- 8+ Years of professional experience in implementing, operating and maintaining Identity and Access Management solutions including user provisioning, role - based access control, authentication, and authorization.
- Successfully implemented Web Access Management Solutions using Ping Access and other security products like CA Single Sign-On (CA Site Minder).
- Involved in designing and implementation of end-to-end security solutions involving different security products.
- Hands on experience in Federation, SAML, Open ID,OAuth, Open ID based integrations and other industry standard authentication/authorization solutions.
- Extensive experience in Client interaction and support maintenance engagement in Web Authentication.
- Implemented a secure identity and access management infrastructure design, authentication, authorization and business application integration, custom-built solutions and technology frameworks.
- Experience in debugging of authentication/authorization related issues and creating Rules, Responses, Realms and Policies in Site Minder.
- Expertise in Installation, configuration, deployment and maintenance of the Site Minder components the Policy Server, Web Agent, Policy Store and Key Store certificate store.
- Experience in SAML based authentication using Ping Federation, Site Minder Federation and integrate with Site Minder authentication and another adapter.
- Experience in deploying SAML based highly available solutions using Ping Federate and other security products.
- Designed and implemented Ping Identity Solution for Web Access Authentication using Ping Access and Ping Federate.
- Experience working with Active Directory using LDAP protocol and good understanding of the LDAP concepts.
- Installed and configured Ping Access servers, Gateways and Agent to protect the resources.
- Worked on Ping Access Integration with Ping federate to protect the applications using Ping Access Tokens.
- Ability to work with and design Active Directory, LDAP, and other Enterprise Directories.
- Experience as a configuration administrator to protect web applications using CA Single Sign On.
- Involved in Capacity management with hardware and software architecture for middleware integration and management
- Experience working with load balancers, firewalls, proxies, LDAP, XML, SQL, JDBC, WebServices, Active Directory, SAML, and Oracle.
- Experience with implementing federation solutions in Cloud environments leveraging SAML.
- Experience with administration of Windows servers, database servers, including Oracle and SQL Server, and Web servers, including Tomcat and IIS.
- Troubleshooting the production environment and working with vendor ticketing system.
- Ability to work with different teams and interact with technical and business personnel across the Enterprise.
Identity and Access Management: User Provisioning, Access Management, Single Sign On, Enterprise User Security, Role Based Access Control (RBAC)
Application Servers: Apache Tomcat, Jboss, Web sphere, Web logic
Databases: MS Access, MS Sql Server, Oracle
Directories: MS Active Directory, Oracle Internet Directory, Sun One, Oracle Virtual Directory
Connectivity Tools: Putty, Telnet, FTP, Cisco VPN, Remote Admin, PC Anywhere
Frameworks & IDE tools: Apache Commons, Eclipse, NetBeans
Languages: Java, HTML, CSS, XML, T-Sql, PL-Sql, PowerShell
Operating Systems: Windows, Linux
Confidential, St. Louis, MO
Sr. SiteMinder Engineer
- Designed and architecture IDM and SSO solution for the client. Involved in the capacity planning and infrastructure setup for the security solution.
- Installed, configured and maintained CA Site-Minder Policy Server 12.0/12.5, OID 11g and Oracle Directory Server Enterprise Edition on Linux and Windows platforms.
- Upgraded SiteMinder environment from R12 to R12.52.
- Experience in installing, configuring Site-Minder policy server, Web agents, Active Directory server (LDAP) and various Web & Application servers.
- Installed and configured Policy Store on OID 11g.
- Configured custom alerts and e-mail notifications based on the business needs.
- Worked with application team in gathering the requirements for new application setup.
- Installed and configured the web agents on IIS and apache
- Experience in Configuring CA Site-Minder policy server, framing Rules and Policies, Policy Server maintenance, SSO call clearance, Web Agent & Application agent installations, troubleshooting production problems.
- Experienced in assisting Web Administrators to determine what the best values for SiteMinder parameters and tune the system to boost SiteMinder performance in the Web Tier, the Application Tier, and the Data Tier.
- Integrated new applications with SiteMinder. Created Agents, Agent Configuration objects, Authentication schemes, Created Realms, rules, Responses and policies and Installed web agents on different platforms.
- Configured the Trace logs in policy server and Web Agent to keep track of user activities.
- Worked with existing user stores and new external LDAP stores.
- Integrated Active Directory, ODSEE servers as user stores & Policy store.
- Expertise in analyzing the logs (trace logs, smps logs, event viewer logs) and Trouble Shooting issues in Integration of other applications using CA Single-Sign-On and Identity Management tools along with LDAP and Web-server agents.
- Experience with performance tuning of policy servers and associated components and generating performance reports using customized crystal reports.
- Provided 24x7 production support during on call weeks.
Environment: IDM, SSO, OID 11g, R12/R12.52, LDAP, ODSEE.
Confidential, San Francisco, CA
SSO Pingfederate Consultant
- Designed, deployed and supported highly available and scalable Ping federate infrastructure in AWS and On-premise that provides single-sign-on (SSO) and federation solutions for internal accesses.
