- Around 8 Years of Identity Management and Web Security Administration on CA Identity minder, CA Site Minder, Active LDAP Directory Server, Web Logic, Web Sphere application server, Portal Server , Active directory application Mode(ADAM), Integrated windows authentication, authentication flow manager &AuthMinder/Risk minder.
- Extensive experience in implementing Single Sign On(SSO) solutions using Ping Federate and CA Siteminder and Sun One/Oracle Directory servers.
- Strong experience in complete life cycle of Web Sphere 8.x/7.x/6.x Administration like Installation, Configuration, Deployment, Scripting, Migration, and Troubleshooting on Solaris 10/9/8, Linux 8/7/6/5, Window 2000 Advanced Server, Windows 2008 Server Environments.
- Expertise in installation, configuration, maintenance and troubleshooting of CA IDM server, LDAP directory Server, Sun Identity Manager, WebSphere, IBM HTTP, Apache, Tomcat,iPlanet , IIS Web Servers and Active directory .
- Experience in Analysis, Design, Securing and Support of Multi - Tier Web Applications using J2EE, Server-side Technologies using XML, Java Server Pages (JSP), WebSphere 5.X/6x/7.0, WebLogic Server …
- Expertise in migration for active directory using Quest Migration Manager tool.
- Expertise in implementing SAML as both Identity Provider and Service Provider across multiple platforms Using Site Minder and Ping Federate.
- Good experience in analyzing Site Minder logs, IDM application server logs, provisioning server logs to troubleshoot various authentication/endpoint related issues
- Implemented OAuth to access the protected API with Access Token by using Different OAuth Grant types.
- Configured multi factor Authentication for internal applications using PingID.G
- Experience using PING Identity Solutions for performing the federation aspects in large enterprise networks.
- Highly experienced in SAML2.0 POST federation using Ping Federate … and CA Siteminder 6.x, R 12.x and R12.5x and setting up both IDP's (Identity Provider) and SP's (Service Provider).
- Experience with using Secure Proxy Servers and Reverse proxy servers.
- Troubleshooting issues related to SSO, authentication and authorization, as well as troubleshooting LDAP issues
- Worked in successful implementation of Single Sign On and Federation Solutions on Prod, QA and Dev environments.
- Worked on different integration options like, ex: IDP initiated SSO, SP Initiated SSO, Artifact and POST profile using integration adapters to integrate applications like Sales force, AD connect, concur, SharePoint and Adobe using OKTA .
- Worked on Single Sign On (SSO) to implement security polices and handle LDAP, Site - minder and Webserver on Solaris environment. Also in has scope for maintenance of RSA Secure ID.
- Worked on NetIQ Access Gateway to send all the traffic through a common proxy server and redirect to Resource Server
- Experience installing and configuring different J2EE Application Servers like Web Sphere, JBoss, Tomcat and Web Logic.
- Experience in installing and configuring Oracle DSEE 11g .
- Experience working with Active Directory using LDAP protocol and good understanding of the LDAP concepts.
- Demonstrated POCs for API security like integration with Open AM, Siteminder, OAuth 2.0, JWT token and certificate authentication
- Implemented Logging and Auditing system for Site minder to track and identify user activity as well as acquire intrusion reports of unauthorized attempts at access.
- Hands on experience in designing, deployment, disaster recovery, fine tuning, replication and maintenance of Oracle/SunOne Directory Servers on Solaris and Windows platforms.
- Expert in maintaining, troubleshooting issues in production environment.
- Good in prioritization, multi-tasking and project planning skills. Expert in documentation and management of standard operating procedures.
Confidential, Lincolnshire, IL
CA Identity Manager
- Extensive knowledge in security domain including Access Manager, Identity management and federation.
- Installed, configured and administered CA IDM, CA SiteMinder Policy Server, Web agents, CADirectory and Oracle Directory Server (LDAP) on various platforms for a clustered and HA environment on WebSphere 8.5, JBOSS and various Platform
- Design, Implementation, Configuration and Administration of CA SiteMinder , Ping Federate , CA Wily and LDAP in both Non-PROD and PROD .
- The project EUA Modernization did the migration from SailPoint and implemented a solution using CA Suit to feature SSO, Self-Services like registration, password resets System Access Certification, request for access etc.
- Monitoring design and implementation phases of projects and custom component development.
- Define access definitions, rules, validations on the data of the services.
- Managing client expectations by ensuring the delivery of the highest quality service.
- Installing, configuring CA Directory Server for 12.5 for policy store and key store.
- Worked on Installing CA AuthMinder, CA Risk minder , CA wily and working on issues regarding it .
- Developing, Configuration, Troubleshooting and Management, Enterprise Applications for CA IDM, CA and CA e-trust Directory server . Integrated IDM with CA SSO, Providing Authentication and Authorization to IDM.
- Built various custom tasks in IDM API for administrators to facilitate ease of access and troubleshooting tickets
- Implemented cloud based Okta IAM and single sign-on technologies
- Configured and supported SAML based Identity & Service Provider connections.
