing and migrating custom code.
• In-depth understanding of IAM architecture, configuration, redesign and upgrade.
• Have excellent knowledge in Identity and Access products, LDAP Directory Server
• Tested and implemented patches in Development, TEST and Production environment.
• Expertise in implementation of Confidential IAM Suite 12C.
• Provide and maintain detailed plans and process documentation for preparing and implementing version changes, upgrades, and replacements of current version.
• Experience in installation, configuration of SiteMinder policy server Web agents, ASA agents, Domino Agents, Active Directory server (LDAP), SharePoint and various Web & Application servers
• Expertise in planning, co-ordination & execution of Disaster Recovery testing of IAM solutions.
• Managed end to end performance tuning of all the components of IAM suite.
• Provided appropriate technical architecture design, guidance, and infrastructure specifications to high availability environment and procedures for complete failover, failback, and disaster recovery capabilities.
• Conducted periodic performance (stress), reliability (high availability) testing, and provide test results and recommendations to client as per their schedule.
• Excellent communicational skills, ability to work as an independently and as a team.
• Excellent client, vendor relationship and technical staff management skills.
• Exceptional problem solver, driven to succeed with strong project management and deep technical capabilities.
• Proven ability to bridge business goals with technology to architect productive solutions.
• Well organized; self-motivated; goal oriented; decisive; always sees tasks to completion.
• Managing daily external and internal security threads using Security Center and Code Vera.
• Implemented OAuth and Open concepts.

TECHNICAL SKILLS:

Directory Server: Sun One 5.2, 11g, Active Directory, OUD, OpenDJ

Confidential Databases 8, 11g/10g/9i including RAC, Mongo Db, PostGres Db.

Application Server: Weblogic, Confidential AS 9i/10g, Tomcat

Identity Management: OID 10g & 11g, OVD 11g, OIM 10g & 11g, Radiant One VDS, SailPoint,OKTA

Fusion Middleware: SOA/WebCenter

SSO: SiteMinder R6, R12, OAM 10g, OAM 11gr1, OAM 11gR2PS2, OAAM 11gR2PS2, ForgeRock

Scripting Languages: WLST, Ant Scripts, wsadmin, Java, Shell, Perl

PROFESSIONAL EXPERIENCE:

Confidential

Sr IDM SI Engineer

Responsibilities:

• Planning CMS applications migration from OAM to OKTA & Saviynt.
• Guiding application owners on how to migrate an application to OKTA & Saviynt.
• Helping to update SSD(System Design Document) and other DDR network related documents.
• Working with OKTA and Saviynt team to discuss all the application integration related issues.
• Planning to integrate application using SAML and OIDC.
• Configured SAML compliance applications in OKTA and send IDP metadata to application owner to import into SP server.
• Guide and provide them documentation on how to integrate non SAML compliance application using F5 and Webserver modules.
• Resolved issues related to attribute miss match between OKTA and current LDAP.
• Configured OIDC agent for applications that are going to be integrated using OIDC.
• Created a template that each application owner fill and we used that information while creating metadata.
• Worked with application owner and helped them to integrate their application. Guide them in case of any error.
• Planned and discussed all the technical aspects of using OKTA and Saviynt FedRamp infrastructure.
• Ensured OKTA and Saviynt communication happen over the IPSEC.
• Recommended installation of Splunk Forwarder to forward Saviynt log communications to Splunk Server.

Confidential

Sr. ForgeRock IAM Consultant

Responsibilities:

• We are tasked to integrate more than 300 application with Forgerock OpenAM from Confidential DS. Integrated most of these applications to use either “CAC or username/password” or “CAC only “authentication. Most of these applications were legacy applications. The biggest challenge was most of the application owner either don’t have a lot of programming experience or don’t have a knowledge of how SAML works. I have created Knowledge Base doc for the users and it was shared to all the applications owners. My first round of discussion was to explain how SAML works and identify all the applications that are in the scope of the project. In the first round we integrated all the SAML supported application with OpenAM and later any application who were on “OpenAM Supported Applicatin Servers”. We used Application servers modules (mod auth Mellon, Shibboleth) for these applications. All the client server applications were integrated directly with OpenDJ. Any application which are not SAML compliance and running on supported ForgeRock OpenAM Application servers, we are integrating these applications using Application Servers modules (mod auth Mellon, Shibboleth and others). The successful model we created was “Live KT doc”, we were updating this doc with any lesson learned from previous integration and their contact information if they want to volunteer to help other Line offices. It created ripple effect and most of the new application integration become easy.
• Supporting environment that have OpenIDM, OpenAM 13.5 and OpenDJ.
• Applied patches to Apache server to avoid security vulnerability.
• Integrated Apache hosted application with OpenAM using mod auth Mellon.
• Configured OpenAM to support OpenID Connect(OIDC) integration.
• Utilizing Postman to update/query users attribute values.
• Applied patches to troubleshoot replication delay issues.
• Updated apache versions and applied fixes to bugs related to external app pop up.
• Troubleshoot application integration issues by reviewing Authn request and SAML responses.
• SAML Integrated application that are built on JAVA, ASP.NET, Ruby, Python, PHP.
• Extended realm schema to include extra attributes send to users visa SAML response.
• Created new IDP for a specific application to meet their unique requirement.
• CAC enabled most of the applications after integrating with ICAM.