- Configured and supported SAML based Identity & Service Provider connections
- Implemented open ID and OAuth solutions using Ping Federate.
- Installed & Configured Pingfederate Policy Severs & Policy Stores, Integrated Policy Store with LDAP to use LDAP user repository.
- Performed POC for Ping Access Authentication Solutions.
- Created SP /IdP connections using Ping Federate with external partners.
- Supported development with integration of Mobile Apps using OAuth/SAML in Ping federate.
- Developed custom Ping Agent using Ping SDK and Implemented SAML Protection.
- Successfully upgraded Ping Federation Services from 7.2 R2 to 8.2.1
- Developed shell scripts for backing up current setup and upgrading between different Ping federate versions.
- Creating Open SSL Certificates and using the same for Federation of external Services to achieve the purpose of maintaining confidentiality and message integrity.
- Involved in requirements gathering, development if required, integrating and testing for enabling SSO for the application.
- Participate in the definition of functional and non-functional system requirements.
- Updated requirements as per business user's feedback and changes in functionality of the applications.
- Handling/Documenting IM tickets related to SSO, providing information to problem management to solve RCA(root Cause Analysis)
- Worked on Token Generator and Token Processor to establish a connection between two web services from different Enterprises.
- Integrated Ping Access with PingFederate System to get authenticated by PingFederate and Authorized by Ping Access Servers using the Access Control Lists.
- Experience in deploying SAML based highly available solutions using PingFederate and other security products, can create and process the SAML to get tokens which can be processed by other Web Access Management Products.
- Experience in collaborating with teams to determine systems requirements and functionalities needed in new or legacy LDAP.
- Working as a part of SSO team, Protecting Web applications with Standard/Custom Authentication Schemes and educating the application team about the flow of SSO.
- Maintained both Test and Production servers for PingFederate along with the cluster management and timely Replications to deploy changes to servers.
- Worked on pingfederate both inbound and outbound calls using SAML 2.0.
- Worked on OAUTH to allow access to Protected API's for OAuth Clients by getting Access Token from Authorization Server using various Grant Types.
- Used OAuth play ground to retrieve access token and refresh token.
- Configured Pingfederate audit logs and created reports as per the business security requirements.
- Extensive experience in Client interaction and support maintenance engagement in Web Authentication and implemented Web Access Management Solutions using Ping.
Confidential, Cerritos, CA
- Involved in CyberArk implementation projects including all components like Vault, PSM, CPM, PVWA, OPM, PSM SSH Proxy (PSMP), Application Identity Management (AIM).
- Involved in CyberArk major upgrades from 8x to 9x versions for domestic and global customers.
- Acting as a L2 support and SPOC for L2 troubleshooting for existing customers.
- Having onsite experience for planning, solution designing and implementation of CyberArk PIM infrastructure.
- Architectural designing of CyberArk 9.0 solution to cover almost all privileged accounts.
- Involved in information gathering and understanding existing system of the organization and creating solution blueprint for solution and creating approach to onboard privileged entities.
- Integration with SIEM tools for security on monitoring e.gNimSoft and QualysGuard.
- Heavily involved in creating all the process and transitioning documents.
- Worked extensively in implementation and deployment of On demand privilege manager (OPM), PSMP for UNIX servers and AIM for database servers.
- Wrote new enterprise control standards and policies for SSH keys.
- Wrote/Maintained utilities to 1exchange encryption keys between storage systems (LDAP, SSH).
- Creating BYOC to support existing IT framework.
- Involved in writing test cases and conditions.
- Troubleshooting the technical issues in the project during implementation.
- Customizations Cyber-Ark for supporting out of box application e.g. HP ILO, DRAC.
- Communicated to clients and partner's aspects of both the product and the implementation at the technical and functional levels appropriate for the situation.
Environment: Cyber Ark 9.0 PIM, OPM, LDAP Directory Server, Private Ark Client.
Network and System Administrator
- Installing and configuring Netegrity Web Agents and policy servers
- Creating and Deleting the user Accounts, resetting passwords and lock/unlock the accounts.
- Handling of entire System Administration and Desktop issues.
- Installing User Requirement software's, Antivirus, Setting up new employees.
- Install/ uninstall various applications like Antivirus, Adobe products, Operating Systems and upgrading equipment when necessary.
- Analyzing system logs and identifying potential issues with computer systems.
- Applying operating system updates, patches, and configuration changes.
- Designing backup strategy & ensuring scheduled backups as per the backup plan.
- Managing remote servers.
- Troubleshooting Technical Issues related to storage, Network Storage, data recovery, tape libraries, Servers and Operating Systems.
- Performance monitoring using NAGIOS.
- Taking database backup using shell scripts and CRON jobs
- Creating databases and granting privileges for users
- Deleting bounced e-mails from the database using shell scripts
Environment: NAGIOS, CRON, Shell Scripts, Network Storage.