- Integration of third party applications with various Single Sign On matrix like Open Token, Agentless and SAML based services
- Created both WS-Fed and SAML 2.0 protocol Service Providers endpoints using Ping Federate
- Installation and configuration of Ping Access Policy Servers, Ping Access Agents, CA SiteMinder Policy Servers, CA SiteMinder Web Agents and configured custom configuration like Authentication schemas for CA SiteMinder Policy Server for Authentication and Authorization
- Integrated multiple external vendor applications to ADFS 2.0 in order to enable seamless SSO capabilities.
- Use PowerShell and other Scripting languages, to create adhoc or scheduled custom reporting out of AD, LDAP, Exchange, O365, Azure, HRMS, ITMS, Databases, File Systems, and other sources of data
- Used all the CA tools CA SSO , CA Access Gateway (SPS), CA Advanced Auth (Strong Auth and Risk Auth), CA IDM, CA Directory , and CA API gateway and Mobile API gateway.
- Good knowledge in Active Directory and Involved in AD integration and adding user to with their privileges. Identified and tested vulnerabilities and conducted research in the areas of information system and network security.
- Experience in Installing and Configuring CA AuthMinder 7.1.
- Worked on Creating AFM profiles for Siteminder and Cisco VPN integration.
- Experience in troubleshooting Arcot State Manager, UDS, SHIM.
- Developed Custom java to fetch custom Tasks in IIQ.
- Assigned two factor authentications via ArcotID Q&A, OTP and OTT .
- Understanding business needs of clients and suggesting products required for the needs.
- Developed scripts to migrate the domains, Agents from one environment to another.
- Extensive understanding on step up authentication (RSA).
- Siteminder integration with Federation (SAML 2), Ping Federate .
- Experience in setting up the environments in RHEL LINUX , Windows and Unix.
- Proficient in customization of TIM components using Java Script and JAVA.
- Good in prioritization, multi-tasking and project planning skills. Expert in documentation and management of standard operating procedures.
- Good exposure to wide range of technical issues, problem analysis and resolution focus adherence to organizational Incident, Problem and change Management practices.
Environment: Windows Server 2003/2008, Unix, Java , SiteMinder R6 SP1/SP5/SP6, R12 SP2/SP3, Ping Federate 6, CA IDM 12.6.4, CA IDM 12.6.5,CA Directory 11, Oracle Directory Service 11g , Splunk, CA Wily Enterprise Monitor, WebLogic 8/10, JBoss 5, Apache 2.x, IIS 6.
Confidential, Detroit, MI
CA IDM/ Ping Federate Consultant
- Working on federation single sign on between third party vendors making both inbound and outbound calls security exchanging the attributes in SAML both as identity and service provider.
- Created SP/IDP connections using Ping Federate with external partners via metadta.xml files and Manual connections.
- Responsible for working with application teams in gathering the requirements for new applications setup and then installing and configuring the web agent in CA IDM along with the configuration on the Policy Server.
- Migrated SAML Based SSO partners from Ping Federate 7.1 to Ping Federate 7.3.
- Developed custom Ping Agent using Ping SDK and Implemented SAML Protection with Digital Signature.
- Upgrading between different Ping Federate versions 7.1 to 7.3 and 7.3 to 8.0 .
- Ping Federate Performance tuning for supporting support heavy traffic.
- Implemented OpenID and OAuth solutions using Ping Federate.
- Installed and configured of Access Management Web Agents with IIS6/7 and Apache v2 web servers.
- Migrated SAML and OAuth connections from NetIQ Access Manger to Ping Federate in staging Environment.
- Exporting Metadata, creating Adapters, Service Provider connections, Identity Provider connections, replicating configuration archive, importing and exporting SSL certificates using Ping Federate
- Created and configured connections to Directory server and web agents by creating host and agent configuration objects with respect to IIS and Apache web server requirements.
- Involved in creating component wise Low-level designs to solve the MFA , SSO, new user registration, user self-services, mobile security use-cases.
- Upgraded Siteminder Policy Server 6 to R12 SP3 in parallel mode.
- Worked on POC for Policy Server upgrade from R12.0sp3 to R12.51sp1 .
- Worked on Access Management for providing Authentication, Authorization, Scalability and Accountability for the Applications.
- Created security permissions by creating rules realms and policies with in multiple policy servers for protecting resources stored on web servers. Created activity and intrusion reports for policy server by monitoring Authentication logs.
- Created the front-end replication servers based up on the client's request for the Load Balancing.
- Configured Siteminder Policy Server with key and policy stores stored within a Sun One directory server
- Installed and configured Sun One Directory Server v6.3
- Applied all required or missing patches to run directory server properly
- Reconfigured and tuned new instances of Sun One Directory Server 6.3 with backup files.
- Good experience in setting up Bulk Load Clients and automating different IDM tasks.
- Configuring Remote Machine (Desktop) login through Azure directory.
- Configuring SSO via Okta to login into Azure Directory and AWS as an application.
- Design the architecture for different integration options, ex: I dP initiated SSO, SP Initiated SSO, Artifact and POST profile, Open SAML API, using integration adapters to integrate applications like Salesforce, concur, sharepoint and Adobe with OKTA.
- Remote Procedure Call to login in windows Server Configured on Azure Cloud.