Confidential, MD

Sr. IAM Security Admin

Responsibilities:

• Managing day to day activities related to Security during Open Enrolment.
• Managing ForgeRock 13.5 OpenAM environment for Access Management with OpenDJ 3.5
• Managing SailPoint for Identity Management Solutions.
• Providing in-depth analysis of user’s suspicious activity by reviewing Security Center alters.
• Applying Patches and supporting routine maintenance activities.
• Analyzing code released into the system for security vulnerabilities using Code Vera.
• Integrating new application with SailPoint and ForgeRock as per requirements.
• Automating health Check process to make sure all the servers are running smoothly.
• Troubleshooting Authentication and Authorization issues related to applications.
• Creating application instances and importing user’s Id into the SailPoint to enable user’s identity management.

Confidential, Washington DC

Sr. Confidential Consultant

Responsibilities:

• Managed OAM 11g R2 that was supporting new environment.
• Managed OIF that was integrated with Confidential 10g and 11g applications.
• Managed OID and OVD R1 environment.
• Managed daily database backup and extend Tablespace and added datafile as per need.
• Performed disaster recovery of RAC 11g database.
• Performed scheduled update patch maintenance of OIF, OAM and Weblogic servers.
• Installed and configured Confidential FMW 12c stack at windows.

Confidential, Columbia, MD

Sr. OIM Consultant

Responsibilities:

• Manage OIM that is integrated with more than 30 applications.
• Make sure all the applications are up all the time to support growing needs of Confidential serving companies.
• Troubleshoot provisioning failure issues related to OIM and target resources.
• Provide root cause analysis of new and old failures.
• Recommended several improvements to resolve performance related issues.
• Working on an application that has WAAS and IACS framework.
• Integrated new application in OIM and modified applications as per requirements.
• Applied new OIM patches.
• Involved at requirement gathering for new applications.
• Troubleshoot very complex environment that have multiple applications integrated in OIM.
• Recommended change in Provisioning task Adaptor to automate name update at target system.
• Discussed our current troubleshooting approach and recommended improvement in the process to decrease Remedy tickets.
• Worked on second shift for deployments.
• Involved at troubleshooting calls and provided guidance to fix application connection issues.
• Created SR with Confidential due to server looping and after completing root cause analysis, implemented Confidential recommendation into all the environments.
• Lead a team effort in order find an issue with application that is causing most incidents and provided troubleshooting recommendation to higher management.

Sr. IAM Consultant

Confidential

Responsibilities:

• Actively involved in troubleshooting user provisioning failure issues.
• Developed a script that will generate required report automatically, it reduced 2 days of manual work.
• Recommended steps to reduce ticket count by modifying OIM user’s registration page.
• Recommended process improvement procedures that will reduce manual provisioning of accounts.
• Discover issues with current Disaster Recover document and rectify them, so it can be used in case of real Disaster.
• Created new Attributes, Users and Groups as per enhancement request.
• Provided steps to integrate Exadata servers with OID.
• Provided guidance to utilize OIM functionality (auto provisioning of applications).

Confidential, Overland Park, Kansas

Senior Confidential Identity Manager Consultant

Responsibilities:

• I was send by Confidential to implement this OIM/OPAM/OUD integration project. I was involved in installation, configuration of OIM, OUD and OPAM. The scope of this project was to manage user’s accounts and thousands of Entitlements.
• Installed and configured OIM 11gR2 PS2, OUD and OPAM.
• Customize OIM as per customers’ needs.
• Integrated OIM with OPAM.
• Configured AD LDS as a trusted source and OUD as a target source with OIM.
• Load 60,000 entitlements into OUD and manage it thru OIM.
• Provided Training to onsite team about OIM, OPAM and OUD products.
• Simplified their Identity Management environment and achieved the requirements with correct amount of servers.

