SUMMARY:

• Around 6 years of experience in the Information Technology industry and involved in end - to-end implementation of IAM solution using different suites of Identity and Access Management.
• Demonstrated work experience in the analysis, design, installation support and maintenance of enterprise wide security applications using Ping federate 6/7/8 versions, CA Single Sign on (CA SiteMinder), CA Identity Minder, CA Identity Manager, Oracle DSEE (SunOne LDAP), Microsoft Active Directory and other Sun/Netscape/iPlanet/IBM products on Windows, Unix and Linux.
• Expertise in installing Ping Federate Server on Solaris, Red hat Linux, AIX and Windows environments.
• Extensive experience in installation and maintenance of different SiteMinder Web Agents on HTTP Web Servers like IIS, Apache, Sun One Web Servers .
• Successfully completed version upgrades from CA SiteMinder R6 to R12, R12 to R12.5 involved in the Sun One directory server upgrades from version 4.x to 5.1 and 5.1 to 5.2, 5.2 to 11g.
• Handled several federation Projects and enabled single sign on for web applications for both on prem and external vendor hosted apps. Provided the reverse proxy solution using the Ping access. Implemented, and maintained complete Identity & Access Management (IAM), and SSO solutions.
• Hands on experience providing federation solutions using SAML 2.0, Ping federate and CA SiteMinder Federation Service.
• Proficiency in configuration of SiteMinder authentication forms.
• Experience on SAML, OAuth and other security tokens
• Involved in analyzing planning and implementing Single Sign-On(SSO) on multiple Cookie Domain and internet security to Enterprise level web applications using CA SiteMinder integrated with Sun One LDAP Directory, Active Directory.
• Worked on Enterprise Users Single Sign On through browser and through services with third party application hosted in enterprise or cloud using Ping Federate, Ping One.
• Integrated Ping Access with Ping Federate System to get authenticated by Ping Federate and Authorized by Ping Access Servers using the Access Control Lists.
• Experience in integrating SSO products (such as Netegrity SiteMinder and Sun One LDAP, Novel LDAP) with existing middleware applications (WebLogic and JBoss).
• Experience in Ping Federation using SAML and integrated with SiteMinder authentication.
• Experienced in User Provisioning, Self-Registration, and Delegated User Administration.
• Experience on user management like account changes, password management and delete or freeze accounts.
• Good knowledge on writing the Sql queries.
• Experience in SAML based authentication 1.1 and 2.0 using Ping Federation, Site Minder Federation and integrate with Site Minder authentication and another adapter.
• Experience in deploying SAML based highly available solutions using Ping Federate and other security products, can create and process the SAML to get tokens which can be processed by other Web Access Management Products.
• Worked on Ping Federate Clustering with Engine and console servers being part of cluster by maintaining multiple clusters for the high availability.
• Good understanding of Web Technologies like HTTP Protocol, fiddler, SAML Trace, HTML, Web-Form encoding.
• Experience with LDAP Architecture includes DIT and Replication Mapping between replica hub/consumer, Multi-Master/Single-Master in Sun One Directory server.
• Ping Federate Performance tuning for supporting support heavy traffic. Fine-tuned and set up High availability with LDAP and SiteMinder. Tested and implemented back up, recovery.
• Experience in installing and implementing Web Application servers IIS, Apache, iPlanet/Sun/Oracle Web servers, IBM http web server, Apache Tomcat, iPlanet App server, WebLogic, WebSphere.
• Experience with LDAP Architecture includes DIT and Replication Mapping between replica hub/consumer, Multi-Master/Single-Master in Sun One Directory server.
• Ping Federate Performance tuning for supporting support heavy traffic. Fine-tuned and set up High availability with LDAP and SiteMinder. Tested and implemented back up, recovery.

TECHNICAL SKILLS:

Operating systems: Windows 2008/2003/2000/ XP, Windows 98, UNIX, Sun Solaris, Linux, IBMAIX, HP-UX

SSO: SiteMinder Policy Server R12.5/R12/ 6.x/5.x/4.x, Ping Federate 7/8/9, Ping Access 4.0,4.2, Web Agents 4.x type agents, 5QMR6, 5QMR7, 5QMR8, 6QMR4,6QMR5, R12 agents, SAP Agents 5.6/12 and Session Linker r12

Languages: Java, Python, J2EE, Jsp, Servlets, HTML, JavaScript, shell, perl, php, .NET Framework (VB.Net,C#,ASP.Net)

