PROFESSIONAL SUMMARRY:

• Over 8 plus years' experience in IT with a focus on Identity & Access Management covering all areas in governance & risk management, engineering, developing, implementation, deploying, production support and troubleshooting
• Experience in web security administration in CA Identity management, SSO/Siteminder, iPlanet/Sun ONE LDAP Directory Server, Secure Proxy, web sphere application server, Active Directory Server, Active directoryapplication Mode (ADAM), WebLogic, integrated windows authentication, authentication flow manager & AuthMinder/Riskminder.
• Expertise in migration for active directory using Quest Migration Manager tool.
• Professional in analyzing logs and troubleshooting of issues in integration of different application using CA Siteminder and IAM tools along with LDAP and web - server agents and Siteminder federation services.
• Configured CA Siteminder System objects like Agents, Agent Conf Objects, Host Conf Objects, User Directories, Domains, Administrators and Schemas.
• Improvised skills in Multi master LDAP configuration and distributed environment and performance fine tuning for high availability and optimized response time.
• Experience with Ping-Federate for providing SSO solutions to multiple web based enterprise applications and OpenAuthentication.
• Involved in configuration of WebSphere Application Server resources like JDBC Data Sources, JDBC Providers and Connection Pooling to connect to the DB2.
• Configured Domain objects like Realms, Rules, Responses and Policies
• Configured User Authentication Stores, Policy Stores and Key Stores on LDAP and maintained replicated environment for load balancing and failover.
• Excellent working knowledge with CA Site Minder while maintaining the security for WebSphere and other Web servers.
• Experience with using IDP initiated and SP initiated SAML profiles with different binding methods like POST, Artifact, and Redirect to deliver a custom SSO environment as per the requirement.
• Worked on Token Generator and Token Processor to establish a connection between two web services from different Enterprises and Ping Access and JWT tokens to authenticate the user using Ping Federation.
• Worked on Unbound User directory to replace the Existing Oracle Directory Server ODSEE.
• Worked on Ping Access Integration with Ping federate to Protect the applications using Ping Access Tokens.
• Worked on cloud federation with SAML using ping one.
• Extensive experience in installing, configuring and administrating MS Active Directory, Internet Informative Services(IIS), Apache Tomcat, SunOne/iPlanet Webserver.
• Experience in debugging of authentication / authorization related issues and creating Rules, Responses, Realms and Policies in SiteMinder.
• Upgraded SiteMinder from R12 to R12.52

PROFESSIONAL EXPERIENCE:

Confidential, Mountain View, CA

IDM/ Siteminder Administrator

Responsibilities:

• Migration of policy server from Siteminder for Load balancing, and failover configuration of the Policy store.
• Configuring User Authentication Stores, Policy Stores and Key Stores on LDAP and maintained replicated environment for load balancing and failover.
• Creating, exchanging and importing certificates for secure communication between SP and IDP
• Create new policies, authentication schemes for integration in policy server.
• Setup jobs for LDAP data sync between both systems
• Migration between windows servers from windows 2003 to windows 2008 R2
• Install and configure CA web agent 12.52 SP1 CR03 on IIS 7.5
• Create new monitoring rules for the new components introduced like session store, WAOP etc.
• Developed multiple Policy Xpress to trigger on various tasks and to generate standard company requirements like generation of unique ID's, passwords, emails, record entries etc.
• Migrated passwords from legacy application to IDM capturing the last password change date.
• Worked on ping federate both inbound and outbound calls using SAML.
• Worked on Ping Access POC to authenticate the users using Ping Federation Session.
• Experienced in trouble-shooting the issues by analyzing the trace and TAI logs.
• Implemented clustering and worked on analyzing the scalability of applications with the help of tools like IBM Tivoli Site Analyzer.
• Configured Open LDAP with UNIX pam, and enabled users to authenticate against LDAP.
• Used Siteminder tools like smobjexport, smobjimport to export and import Policy Stores respectively, smreg to change the Siteminder super user password.
• Creating OpenSSL Certificates and using the same for Federation of external Services to achieve the purpose of maintaining confidentiality, message integrity and bilateral Authentication
• Troubleshooting Siteminder environment using Siteminder policy server log files and agent log files
• Automated Identity Management tasks such as user provisioning and application access based on each user's relationship with role within our organization using CA Identity manager
• Integrated IDM into Active Directory, Multiple Exchange servers, eTrust Directory, and bulk loaded all users from a flat-file dump from their Auth Source.
• Deployment of SSO/SAML/OAUTH/WS-Federate solutions for clients with large customer bases.
• Responsible for working with the Siteminder team to configure ACO and Policy Server settings.
• Involved in ADFS work in providing desktop Single Sign On
• Worked on Secure Proxy Server to intercept the request and redirect to policy server.
• Clustered Policy Servers for failover and high availability.
• Implementing SSO (Single Sign-On) among the applications configured with Access Manager
• Performed user provisioning in Identity Provider(IdP) site Service Provider (SP) site using SAML for SSO.
• Experienced in using Networking Protocols for client server applications like TCP/IP socket programming.
• Configured and setup Secure Sockets Layers (SSL) for data encryption and client authentication
• Enabled Single Sign-On across Web servers in a single cookie domain or across multiple cookie domains without requiring users to re-authenticate.

Environments: CA Siteminder R12.52 sp1, CA IDM r12/12.5 sp2, Sun ONE Directory Server 5.X/6.X, Sun ONE 7.0/6.1, Windows Active Directory, Apache, AIX, Solaris, RHEL Linux, Windows 2000/2003/2008, ADFS and SiteScope.