Confidential, Columbia, MD

Sr Confidential Access Management Consultant

Responsibilities:

• Managing environment that have over 30 Web gate (10g and 11g).
• Tested OAM capability to handle over 30 million new users’ accounts creation request.
• Managing OAM servers in cluster environment.
• Managing OAM servers with over 50 complex authentication schemes.
• Applied latest security patches at OAM.
• Managing 2 environment OAM 11gR1 and OAM 11gR2PS2.
• Tested OIM 11gr2-OAM 11gr2-OID 11gr2 integration for any issues related to identity and access.
• Troubleshoot issues related to OAM response time.
• Managing environment that support legacy application access thru OVD.
• Troubleshooting complex integration issues related to identity and access.
• Working on a project that have very high visibility nationwide.
• Resolved very complex issue using right tools and correct diagnostic approach.
• Tested OAM environment for DNS failure and all use case failure issues that can occur during open environment period of Confidential .
• Recommended several improvements about system health and capability.
• Leading a team of 5 people to support round the clock Confidential
• Resolve issues at timely manner to make sure system is healthy enough to support the huge load.
• Providing round the clock on-call support of any issue arises or sees any abnormal behavior of OAM servers.
• Installed and configured OSB 11gR1( Confidential Service Bus) for payment processing.
• Created and Configured Java Fedlet at OAM 11g R1PS1.
• Configure Security Token Services at OAM 11gR1PS1.

Confidential, Dallas, TX

SME Confidential Fusion Middleware

Responsibilities:

• Working in Confidential Middleware technologies(OID,OAM,OVD,OES,OIM,OIF,OIA,OAAM) environment.
• Implemented 10g Webgate authentication to current application.
• Installed OAM 11gR2ps2,OIM 11gR2ps2, OAAM and OID.
• Applied latest SOA and OIM patches(required for OIM 11gR2ps2 installation).
• Migrating OAM and OIM from 10g to 11gR2ps2.
• Created custom connector in OIM 11g to communicate with external applications.
• Created Authentication and Authorization policies in OAM 11gR2ps2.
• Configure Webgate 11g with OHS 11g.
• Configure SSO for external application using OAM and OIM 11gR2ps2 integration.
• Created Policies and Authentication schemes for OAM 10g and 11gR1 and R2ps2.
• Implemented custom work-flows at OAM 10G.
• Modify OID schema object and added additional Object Classes and Attributes.
• Implemented Lost Password Management at OAM 10G.
• Integrated OIM,OAM,OID 10g to implement password reset functionality.
• Created custom solution to reset security questions in OAM 10g.
• Integrated OIM 11g with OID 10g,OID 11g, OAM 11gR2ps2 and OAAM.
• Implemented LDAP sync between OIM 11gR2ps2 and OID 10g.
• Make required schema changes in OID 10g for integrations with OIM 11g and OAM 11gR2ps2.
• Configure OID 10g connector with OIM 11gR2ps2.
• Customize OIM 11gR2ps2 for user self-service registration.
• Implemented Lost Password Policy using OIM, OAM, OID, OVD and OAAM integration.
• Customize System Configuration, notifications and Schedule jobs in OAM, OIM 11gR2ps2.
• Create new and modify default templates.
• Created new Notifications and Schedule job.
• Customize OIM 11gR2ps2 layout as per company requirements.
• Created triggers in OIM 11gR2ps2 to make it more user friendly.
• Enable logging thru Enterprise Manager and configuration file for troubleshoot purposes. Also create old handler to specify different log location.

Confidential, Hartford, CT

Confidential IDAM /LDAP Architect

Responsibilities:

• Migration from SUN ONE 5.2 to ODSEE 11g
• Migrated 5.2 consumers and masters to 11g environment.
• Created two-way Replication between 5.2 and 11g environment.
• Migrate all LDAP Connector from Solaris to Linux.
• Troubleshoot and modify Perl, Shell and java scripts according to requirements.
• Backing up directory servers and troubleshooting replication issues between both all environments (5.2 and 11g, 11g to 11g and 5.2 to 5.2).
• Implement new ACI’s to restrict certain groups.
• Modify schema values thru console and ldapmodify command.
• Add new OU as per new requirements.
• Monitor day to day operations to ensure LDAP Server reliability.
• Support 5.2 environments on Solaris and ODSEE 11g on Linux environments.
• Implemented 11.1.1.5.1 patch for non-uniform memory access (NUMA) Linux servers.
• Implement new indexes for performance reasons at 11g and 5.2 environments after monitoring logs daily.
• Working on Support issue regarding Sun IDM and LDAP.

