EXPERIENCE SUMMARY:

Confidential has 20+ years of software and systems engineering experience with Oracle, Linux, application/web servers, and IAM related products. Confidential specializes Identity and Access Management with a focus on security and delivery of integrated systems.

TECHNICAL SKILLS:

Oracle Access Manager with Single Sign - on and Federation Services 12.2.1.3, Oracle Directory Services 12.2.1.3 (OUD, OVD, OID), Oracle Directory Integration Platform 12c, Oracle WebLogic 12c (12.2.1.x, 12.1.3), Oracle Identity Manager with SOA Suite (12.2.1.3), PKI/SSL setup and administration, J2EE administration, Ping Federate, Forgerock IAM, Okta, SailPoint IDM training, Oracle Enterprise Server 11g with RAC and Data Guard, Oracle Database Appliance administration, RedHat Administration, UNIX/Python/Jython scripting

EXPERIENCE:

Confidential

Oracle Identity Management Architect/ICAM Engineer

Responsibilities:

• Build IAM integration solutions with Oracle 12c Identity and Access Management Suite for Confidential Student Information System.
• Implement SSO services using Oracle 12c Access Manger in an HA configuration with WebLogic clusters for production, test, and development environments.
• Authentication and authorization services designed for CAC/Smartcard secure access with two-factor authentication. Implementations deployed within AWS Cloud environment using RedHat 7 and Windows 2016 based servers.
• Deploy Oracle Directory Services 12c with Oracle Unified Directory for SSO application integration. Implement custom LDAP object extensions supporting unique requirements with Higher Education applications. Provision users with Oracle Identity Manager 12c. Support RBAC and ABAC authorization for specific/individual application requirements.
• OAM integration combines Oracle WebCenter Portal, PeopleSoft, Symplicity CSM/Advocate and Infosilem Solutions for Higher Education into SSO integrated solution. Oracle OHS/WebGate services provide perimeter security boundary for OAM/OUD IAM solution.
• Configure certificate validation and revocation services supporting DoD/CAC smartcard authentication.
• Install and configure OCSP responders and CDP services on Windows 2016 Domain. Perform certificate/CAC validation against published CDP extensions as service within OAM.
• Perform PKI engineering functions supporting AWS Cloud ecosystem. Manage and develop internal CA and certificate generation for private/internal network with OpenSSL. Configure all DoD/CAC PKI trust stores within IAM infrastructure.
• Perform PKI tasks supporting solutions from ECA providers IdenTrust and WidePoint for PKI requirements of public-facing Confidential applications.

Confidential

Oracle WebLogic Administrator/EDME Web-Services/Platform Systems Engineer

Responsibilities:

• Perform installation, configuration, administration, and support tasks for multiple WebLogic Server environments in HA configurations for various production, test, and development environments.
• Provide deployment support and administration for CBP application teams within EDME network infrastructure for mission support operations.
• Work with Infrastructure teams to provision new environments, prepare deployment strategies, manage templates for automation, and implement SSL security and certificate configurations using DHS CA infrastructure.
• Provide support to CBP applications teams for administration and maintenance of all PKI and security related configurations.
• Manage and perform patching/security fixes/upgrades to WebLogic environments for hundreds of RHEL 6/7 server installations.
• Write and modify shell, python and WLST scripts for automating startup/shutdown and other administration activities for WebLogic Server.
• Install, configure, and administer Apache Web servers in CBP DMZ zones supporting operations connecting secure WebLogic environments.

Confidential

Oracle Identity Management Architect/ICAM Engineer

Responsibilities:

• Design ICAM solutions with Oracle IAM Suite for Confidential financial and asset management systems.
• Deploy SSO services using Oracle Access Manger in an HA configuration with WebLogic clusters for production, test, and development environments.
• Implement authentication schemes for PIV/Smartcard secure access with two-factor authentication. Servers and services implemented on Red Hat Linux 7.
• Deploy Oracle Directory Services for integration with Oracle EBS Financials and Sunflower Systems asset management.
• Configure Oracle Directory Integration with AD/ADFS and OID. Manage system access and troubleshooting for production users for internal Confidential and external DHS communities.
• Implement PIV/Smartcard secure access for Oracle web-based utilities, including WebLogic Console and Enterprise Manager.
• Secure implementation deployed as SAML 2.0 based federated configuration using Confidential ADFS as shared IDP with WebLogic based applications as SPs.
• Design and administer secure connectivity with PKI deployment for internal Confidential servers and external DHS users.
• All internal server communications SSL based with Confidential CA. External client connectivity SSL based with DHS CA. All internal and external connectivity SSL based per client requirements.

