PROFESSIONAL SUMMARY:

• Over 7+ years of IT Experience in the field of in IBM TDS and SDS versions (6.1, 6.3 and 6.4), SDS8.0.1 in VA and IBM DB2 UDB Development V8.2, V9.1, V9.5, V9.7, V10.1 and V10.5 on Windows, AIX, LINUX, Z/Linux and SOLARIS, ISAM9, Q - Radar and Ansible.
• Installation of SDS 6.4 for new servers along with DB2 10.5 also Install and Configure IBM Tivoli Directory Server (TDS) V6.x.
• Experience in implementation of CA Identity Manager Solution from scratch.
• Experienced in developing Web Services with Python programming language
• Strong experience in Enterprise Security Domain. In-depth knowledge of LDAP and Identity & Access management products.
• Expertise in Active Directory design & support (GPO s, AD Schema, OUs, LDAP, Sites, Replication).
• Installation of SDS 6.4 for new servers along with DB2 10.5 also Install and Configure IBM Tivoli Directory Server (TDS) V6. x.
• Installing and configuring the Security Directory Suite 8.0.1.5 in VA with external DB2 databaseV10.5.FP9.
• Successfully implemented Web Access Management Solutions using Ping Access 4 and other security products like CA Single Sign-On (CA Site Minder).
• Hands on experience on Ping Federate, Oracle IDM, CA Single Sign-ON, CA Advance Authentication, CA Secure Proxy Server, Ping Access, and Ping Cloud.
• Migrated Web Authentication solutions from CA Single Sign-On (Site Minder) to Ping Access 4.
• Experience in SAML based authentication 1.1 and 2.0 using Ping Federation, Site Minder Federation and integrate with Site Minder authentication and another adapter.
• Experience in deploying SAML based highly available solutions using Ping Federate and other security products.
• Configure TDS Proxy Server and TDS High Availability.
• Hands on experience on DPF in single and multi-environment.
• Hands on experience on SAP-DB2 environment (Installations, Configurations, Patches, Upgrades etc).
• Hands on experience on Installation and upgrade of SAP DB2 from DB2 V9.1 to V10.1.4.
• Provide Production/Application support in DB2 UDB and Oracle RDBMS technologies.
• Knowledge on IBM Tivoli Directory Integrator.
• Successfully upgraded Ping Federation Services from 6 to 7 and 7 to 8.
• Implemented OAuth and OpenID for mobile and non-browser solutions using Ping Federate.
• Worked on all the Ping Federate OAUTH grant types to get the access token in order to access the protected API.
• Hands on Experience working on multiple Ping Federate adapters like http adapter, token adapter, and composite adapters.
• Define, Design and Deploy appropriate TDS Schema and In-depth understanding of Bind and Search requests within TDS and Performance tuning of TDS and DB2.
• Reasonable exposure towards schema extension, additional attributes mapping, etc.
• Experience on IBM TDS (Tivoli Directory Server) i.e. Installation and configuration, Object creation, mapping, High availability, Performance tuning, troubleshooting etc.
• Extensively worked to fine tune Sun One Directory server (LDAP). Implemented multi master replication.
• Experience in implementation of Security Management tools in enterprise wide Applications to achieve Authentication, Authorization and Accountability.
• Expertise in analyzing the logs and Troubleshooting issues in Integration of other applications using CA SiteMinder (Access Management) and Identity Management tools along with LDAP and Web-server agents.
• Experience in Administrating Sun One directory server and expertise in upgrading Sun One Directory Server version 5.2 to 6.0 and 6.0 to 6.3 in production environment.
• Hands on Experience in integrating WebLogic Portal Application Server driven Portal with CA SiteMinder.
• Experience in setting up SSO environments. Integrated SSO products such as Netegrity SiteMinder and Sun One LDAP with existing enterprise applications and middleware applications.
• Expertise with IIS, IHS, Apache, Sun One Web servers in Identity and access management environment.
• Excellent knowledge about the functionality of the SiteMinder components and Identity manager components.
• Expertise in configuring and troubleshooting Web servers like Apache 2.0/2.2, IHS 6.1/7.0, IIS v6.0/7.5, iPlanet 6.0, Lotus Domino 8.0.