Directory: SunOne 5.x, Iplanets, Netscape Directory server 4.x, MS Active Directory, Oracle Directory Server 11g, IBM-Tivoli Directory Server

Servers: IIS, SunOne Web Server, Apache, Tomcat, SunOne App Server, WebSphere, WebLogic, IBM Http Server, JBoss

Security: Fraud Detection Service by Verisign, Nice Actimize

Databases: MS SQL Server 2000/2005/2008/ R2, PL/SQL, SQL, Oracle 8i/9i/10g

PROFESSIONAL EXPERIENCE:

Confidential

PING ENGINEER

Responsibilities:

• Experience in gathering Business requirements documents, Functional requirements documents.
• Involved in all the stages of software development lifecycle like design, development and implementation and testing.
• Worked on configuring the connections to application in achieving the SSO using Ping Federate and Ping Access in various domains.
• Worked on different protocols like SAML 2.0, WS FED, Oauth and have a good understanding in Access Token Management, Authentication Policies, selectors in Ping Fed.
• Did worked on writing few scripts and updating the Archiving scripts into the Linux servers.
• Used FileZilla Client for transferring the files between servers and local machines.
• Documented everything in the shared OneNote related the daily touch bases and important key points.
• Followed and created Method of procedures (MOPs) standards to save the templates in repository for future reference which explained about whole process of the build in a detail.
• Used different adapters like Kerberos, NTLM, IWA and HTML form based.
• Worked heavily on SAML 2.0 in configuring applications which are hosted internally and Azure Cloud.
• Worked on both internal and external vendor applications and third party.
• Created both IdP and SP initiated connections using Ping Federate
• Worked on Linux and windows environment where the servers are installed.
• Also worked on Mobile connectivity supported applications using the Citrix secure hub.
• Good understanding about the Certificates and the Meta data which are used for exchanging the SAML Standards between the parties like client and customer.
• Used the tools like Splunk for checking the logs and used other tools like SAML Tracer, SAML Decoder, Fiddler for Troubleshooting.

Environment: Ping Federate 8.4, Ping Access 4.2, Coreblox Integration kit 2.3, Splunk, Cyberark, ServiceNow, SAML 2.0, WS-FED, OAuth, Active Directory, ADFS

Confidential

Identity and Access Management Engineer

Responsibilities:

• Involved in Design Approach for IBM Security Identity Manager 6.0
• Installation and configuration of ISIM and ISAM
• Prepare documentation for the whole approach process for ISIM 6.0 and ISAM 8 process document for Administration and development
• Configuration and Administration of ISIM and ISAM.
• Configuration and Administration of ITIM- Importing Profiles, Creating Services, create provisioning; implement id policies, password policies, ACI, reconciliation, Workflows etc.
• The role involves interfacing with the direct clients for testing of multiple endpoint identities
• Created ACL, POPs, proxy server and Web SEAL junctions.
• Configured single sign on solutions for many applications.
• Monitored applications and WAS performance through performance viewer and tuned the systems- caching, queuing, JVM parameters, DB2 connection pooling.
• Technical Requirement Gathering: was responsible for gathering the user provisioning requirement for all the end points of ISIM
• Provided trouble-shooting and configuration of Web SEAL and all components with-in ISAM
• Acts as a resource for primary contact for vendors in Certification renewals.
• Involved with TFIM team to implement federations via SAML, and WS-FED utilizing Federated Identity manager.
• Worked with SAML 1.1, SAML 2.0.
• Understanding of Authentication and Authorization protocols such as Kerberos, Certificate, basic, forms-based and multi-factor Authentication etc.
• Development of TDI Assembly for HR Feed Process and Custom Adaptors.

Environment: IBM Security Identity Manager (ISIM V6), IBM Security Access manager (ISAM v8), Tivoli Federation Identity Manager (TFIM v6.2) IBM WebSphere (v7.0), RAD, Tivoli Directory Server, Active Directory, IBM Tivoli Directory integrator, DB2, Explorer

Confidential, Indiana

IAM/SSO CONSULTANT

Responsibilities:

• Upgrading Ping Federate version both for Console and Engine server from 6.4 to 7.3.
• Creating SP/IDP connections using Ping Federate with external partners via metadata.xml, URL’s files and Manual connections.
• Created chef data bags to secure ID’s, passwords and data to use in docker images and importing secure data into docker using open stack instances.
• Worked on OAuth grant types to call the rest service and get the API access by providing JWT tokens.
• Worked on API Gateway Migration Utility Migrate-Out, migrate-In, manage-Mappings to migrate the entire gateway for automation.
• Working on REST API’s to make call to gateway to make client connection and generate JWT token.
• Configured CA API Portal, CA API management tasks, and Implementation of Rest based security policies, preparing testing strategies, automating maintenance solution, preparing design document and business requirements and implementation of security templates.
• Implemented Ping Federate solution with Services like AWS, Service-Now, Salesforce, and Oracle Fusion.
• Integrated internal Applications, SAAS based applications using SAML 2.0, SAML 1.1, WSFED and OAuth 2.0.
• Designed and implemented ADFS 2012 R2 SSO federation plus filtered Windows Azure AD Sync to enable hybrid Exchange 2013 and other Office 365 services
• Integrated Site Minder to third party internal applications like Clarity, Splunk, Alarm Point, Good integration and Service Now.
• Manages 300+ federation partnerships via Ping Federate on a day to day basis, which involves provision users to cloud applications using Ping 3rd party plugins.
• Configured application agents on People Soft, WebSphere, WebLogic and OBIEE.
• Created Shell Scripts for monitoring and reporting site Minder, SPS, CA Directory, Web agent, and Tomcat services and accordingly perform failovers or Scale services.
• AD domain global consolidation and AD/ADFS/Exchange migrations including Office365 and tenant to tenant migrations, plus SSO with ADFS 2012 R2 for Office 365 and other partners
• Consulted on numerous solution designs regarding migration strategy for AD, Exchange, Office 365, and ADFS
• Engaged in architect design, implementation and roll-out of Tivoli core products and Tivoli Access Manager/Web SEAL/LDAP.
• Installation and Configuration of other IAM components - IBM Directory Server 6.1, Tivoli Access Manager Policy Server, Access Manager Authorization Server, Tivoli Access Manager Web SEAL Server, Web Sphere Application Server (WAS 6.1), IBM UDB DB2.

Environment: Ping Federate 6/7, SAML 1.1/2.0, WS-FED, OAuth2.0, Active Directory, ADFS, Tivoli Access Manager Java, C#, PowerShell, CA Identity Manager, SSH, LDAP, ILM.

Confidential

IAM Consultant

Responsibilities:

• Provided solutions for complex application using SiteMinder and Ping federate.
• Hands on experience on Ping federate, CA Single Sign-ON, CA Advance Authentication, CA Secure Proxy Server, Ping Access, and Ping Cloud.
• Experience in SAML based authentication using Ping Federation, SiteMinder Federation and integrate with Site Minder authentication and adapter.
• Migrated SAML Based SSO partners from CA Single Sign-On federation to Ping Federate.
• Used Ping API to deploy and create SAML changes.
• Setup and maintain distributed IT systems including computational resources, servers, storage and networking.
• Configured both Ping Access Proxy Gateway to decode the JWT tokens and also installed the agent on application server to communicate with ping federate server.
• Configured and supported SAML based Identity & Service Provider connections.
• Written custom active responses to extend the capabilities of SiteMinder and to support the client requirement.
• Designed transitioning strategies around Access Management systems and accordingly performed migration of application policies, risk, rules from SiteMinder.
• Provided Impersonation, SharePoint, HR Services, Sales Force solution using Ping federate and Site Minder.
• Hands on Experience on other Single Sign-On products like CA SiteMinder. Implemented and Designed Access Management Solutions.
• Successfully supported to migrate/Build all the infrastructure to a new environment.
• Upgraded SiteMinder to R6 SP1/SP5/SP6, R12 SP2/SP3.
• Migrated Web Authentication solutions from CA Single Sign-On (Site Minder) to Ping Access.
• Configured application agents on PeopleSoft, WebSphere, WebLogic and OBIEE.
• Worked on internal application like Splunk, Service-now, Wily to customize to our team and management requirements.
• Created scripts to monitor Apps, dashboards, backup LDIF and generated reports.
• Supported production environment without missing any SLA’s and supported TIAA-CREF environment 24 X 7.

Environment: Windows Server 2003/2008, Unix, SiteMinder R6 SP1/SP5/SP6, R12 SP2/SP3, Pingfederate 6, CA Directory 11, Oracle Directory Service 11g, Splunk, CA Wily Enterprise Monitor, WebLogic 8/10, JBoss 5, Apache 2.x, IIS 6.