We provide IT Staff Augmentation Services!

Caidentity Manager/siteminder Consultant Resume

Lincolnshire, IL

SUMMARY:

  • Around 8 Years of Identity Management and Web Security Administration in CA Identity Manager, SSO/ SiteMinder, Agents for SharePoint, Secure Proxy Servers, Sun ONE LDAP Directory Server, Active Directory Server, WebLogic, WebSphere application server, Integrated Windows Authentication (WinDDas), Authentication Flow Manger & AuthMinder /Risk Minder
  • Experience in designing, development, deployment, migration and implementing Security and Infrastructure solutions using CA Identity Manager r12.5 SP8 CR1,CA SSO/SiteMinder r12.52 SP2 CR1, Sun ONE Directory Server (LDAP) … and earlier
  • Experience in analyzing the logs (agent trace logs, sever logs, access logs, IDM Application Server logs, ETA Logs etc.) and Trouble Shooting issues in Integration of other applications usingCA SiteMinder (Access Management) and Identity Management tools along with LDAP and Web - server agents andSiteMinder federation service s.
  • Experience in implementing Identity management system usingCA Suite (CA IDM) to Provisioning users (create, modify, update delete) along with self-service portals like password reset, request for access, manage Job Code, out of office assistance across endpoints like AD, RACF, Linux etc.
  • Strong knowledge of implementing RSA token Authentication with Good exposure in implementing the oAuth, SAML based Single Sign-on (SSO) and Single Log-Out involving service with Multi factor authentication (MFA)
  • Good experience in using all the IDM components like Connector Xpress to build custom connectors. Provisioning Manager to create Roles, account templates, endpoints and test endpoint provisioning and troubleshoot endpoint related issues. Installed and configured bulk load client on various platforms to automate tasks in IDM.
  • Working experience in the development ofCA SiteMinder Single Sign-On Services withSiteMinder configurations (setting up policies, realms, rules and responses).
  • Experience in implementation of Security Management tools in enterprise wide Applications to achieve Authentication, Authorization and Accountability.
  • Experience with Multi Master LDAP configuration in distributed environment and performance tuning for high availability and optimized response time.
  • Experience in integrating WebLogic Portal Application Server driven Portal with CA SiteMinder as Identity Provider and External Third-Party services as Service Providers.
  • Experience in administering LDAP based directory servers like iPlanet/Sun ONE Directory Server and Microsoft Active Directory.
  • Experience with Ping-Federate 5.x/6.x/7.x for providing SSO solutions to multiple web-based enterprise applications.
  • Proficient in tools like JXplorer and Softerra, as LDAP browsers also Fiddler and WireShark to analyze user flows and TCP dump for network related troubleshooting.
  • Experience with using IDP initiated and SP initiated SAML profiles with different binding methods like POST, Artifact, and Redirect to deliver a custom SSO environment as per the requirement.
  • Experience in using Kettle (PDI/Pentaho) data-manipulation tool for data migration and also to generate reports, feeds and extracts
  • ConfiguredCA SiteMinder System objects like Agents, Agent Conf Objects, Host Conf Objects, User Directories, Domains, Administrators and Schemas.
  • Configured Domain objects like Realms, Rules, Responses and Policies.
  • Configured User Authentication Stores, Policy Stores and Key Stores on LDAP and maintained replicated environment for load balancing and failover.
  • Experience with Directory server administration, LDAP programming and various databases like Oracle, SQL, MYSQL, DB2.
  • Extensively worked with development teams in the design, development, and implementation and performance optimization of security solutions.
  • Experience in upgradingSiteMinder/ Identity Minder from 5.x to 6.x to 12.x, Sun One LDAP from 5.1 to 5.2.
  • Installed, configured and integrated Web servers (plug-in file), SiteMinder agents and LDAP user directory with WLS.
  • Experience with IDM/ SiteMinder connectors and session linkers for SAAS applications like PeopleSoft, Sales force, and Google Apps in SSO environment.
  • Experience with PingFederate for supporting MFA and SSO solutions on cloud based and on-premises applications.
  • Automated identity management tasks such as user provisioning, role based access control, delegated administration; attribute-based auditing and reporting using CA Identity Manager.
  • Hands on experience with IIS, IBM IHS, Apache, Sun One Web servers and WebLogic and WebSphere Application servers in Identity and access management environment.
  • Experience in Analysis, Design, Securing and Support of Multi-Tier Web Applications using J2EE, Server-side Technologies using XML, Java Server Pages (JSP), WebSphere 5.X/6x/7.0, WebLogic Server …
  • Worked with RSA Authentication Manager V6.0, V7.1.
  • Experience in Java, JSP, Servlet, HTML, Shell scripting, Perl scripting, ODBC, SQL Server … Oracle …
  • Experience in using Unix/Linux utilities for analyzing logs, and trouble-shooting the applications with Application servers and Security/Identity management servers.
  • Experience in using Networking Protocols for client server applications like TLS, TCP/IP socket programming.
  • Excellent communication and interpersonal skills. Highly motivated, detail oriented and organized with the ability to multi-task projects, maintaining a high degree of proficiency.
  • On call 24x7 for Production support.