TECHNICAL SKILLS:

IAM Products: PingFederate6.0/7.0/8.0, Site minder Policy Server R12.5, 12.6, Site minder Web Agents, CA Federation, OAM, CA Directory Sun One Directory Server, CA Identity Management, CA Governance Minder, Oracle Directory Server 11g, IBM TDS (LDAP) 6.1 &IBM SDS 6.4, 8.0.1.

Webservers: IHS 6.1/7.0, Sun One 5.1/6.1, IIS 5.0/6.0/7.5, Apache 2.x, Lotus Domino 8.0.

Operating Systems: UNIX, Linux, Solaris, Z/Linux, Windows, HP-Unix.

Application Server: IBM WebSphere Portal 6.0/6.1, WebSphere 4.x/5.x/6.x/7.0, Tomcat 4.x/5.x, Oracle WebLogic Server 8.0/10.3, IBM Security Access Manager Web 7/8 Appliance (ISAM)

Languages: C, C#, SQL, Java

Software: Shell Script, Powershell, IBM Tivoli TSM, HADR, DB2 Utilities, DPF, Replication.

PROFESSIONAL EXPERIENCE:

Confidential, St. Louis, MO

Sr. IAM Engineer

Responsibilities:

• Installation of SDS 6.4FP14 for new servers along with DB2 10.5FP8 also Install and Configure IBM Tivoli Directory Server (TDS) V6. x.
• Install and configuration of Unbound ID Directory Server applications (Data Store, Data Proxy, and Data Sync).
• Migration Experience ITIM 5.1 to ISIM v6.0, TAM 6.1 to ISAM 8.
• Migrated SAML Based SSO partners from CA Single Sign-On federation to Ping Federate 7.
• Hands on CA Site Minder Primary Security Operations.
• Used Ping API to deploy and create SAML changes.
• Implemented open ID and OAuth solutions using Ping Federate.
• Experience on idsimigr tool.
• Setup Windows Failover cluster for Exchange Environment and supported on critical issues.
• Advanced knowledge of Microsoft Azure Active Directory operations and Active Directory Federated Services (ADFS).
• Experience on idsdb2idif and idif2db utilities.
• Experience on data load by using idsbulkload utility.
• Experience on configure the local db2 database and SDS instance configure to talk with remote DB2 database.
• Installing WebSeal and configuring the instances
• Involved LDAP servers build end-to-end process.
• Investigate and resolve performance or operational issues that include LDAP authentication, searches, replication, authorization, etc.
• Support SSO solution using ADFS and Azure Sync (POC for QA domains)
• Developed U Drive Creation Automation to create home directory for end users on Storage environment DataONTAP operating system via ISIM interface, when new associates or vendors are joining.
• Design and implemented the load balancer concept in LDAP environment.
• Implemented new schema and modifying the existing schemas as per the requirement.
• Implemented replication agreements between the servers for Active-Active methodology.
• Implemented the auto scripts for the regular work like user search, Group search, User delete etc.
• Created User Controls and simple animations using Java Script.
• Support OS Patching work between the datacenters.
• Setting up HADR with multiple auxiliary standby databases and maintain the automatic as well as manual switchover/failover.
• Perform capacity management; including forecasting for space, memory, processors, and backup media. Proactively manage space needs of databases, including objects, logs, and free space.
• Ability to review LDIF logs via grep and standard Unix tools to research issues.
• Solid understanding of Database technology - DB2 UDB Distributed databases including DPF.
• Experience to search ids using idsldapsearch on regular basis and delete ID’s by using idsldapdelete.
• Excellent hands on managing forest, multi-tree, Active Directory Domain Infrastructure and Naming Services and AD Forest consolidation.
• Analyze existing applications to see how they utilize the existing LDAP directory service and work with teams to improve their queries and overall usage of LDAP.
• Created Custom Adapter Replacing Site Minder 3.0 Ping Federate Identity Provider adapter.
• Expertise in open source and commercial SAML Identity Provider and Service Provider implementations (Shibboleth, Simple SAML php and ADFS)
• Resolve complicated IDM issues and health checks for IDM system.
• Utilized IAM protocols such as SAML, Oauth, OpenID
• Support enterprise data backup (VTL) Backup Exec, Net Backup, and HP Open view, HP data protector.
• Design and implement Identity Manager 3.6 with different drivers (AD, Notes, LDAP, Exchange, SOAP, JDBC, Active Directory, directory)
• Performed Proof of concept for Open AM, Ping Access 3 and CA Single Sign-On R12.52.
• Supported development with integration of Mobile Apps using OAuth/SAML in Ping federate
• Developed custom Ping Agent using Ping SDK and Implemented SAML Protection with Digital Signature.
• Designed, deployed and supported highly available and scalable Ping federate infrastructure in AWS and On-premise that provides single-sign-on (SSO) and federation solutions for internal accesses.
• Created SP /IdP connections using Ping Federate with external partners.
• Developed shell scripts for backing up current setup and upgrading between different Ping federate versions.
• Troubleshoot more difficult or complex production slowdowns or bottlenecks and determine if OS environment or network is causing problem.
• Deployed several Ping federate integration kits for Apache, Atlassian, Java, PHP, Symantec VIP, Agentless, IWA etc., to establish the “first- and last-mile” implementation of a federated-identity.
• Create new schemas or changing existing structures as per requirement.
• Configure TDS Proxy Server and TDS High Availability.
• Performing and troubleshooting database backup, recovery, capacity, and security plans.
• Administering, maintaining, and implementing changes to existing databases to meet customer requirements.
• Helped Ansible team to create roles for ISAM9 deployments
• Upgraded ISAM9.0 to ISAM9.0.3.
• Installation, upgrade, maintenance, troubleshoot of ISAM9.0.X
• Configured Federations and partners for SSO between applications
• Created reverse proxy instances, ACL, Objects, DynURL
• Apply Fixpaks as per customer requirement.
• Need to review the performance of the systems in monthly basis and send report to end Clients.
• Define, Design and Deploy appropriate TDS Schema and In-depth understanding of Bind and Search requests within TDS and Performance tuning of TDS and DB2.
• Responsible for ID delete request by using idsldapdelete.
• Responsible for schema changes.
• Debugging WebSeal using pdweb, debug and request.log files
• Responsible for adding new attributes to DN.
• Experience on IBM TDS (Tivoli Directory Server) i.e. Installation and configuration, Object creation, mapping, High availability, Performance tuning, Troubleshooting etc.
• Database backups and restore related activities.