Confidential

Identity and Access Management Admin

Responsibilities:

• Implement & configure Confidential identity management 11g solutions
• Experience with implementing an OIM solution that scales to existing users
• Development and enhancements Banner/OIM web services
• WebLogic configuration and administration
• Created and configured the SVN Repository
• Delivered installation document, Administration document and high-level flowchart.
• Implemented OIM, OAM, OID, OVD, OID, OHS, SSL configuration for OID instances.
• Created Custom Connectors and configured out of the box connectors.
• Created Plugins (Scheduled Task and Event Handler)
• Prepared Policy configurations, Identity store configurations for OIM, OAM, WebLogic in OID.
• Webgate configuration and registration with Confidential access manger.
• Confidential Access gate configuration for EBS application
• Setting up Confidential Identity Manager for Single Sign-On with Confidential Access Manager.
• Confidential Access Manager Integration with OBIEE Application.
• Worked extensively on creating Custom Password policies and Authentication schemes as per the requirement.
• Created Users, Access Policies, Authorization policies and custom attributes
• Configuring & provisioning to Active Directory
• Performed Unit Testing
• Responsible for documenting the various process flows
• Possesses the ability to effectively deal with all levels of individuals in an organization to gather requirements, communicate changes and guide users
• Configured Confidential Identity Manger and Access Manger sample Reports
• Experience with upgrades process from 10g to 11g. Worked with both 10g and 11g versions of OAM.
• Involved in planning and co-ordination with infrastructure team, network operations, server admins and Database admins to perform site disaster recovery testing.
• Prepared of Disaster Recovery plan, run book and post execution reports.
• Prepared the operations guide and educated the client with the operation procedures.

Confidential

SiteMinder LDAP Engineer

• Assigned as a consultant to install, configure, implement, maintain and support enterprise infrastructure security solutions.
• Extensively worked to fine tune Sun One Directory server (LDAP). Implemented multi master replication.
• Worked in enterprise monitoring solutions and setting up HP OpenView, HP SiteScope and BAC troubleshooting and Performance tuning using Resource analyzer and log analyzer and ISA support Agent
• Application server administration activities including infrastructure planning and designing, configuration of servers /clients, user management.
• Upgrading and configuring the administration of Sun One directory
• Resolved issues during the migration of ‘user data’ from Sun One directory server 5.1 to 5.2.
• Provided 3rd level support for LDAP, SiteMinder issues.
• Maintain working relationship with application owners and subject matter experts to determine current and future needs.
• Work with other Web Hosting team members and Java Development staff to understand requirements.
• Environment: Sun Solaris, Red Hat Linux, CA SiteMinder Policy Server, Sun One Directory Server 5.2 and 5.1, IIS 6, Apache HTTP server 2.0.61 and Application Server
• Upgraded CA SiteMinder from 4.x to 5.5. Installed and configured SiteMinder Policy Servers and Policy Stores to utilize Sun ONE Directory Server (LDAP) as the user and ‘policy’ repository on Sun Solaris.
• Major re-architecture of existing SiteMinder realms, rules and policies performed for performance enhancement and stability.
• Installed and configured the SiteMinder web agents to work with IIS.
• Extensively Involved in trouble shooting issues arise in Upgrade, Installation & Upgrade process.
• Performed technical review of all changes in conjunction with Change Management Team.
• Data migration, backup and recovery in a replicated environment including performance tuning and optimization. Load test monitoring of the LDAP servers using SNMP monitoring tools.
• Create, modify, and configure replication agreements between master and consumer, checking if the consumers are in sync with the master in LDAP.
• Integrate applications from development to production. Assist development teams in identifying and resolving environment-related issues.
• Developed custom web pages and screens for SiteMinder Authentication and Response forms using Java JSP & HTML
• 24x7 production support with on-call rotation. Co-ordination of Stress & Performance Tests
• Provided 3rd level support for LDAP/SiteMinder/Code issues.
• Installed and configured SiteMinder user directory and policy store on LDAP. Replicated policy store and configured fail over scenarios.
• Configured load balancing and failover mechanisms for various SiteMinder components in QA as well as Production Environment.
• Analyze LDAP Schema and DIT and Modify LDAP Schema and DIT as per business requirements.
• Installed and configured LDAP connectors to manipulate the data in the database server.
• Imported data from various sources into LDAP Directory.
• Designed and implemented multi-master replication, online backups and restore.

Environment: Sun Solaris 2.8, Sun One Directory Server 5.2 and 5.1, IIS 6, Apache HTTP server 2.0.61 and WAS (Web Sphere Application Server) CA SiteMinder, Sun one Web Server 4.x and 5,, java scripting.