Confidential, New York

IDM/Siteminder engineer

Responsibilities:

• Upgraded ping Infrastructure from 7.1 to 8.3
• Migrated SiteMinder to ping access by providing the solution
• Created the Single sign on for third party applications using ping federate
• Created connection between the Identity provider and service provider for external partners using the ping federate.
• Developed shell scripts for backing up current setup and upgrading between different Ping Federateversions
• Developed custom Ping Agent using Ping SDK.
• Working on OAuth Integration with Clients to get the Access Token to access protected API's and on Ping Access Installation and Configured with Ping Federate to Authenticate and Authorize the users for both web and API based applications.
• Experienced in doing WS-Trust federation between two web services' using SAML.
• Working on CoreBlox adapter to create SAML from SM Session and on Open Token Adapter to create OpenID Token for the native applications.
• Deployed PingOne in Cloud and integrated with PingFederate on premise
• Designed, deployed and supported highly available and scalable Ping Federate infrastructure in AWS and On-premise that provides single-sign- on (SSO) and federation solutions for internal accesses.
• Implemented OAuth&OpenID Solutions using Ping Federate
• Deployed Policy Agents across different HTTP and application servers: Apache, JBoss, Jetty, Tomcat.
• Worked on Upgrading SiteMinder Policy servers from 12.0 sp3 cr11 to 12.52 sp1 CR04 and implemented Scripts on all Policy Servers to recycle.
• Worked on Upgrading Web Agent from 12.0 cr01 to 12.52 cr01 on IIS, Apache servers.
• Successfully completed version upgrades from CA SiteMinder R6 to R12, involved in the Sun One directory server upgrades to11g.
• Installed and configured web agents on IIS Web Server which is using IIS7, IIS7.5 and Linux server with Apache 2.2,2.3.
• Upgraded agents from R6qmr3 to R12sp3 and registered them to talk to R12 Policy Servers.
• Upgrade some of our environments Policy Server from R12 to R12.5sp1 to use federation services.

Environment: Oracle LDAP Directory Server 11.0g, IBM WebSphere, SQL Server, HTML, SQL, MS Visual, PingFederate 8.3, SAML 2.0, SAML1.1, WS-FED, OAuth2.0, Active Directory, Java, C#, PowerShell, Oracle DSEE 11g, Web Agents, Active Directory, SAP, JBoss 5.2, Apache 1.x/2.x, IIS 6,7,7.5,8.0 JDK 1.6, J2EE, EJB, JSP.

Confidential, Richmond, VA

IDM/Siteminder engineer

Responsibilities:

• Enabled Single Sign-On across Web servers in a single cookie domain or across multiple cookie domains without requiring users to re-authenticate.
• Installed, Configured and Maintained Siteminder, Policy Servers, Sun One Directory Server and configured multi master replication in Directory server.
• Created Data sources, Queue and Topic connection factories, Virtual hosts etc.
• Involved in Configuring and updating IBM Http Server Plug-in to work with WebSphere Application servers on routine basis.
• Wrote wsadmin scripts to automate application deployments, to update configuration changes.
• Configured WebSphere resources like JDBC providers, JDBC data sources, connection pooling and Java Mail sessions.
• Created and updated the provisioning policies as per the change in the business environment using Policy Xpress.
• Experience in LDAP based directories like iPlanet/SunOne Directory Server, Active Directory and ActiveDirectory Application Mode (ADAM).
• Worked on Logical Domains (LDOMs) which provides virtualization capabilities.
• Monitored Applications and WAS performance through Tivoli Performance Viewer and tuned the system caching, queuing, JVM parameters, DB Connection Pooling
• Upgrade CA Siteminder Policy Server from v6.5 to v12.5 in Prod and sub Prod environments.
• Upgrade Oracle Directory Server Enterprise Edition from v6.3.1 to v11g in Prod and sub Prod environments.
• Install, and configure Oracle ISW (Identity Synchronization for Windows) 6.0 SP1 on 8 new servers that were deployed in a new DR Data Center.
• Assist in the planning and execution of several overdue, EOL product upgrades consisting of Oracle DSEE, Oracle Weblogic, CA Siteminder, and CA Identity Manager.

Environment: NetegritySiteminder 4.5.1/5.5, IBM WebSphere Application Server 5.x, Web agents 4.X/5.x, ISS, Apache, Windows Active Directory, Http web server, iPlanet directory server 5.1, Solaris 9, LDAP, XML Configuration, AAT, DB2, Solaris.

Confidential

SiteMinder Admin

Responsibilities:

• Sun one LDAP Directory and CA SiteMinder is installed, configured, administered on Sun Solaris 2.8 and Windows 2000,2003 Server. Single Sign on is implemented across the multiple domain.
• Under the Single-sign on environment created the policies, rules, realms to protect the applications we are working with
• Upgraded Sun One Directory server from 5.1 to 5.2. Provided level 3 support for LDAP/SiteMinder issues.
• Implemented load balancing and failover mechanism for SiteMinder Policy Server, Sun One LDAP Directory Server.
• Implemented SSO across multiple domains, and created two level of authentication for additional security
• Migrated large amount of LDAP data across the environment to create a identical production environment to support load testing.
• Implemented new techniques to support priority syncing for replication of important object.
• Migrated large amount of LDAP data across the environment to create a identical production environment to support load testing.
• Installed Option pack for Policy server and Web agent for configuring the Federated Security Services and User Identity between partner sites.
• Performed dib clone operations to recover the LDAP data, and added servers into replication tree and created new tree into the environment.

Environment: Windows 2000,2003, Netegrity CA SiteMinder 5.5 6.0, Web Agents 4.x,5.x,6.x, Sun One directory server 5.1,5.2, IIS, IPlanet Web Server5.0, IBM Http Web Server, Sun Solaris 2.8.