Environment: Ping Federate 8.3, 7.1 SAML 2.0, Exchange, OAuth2.0, AD, DB2 v9.7, V10.1 & V10.5, UNIX, IBM TDS (6.1 and 6.4), IBM SDS 6.4, IBM TDI, ISAM9, ISIM 6.0, CA Identity Management, CA Governance Minder SQL Server, Ansible, Powershell, Azure Active Directory, IBM Remedy, SQL. PL/Sql, JAVA, TSM, RLinux, WINDOWS 10/7, Replication, Nagios, Q-Radar.

Confidential, Maryland

IAM Engineer

Responsibilities:

• Successfully upgraded Ping Federation Services from 6 to 7.
• Implemented Ping Federate solution with Services like AWS, Service-Now, Salesforce, Oracle Fusion.
• Updated Active Directory Schema from Windows server R2 in Production Environment.
• Understanding the Existing System and converting the same Functionality in ISIM.
• Integrated Siteminder with Ping federate using Core blox token translator to bridge the SSO gap between applications protected on either system.
• Involved in Requirements gathering, development if required, integrating and testing for enabling SSO for the application.
• Integrated internal Applications, SAAS based applications using SAML 2.0, SAML 1.1, WSFED and OAuth 2.0.
• Provided solutions for complex application using Site Minder and Ping Federate.
• Manages 350+ federation partnerships via Ping Federate on a day to day basis, which involves provision users to cloud applications using Ping 3rd party plugins.
• Upgraded SiteMinder from r6.X to 12.X and CA IdentityMinder from 8.1 to r12.
• Configured CA Identity manager for user management and application access according to role-based entitlements.
• Provided trouble-shooting and configuration of WebSeal and all components with-in the TAM/Identity Management space.
• Created ACL, POPs, proxy server and WebSeal junctions.
• Experience in installing, configuring SiteMinder policy server, Web agents for IBM Http Server and WebSphere TAI agents.
• Worked on ERP /WebAS agent integration with SAP ITS and Web application server.
• Implement Federation SAML 1.x/2.0 services to SSO into third party vendors like Cornerstone, Empire Blue.
• Installation of SSL s on Apache, IIS, WebLogic & WebSphere servers.
• Worked closely with Security architect on planning, design, and strategic implementation of ISAM 8 Migration.
• Cleaned up Active Directory user objects with inconsistencies that prevented them from synchronizing through DirSync to Office 365.
• Worked on proofs of concept to integrate CA SiteMinder with various other Identity Management software.
• ISIM 6.0 environment maintenance activities, stopping and starting the components such as ISIM console, DB2, TDI and TDS.
• Worked extensively on creating Custom Authentication schemes as per the requirement.
• Expertise in Configuring CA SiteMinder policy server, creating agents, ACOs, Domains, Rules, Responses and Policies, Policy Server maintenance, SSO call clearance, WebAgent Application server agent installations, troubleshooting in all the environments.
• Participated in Ping 6 to Ping 7 upgrade.
• Implemented Federation Solution using SAML 2.0 Ping Federate 6.
• Attended business meeting to understand the SAML requirements and created the connections.
• Created Idp Adapter and SP Adapters and Data Stores.
• Integrated SiteMinder to Lotus Domino web server for Advisory application.
• Hands on experience with configuring LDAP initiated and SP initiated SAML profiles with different bindings like POST, Artifact, and Redirect as per the custom business and security requirements.
• Creating OpenSSL s and using the same for Federation of external Services to achieve the purpose of maintaining confidentiality, message integrity and bilateral Authentication.
• Worked as an Infrastructure Lead for my TaxLink/TaxBridge Application.
• Integrated SiteMinder into various IFS/TAX based applications which require Single Sign On.
• Involved in giving sessions to offshore team.