Confidential

Oracle Identity Management Consultant

Responsibilities:

• Oracle IDM Administrator for Oracle Access Manager, Identity Manager, and Directory Services Manager for production, test and development environments. OAM 11.1.2 provides SSO and session management services for multiple College Board internal and external application deployments, accessed via Apache with Oracle WebGate 10g. OIM 11.1.2 configuration provides directory synchronization services with multiple LDAP user communities. Responsibilities include installation and configuration of OAM, OIM and WebGate components.
• Administer and configure LDAP directory services, with Oracle Directory Services Manager 11.1.1.6. Directory providers include Oracle Internet Directory, Active Directory, and custom College Board LDAP provider. Non-OID directories accessed via Oracle Virtual Directory 11.1.1.5. Directory services support internal user community of customer services representatives and external web-based users. External users may self-register via College Board external applications, implemented via OIM. System supports several hundreds of customer representatives via internal applications. External applications support several hundred thousand of users.
• Implement pilot SSO solutions with Forgerock OpenAM 12.0.2, Ping Federate 8.0.4, Oracle Identity Federation 11.1.2.2 and AWS for federated identity configurations.
• Pilot design for evaluation of SSO vendors with configurations alternatives for linking of social/cloud identity providers to proprietary internal users of College Board custom applications.

Confidential

Oracle RAC/Database Appliance Specialist, WebLogic Administrator with Oracle IDM

Responsibilities:

• Install and configure multiple Oracle WebLogic 10.3.6 Server installations.
• Deploy and configure Oracle Access Manager, Directory Services, Virtual Directory, ODSEE and Entitlements Server components, clustered as 2-node JVMs for per domain on RHEL 5.5 x86 64. Install and configure OAM10g and 11g WegGates with Oracle Web-Tier 11g. Provide connectivity to Oracle Metadata Repositories on ODA RAC configuration with Oracle Gridlink combined with Oracle SCAN listeners. OAM and OES deployments integrate with Oracle Virtual Directory, Oracle Identity Federation with SAML, and Oracle Secure Token Server deployments in HA configuration.
• Upgrade Oracle Database Appliance (ODA) 2.2 to 2.3, including RAC 11.2.0.2 to 11.2.0.3 upgrades. Perform Bare-Metal Imaging of ODA versions 2.3 and 2.4 for multiple ODAs delivered for client. Custom imaging includes configuration of multiple bonded network and ILOM interfaces. ILOM configuration facilitates remote configuration and maintenance of each ODA. Separate bonded interfaces provide enhanced security. ASCF cluster files system included as part of ASM deployment.

Confidential

Oracle RAC/Data Guard Specialist

Responsibilities:

• Administer Oracle RAC databases version 11gR2 supporting Property Book Unit System Enhanced Army application.
• Reconfigure Oracle Data Guard configuration of 2TB standby system. System implementations on Solaris 10 platform with Oracle RAC 11.2.0.2.
• Provide configuration assistance and diagnostics for storage using Oracle ASM, production support for primary and standby Data Guard configurations, and backup/restoration/recovery activities of standby site. Perform project assessment and recommendations for proposed hardware upgrades.

Confidential

Oracle DBA

Responsibilities:

• Administer Oracle databases versions 11gR2 supporting HP EMS system implementation for the Federal Bureau of Investigation.
• Responsibilities include installation, configuration and installation of Oracle Servers on Windows 2008 R2, in physical and VMWare environments.
• Perform all backup and recovery operations for development, test, and UAT environments with Oracle RMAN.
• Provide support and troubleshooting to EMS production environments.
• Assist administrators and developers with HP EMS product configuration in an Oracle environment.
• Specific product configurations include HP Performance Insight, Universal Configuration Management, Service Manager and Storage Essentials.
• Provide production support for existing HP EMS implementations.
• Develop implementation DISA STIGs for Oracle 11gR2 and SQL Server 2005. Assist engineering team with resolution of application issues associated with deployment of STIG implementations.