- Supported endurance and regression testing in pre-production environment.
- Involved in daily Siteminder updates for Production, UAT and Development environment.
- Actively participated in virtual change's, for Siteminder production environment.
- Upgraded PingFederate from lower Version to higher version both for Console and Engine server (From 6.4 to 7.3 and 7.3 to 8.0)
- Experience in User Directory Administration and System Administration.
- Experience in debugging of authentication / authorization related issues and creating Rules, Responses, Realms and Policies.
- Integrated Ping Access with PingFederate System to get authenticated by PingFederate and Authorized by Ping Access Servers using the Access Control Lists.
- Experience in Ping Federation using SAML and integrated with SiteMinder authentication.
Confidential, Minneapolis, MN
CA IDM/ Site Minder Consultant
- Involved in design and upgrading Siteminder Policy Servers from R12.0 to R12.52 .
- Upgradation of WebAgent on Apache and IIS Web Servers.
- Supported Siteminder 24x7 with on-call rotation. Performed deployments, upgrades and changes during off-business hours and weekends.
- Worked with the Application development teams to resolve CA Siteminder Agent issues during upgrade process on Microsoft IIS, Apache, WebLogic and WebSphere servers.
- Responsible for Sun ONE directory server administration, directory maintenance and replication of the directory server and consistently improved LDAP performance, and high availability.
- Installation of IDM components like OID, OVD FMWC, DIP.
- Developed and deployed JDBC and JNDI custom connectors using Connector Xpress as per the requirements for LDAP endpoint and used role definition generators to deploy to IDM
- Involved with the Access Control Management team managing the Single Sign-On environment in a mixed environment comprising of Windows, Solaris and Linux environments using SiteMinder r12/12.52 with Sun One and Active Directory for policy and user stores .
- Experience in integrating applications with CA IDM . UI customization experience on IDM.
- Ability to troubleshoot existing IDM deployments.
- Installed and configured CA Siteminder Federatoin User Authentication Services using SAML 2.0 Post and creating the policies for Identity Provider and Service Provider in Siteminder Policy Server.
- Determine the root cause, implement solutions, and apply patches to resolve authentication, authorization, and performance issues, as well as provide feedback to CA Siteminder product bugs.
- Experienced in installing, configuring SiteMinder policy server Web agents, ASA agents, Domino Agents, Active Directory server (LDAP) and various Web & Application servers.
- Monitored authentication, authorization and accounting to support failover and load balancing between policy servers.
- Created documentation for Change Requests, Service Requests, and upgrading processes for support purposes.
- Perform Integration and hands on experience with multiple applications using Java such as AD, Workday, Exchange, RDBMS, Flat File LDAP
- Analyzed the existing configuration and provided the road map to integrate the CA Siteminder with several web applications.
- Supported Operating System and Web Servers patching.
- Documented the application SSO on-board process procedure for future reference.
- Creating and maintaining user and group profiles in LDAP DB .
- Trouble shooting and performance tuning of LDAP database servers.
- Monitoring and troubleshooting replication between all servers in LDAP environment.
- Monitoring and troubleshooting feeds to send/Receive data from/to LDAP servers.
- Performed tuning for Siteminder along with LDAP for better Response Time, Low Latency and High Throughput.
LDAP and System Administrator
- Installation of Solaris 8 and 10 on SPARC and lintel versions using console and graphical mode.
- Administrating & Configuring UNIX & Windows servers and ensure all applications are up and running on all Servers.
- Regular monitoring of all hardware resources utilization.
- Monitoring the health of all servers by using SAR (System Activity Report), IOSTAT (Input & Output Statistics) & Windows Performance Monitor.
- Implemented SAMBA on Linux and Solaris.
- Created and managed user accounts and groups.
- Installed and maintained a NFS server for sharing the file systems.
- Installation and configuration of Apache, by compiling apache with required modules and Upgrade apache web servers and migrate configuration.
- Integrate apache with websphere plug-in and perform testing to make sure web server and app server communicate.
- Develop Service Now integration rule to add custom attributes to the plan.
- Use of Remedy in working incidents, service requests and change management
- Performed iPlanet LDAP and Sun ONE Directory Server Installation, configuration and defined LDAP Schemas.
- Experienced in Java, JSP, Servlet, FCC, HTML, ODBC, SQL, Oracle .
- Involved in Bug fixing that come up during developing and testing phase.
- Actively involved in day-to-day meetings with application teams for integration of SSO across multiple applications.
- Configure apache with virtual hosts and also Work with networking team and get firewall ports opened for configured virtual hosts.
- Installation of packages and patches using Updatemanager on Solaris for upgradation.
- Installation and configuration of Nagios on Solaris machine.
- Installed Red hat enterprise Linux on the Intel based server.
- Performed jumpstart installation of Solaris 10 to automate the installation on 15 servers.
- Monitored file system utilizations using custom shell scripts, maintained cron tabs and automated weekly backup using custom scripts.
- Maintenance of hardware, software and network installations, in-house technical consulting, training, software development and troubleshooting.
Environment: Solaris, Linux, Apache, LDAP, Windows NT Servers .