Environment: Ping Federate 7.1 SAML 2.0, SAML1.1, ISIM 6.0, J2EE, JDBC, XML, SAML, CA SiteMinder 5.X/6.X/12, R14, SP1, Powershell, Exchange, Sun ONE Directory Server 5.X/6.X, Azure Active Directory, Apache 2.x, Solaris 8/9/10, Windows 2000/2003/2008 , Windows10,7. WAS 6.1/7.0, IIS6.0/7.5, Lotus Domino 8.0, ISAM 8

Confidential, Atlanta

IAM and LDAP Admin

Responsibilities:

• Installed, Configured and Managed NetegritySiteMinder 6.0
• Migration of policy server from SiteMinder 5.5 to 6.0 for Load balancing, and failover configuration of the Policy store.
• Configured CA Identity Manager workflow for user provisioning
• Worked on CA Identity Manager Performance to optimize roles, tasks and identity policies.
• Configured CA Identity manager for user management and application access according to role-based entitlements.
• Upgraded CA SiteMinder 6.x to 12.x.
• Involved in the integration of CA SiteMinder with CA IDM for advanced authentication, directory mapping and password policies.
• Experience in trouble-shooting the issues by analyzing the trace and TAI logs.
• Configured IBM HTTP Web server, SiteMinder to work with WAS.
• Worked on OneView Monitor statistics, error corrections for possible problems, reviewed SNMP events for possible problems and worked on the status of SiteMinder P1 tickets.
• Worked on CA SiteMinder Platform Support Matrix for changes.
• Assist in upgrade TAMv6.1 to ISAMv8. Installation and configuration of ISAMv8.2 Web Gateway Appliance and components in Dev environment.
• Worked on SiteMinder architecture and taken care of changes that are needed based on capacity planning
• Created, Configured and Administered Profiles, Clusters, Nodes and Node Groups for WebSphere Application Server.
• Used One View Monitor in SiteMinder for identifying performance bottlenecks.
• Monitored heartbeats and refresh rates for various components of SiteMinder.
• Experience in creating and maintaining security policies for SiteMinder.
• Configured Node manager for administration of Managed servers.
• Responsible for deploying enterprise applications from Admin console and enabling security using LTPA and LDAP for admin console and application components on AIX.
• Configured SSL for WebSphere Application Server for security reasons.
• Experienced in assisting Web Administrators, LDAP Administrators to determine what the best values for SiteMinder parameters and tune the system to boost SiteMinder performance in the Web Tier, the Application Tier, and the Data Tier.
• Provided and group presentations on SiteMinder security planning to all employees, using Microsoft Visio and PowerPoint.
• Experience in implementing failover and load balancing schemes between Web Agents and Policy Servers and also between Policy Servers and LDAP.
• Implemented clustering and worked on analyzing the scalability of applications with the help of tools like IBM Tivoli Site Analyzer.
• Used ANT script to automate loading Users and User Groups into Active Directory (LDAP), and XML based EAR/ WAR deployment.
• Responsible for deploying enterprise applications from Admin console and enabling security using LTPA, LDAP for admin console and application components on Windows.
• Updated Latest Fix-pack 6.1.0.13 for AIX.
• Assembled and deployed the application in production, staging for following change management practices.
• Regularly attended meetings on behalf of Middleware Team co-ordinate with different teams for task .