Confidential

Oracle DBA

Responsibilities:

• Administer over 25 Oracle databases versions 9iR2, 10gR2 and 11gR1 for Confidential Criminal Division and OCDETF on VMware platform.
• Configure and install Virtual Center Server and ESXi hosts supporting Windows and Linux based virtual environments.
• Oracle Data Guard and high availability services provided between two independent VMware virtual environments.
• Implement Symmantec Backup Exec Server version 12.5 on Windows platform, supporting Dell TL4000 tape library system.
• Backup system supports virtual environment of Windows and Linux VMs, with Oracle 10gR2 and databases with Oracle Application Server and Oracle WebLogic Server based applications.
• Administer WebLogic 11g based applications, including Oracle OHS, SSO and Identity management 10gAS(10.1.2). Migrate Oracle Application Server components to WebLogic 11g environment, including Oracle Form, Reports, SSO, and Apex. Applications deployed in both physical and VMWare environments.

Confidential

Oracle RAC/Data Guard Specialist/WebLogic Administrator

Responsibilities:

• Provide system design and storage solution with Oracle ASM and Oracle Cluster Ready Services on Red Hat Linux 5. Implement High Availability/COOP solution with Oracle Data Guard for test and production environments.
• Support client engineers with detailed documentation for production deployment of RAC/ASM architecture, including backup and recovery procedures with RMAN.
• Implement Oracle Real Application Clusters 11gR2 in prototype environment. High Availability/COOP solution configured with ASM on SAN storage on 2-node cluster as primary site with single instance RAC with ASM as secondary/failover site. Failover services implemented with 11gR2 Data Guard Broker.
• System Administration of over 100 RedHat servers with SNMP network monitoring.
• Network administration and monitoring with Computer Associates Spectrum 9.1.
• Implement server and agent configuration, access control lists, and alarm/alert notification policies.
• NetApp storage administration for RAC devices, including SnapMirror configuration and failover.

Confidential

Oracle RAC Specialist

Responsibilities:

• Implement Oracle Real Application Clusters 10gR2 for Allegheny Electric Cooperative.
• Provide design and storage implementation of Oracle ASM, with Oracle Cluster Ready Services on Windows Server 2003.
• Support client engineers with detailed documentation for production deployment of RAC/ASM architecture, including backup and recovery procedures with RMAN.

Confidential

Oracle RAC/Data Guard Specialist

Responsibilities:

• Implement Oracle Real Application Clusters 11gR1 and 11gR2 for federal law enforcement clients.
• Provide design and storage implementation of Oracle ASM on Red Hat Enterprise Linux platform.
• Support client engineers with documentation for production deployment of RAC/ASM architecture.
• Configure RAC databases in 11gR1 Active Data Guard configuration supporting infrastructure for Oracle Maximum Availability Architecture, Oracle Grid Control R5 deployment.
• Design deliverable architecture of MAA Grid Control including, RAC/Data Guard, clustered Oracle Management Servers, and COOP site configuration.

Confidential

Oracle RAC Specialist

Responsibilities:

• Deploy Oracle Real Application Clusters for federal law enforcement and defense clients.
• Provide project support for Oracle RAC and Data Guard deployments in high-availability environments for Windows, Solaris, and Red Hat Enterprise Linux platforms.
• Lead RAC administrator for migration of 32-bit single instance databases to 64-bit Windows RAC platform.
• Provide technical project/deployment plan for conversion from single instance databases to multiple RAC environments.
• Develop COOP site deployment plan for disaster recovery operations. COOP site deployment plan is hardware based solution using EMC SRDF and secondary RAC Clusters at COOP site with EMC architecture and functionality.

Confidential

Principle Support Engineer

Responsibilities:

• Provide architectural design, migration and deployment plans for Oracle 9i RAC to Oracle 10g RAC.
• Implement Oracle RAC with ASM storage on multiple SAN devices.
• Design failover capabilities of Oracle Application Server Clusters, including implementation of RAC for the Application Server Infrastructure database and middleware high availability.
• Facilitate Oracle Support assistance to database and network teams as necessary for Oracle Support service requests.
• Design and support RAC, Application Server Forms and Reports, and Oracle Application Server Clusters in highly available configurations on Solaris, Windows, Red Hat, and SuSE platforms.