Environment: NetegritySiteMinder 5.x/6.x, CA Identity Manager 8.1, Azure Active Directory, Web agents 5.x/6x, WebSphere 5.x/ 6.x, Apache 2.x, Powershell, IIS 5.0/6.0, Sun ONE Directory Server 5.2/6.1, SAML, XML, LDAP, Exchange, Solaris.

Confidential, FL

SiteMinder Admin

Responsibilities:

• Installed, Configured and administered SiteMinder and Sun One Directory Server, upgrade of TAM v6.0 to ISAM v7.0.
• Installation, Configuration and Administration of IBM WebSphere Application Server 5.1 on UNIX platform, Linux.
• Used SiteMinder for authenticating the user passwords for the web application.
• Worked with SiteMinder administration for user directories, agents, logs and cache management, agent configuration objects.
• Worked on planning, architecture, design and strategic implementation of ISAM to TDS. Installation and configuration f ISAM v7.0 Web Gateway Appliance.
• Worked on Load balancing the SiteMinder for high performance.
• Involved in the Upgradation of SiteMinder Policy Servers from version 5.5 to 6.0 and SiteMinderWeb Agents from version 5.5 to 6.x.
• Performed user provisioning in Identity Provider (IdP) site Service Provider (SP) site using SAML for SSO.
• Installed and configured the LDAP Sun ONE Directory Server. Configured the multi master replication in Sun ONE Directory server.
• Creating OpenSSL s and using the same for Federation of external Services to achieve the purpose of maintaining confidentiality, message integrity and bilateral Authentication.
• Develop and execute IDM related test plans. Deliver components to testing and production using the Version Control tool.
• Mentor development and support teams involved in problem identification and solving.
• Analyzed log files to solve problems using debugging tools like Log Analyzer, First Failure Data Capture Tool and Collector Tool.
• Worked on Fine tuning of Web agent and policy servers for optimized performance.
• Implemented password policies for all the applications using SiteMinder.
• Configured custom alerts and e-mail notifications based on the business needs.
• Experience with using Integration Kits and Token Translators for integrating identity enabled web services into SSO environment.

Environment: NetegritySiteMinder 5.5/6.0, Sun ONE Directory Server (5.1, 5.2), ISAM v7.0, IBM WebSphere Application Server 5.x/6.x, Powershell, Web agents 5.x/6x., XML, Oracle 9i, BEA WebLogic 9.2/8.1, iPlanet 6.0.

Confidential

SiteMinder Engineer

Responsibilities:

• Installed, Configured and Maintained SiteMinder Web agents.
• Used SiteMinder Policy Server which provides policy management, authentication, authorization, and accounting.
• Worked on Various authentication schemes like Secure ID, SSL, NTLM, Custom based authentication.
• Worked on Directory integration involving LDAP, ODBC, Active Directory, WinNT and Custom directories
• Used SiteMinder which provides several caches that can be configured to maintain copies of recently accessed data to improve system performance.
• Used SiteMinder to ensure user ability to access information quickly and securely.
• Web Agents store contextual information about user access privileges in session cache. Worked on Optimizing performance by modifying the cache settings.
• Enabled single sign-on across Web servers in a single cookie domain or across multiple cookie domains without requiring users to re-authenticate.
• Worked with Agent Resource Cache which stores a record of accessed resources, Agent User Cache which maintains users encrypted session tickets.
• Upgrade the Web Agents from v 4.5.1 to v 5.x in all the Environments
• Configuring single sign on with single and multiple cookie domains
• Installed patches on policy servers
• Customizing the LDAP schema for the client needs
• Worked on creation of security policies for SiteMinder.
• Comprehensive knowledge of logical data modeling and performance tuning.
• Solid background in Object-Oriented analysis and design.
• Very good Confidential various Design Patterns, UML and Enterprise Application Integration.
• Problem determination using local error logs and by running user traces and service traces.

Environment: NetegritySiteMinder 4.5.1/5.5, IBM WebSphere Application Server 5.x, Web agents 4.X/5.X, IIS 5.0/6.0, Apache 2.0, IBM Http WebSphere, iPlanet directory server 5.1, Solaris 9, LDAP