WORK EXPERIENCE:

Confidential - Lincolnshire, IL

CAIdentity Manager/SiteMinder Consultant

Responsibilities:

  • Designed the architecture based on technical requirements and implemented the solution withCA Identity Manager r12.5 SP8 CR2,SiteMinder 12.52, Governance Minder 12.6.1 with my primary focus on Identity Manager and SiteMinder .
  • Experience in installing and configuring CA Governance Minder (RCM).
  • Experience in configuring the import and export of user and user privilege information to and fro CA Governance Minder (RCM).
  • Integrated WSO2 Identity Server with Axiomatics Security Manager to enable dynamic attribute based OAuth 2 scope authorization decisions
  • Experienced in WSO2 ESB 4.9.0 and API Manager 2.0.0 and Governance Registry implementation
  • Configured multi factor Authentication for internal applications using PingID.
  • LDAP AD integration, synchronization and automation using ca identity manager
  • Involved in creating component wise Low-level designs to solve the MFA, SSO, new user registration, user self-services, mobile security use-cases
  • Installed, configured and administered CA IDM, CA SiteMinder Policy Server, Web agents, CA Directory and Oracle Directory Server (LDAP) on various platforms for a clustered and HA environment on WebSphere 8.5, JBOSS and various Platform
  • Implemented various versions of Tivoli Access Manager for eBusiness (TAM)
  • CA IDM implementation and configuration and UI customization experience
  • CA Directory Schema administration, configuration, upgrade and repair
  • Performed multiple upgrades of the RSA VIA (formerly Aveksa) platform.
  • Worked with Cyber Ark utilities, PAR explicate, PACLI and PAR client
  • OLA allows Allergan to expose internal web based application to external users and customers without the need of RSA tokens, providing a savings to Allergan and provide ease of use to end users and customers
  • Experience in Okta/ Active Directory administration
  • Implemented cloud based Okta IAM and single sign-on technologies Configure OKTA on multiple Active Directory Forests, Agent installations and MFA setup.
  • OAuth 2.0 SSO Implementation with Microsoft Azure as IDM.
  • Build custom demonstrations for General API proxying, Mobile Access (Android Studio (Java) and iOS Xcode (Objective C)), various security protocols (OAuth, OpenID Connect, SAML), Javascript, Node.js.
  • Perform Integration and hands on experience with multiple applications using Java such as AD, Workday,
  • Installed and configured multiple TAI agents on WebSphere, WebLogic servers to implement SSO.
  • Involved in Tivoli server maintenance activity by Starting/ Stopping Tivoli servers.
  • Worked on Fine tuning of Web agent and policy servers for optimized performance.
  • Configured SiteMinder web agents, Affiliate agents and RADIUS agents to provide federation of webservices in the SSO environment.
  • Configured Apache HTTP web server for WebLogic 8.1. Installed Application Server Agents (ASA) for SiteMinder on all Weblogic Servers and Webservers.
  • PingFederate clusters for production and test environments - supporting complex access requirements like e-signature, MfA, partner federation, and mobile SSO integration with VMware AirWatch.
  • Developed Web Services to communicate to other modules using XML based SOAP and WSDL
  • Implementation, Programming, and Security Solutions using Agile methodology. Working on Cloud implementations using SharePoint, Azure, ACS, ADFS and AD in the cloud & CMIS
  • Integrated IDM withCA SSO, Providing Authentication and Authorization to IDM
  • Used CA Wily Introscope monitoring tool to generate performance reports of SiteMinder policy servers and other LDAP servers
  • Configured System objects like Agents, Agent Conf Objects, Host Conf Objects, User Directories, Domains, Administrators and Schemas
  • Work on implementing and supporting SAML-based Federation technologies and Active Directory Federated
  • Developed multiple Policy Xpress to trigger on various tasks and also to generate standard company requirements like generation of unique ID's, passwords, emails, record entries etc.
  • Responsible to handle complex JobCode logics which involved multivalued attributes and multiple PX's to tie groups, provisioning roles and endpoints to respective JobCode
  • Built various custom tasks in IDM API for administrators to facilitate ease of access and troubleshooting tickets
  • Ping Federate Performance tuning for supporting support heavy traffic
  • Developed plan and implemented project to swap RSA tokens with a more secure model for the entire laptop user population
  • Develop and Maintain engine NVM/ engine SCIMcomponents state machines.
  • Responsible for provisioning users across endpoints like Active Directory, LDAP, Unix, and RACF/Mainframe.
  • Responsible for exploring and correlating users from various endpoints
  • Developed and deployed JDBC and JNDI custom connectors using Connector Xpress as per the requirements for LDAP endpoint and used role definition generators to deploy to IDM
  • Worked or various OOB and custom Workflows that involved complex logics to handle assignment of approvers
  • Implementation of Spring Security and LDAP integration.
  • Development of REST web services using Spring.
  • Worked on setting up remote task to IDM through Web services calls from EFI front-end applications via Task Execution Web Service (TEWS).
  • Improvised Logical Attribute Handlers, BLTH modules using CA identity manager API's
  • Migrated passwords from legacy application to IDM capturing the last password change date.
  • Good experience in setting up Bulk Load Clients and automating different IDM tasks
  • Good hands on experience on Kettle (Pentaho/PDI) for data manipulation during data migration from legacy to IDM
  • Good experience in analyzingSiteMinderlogs, IDM application server logs, provisioning server logs to troubleshoot various authentication/endpoint related issues
  • Used windows task scheduler to execute Kettle/Pentaho scripts for automated generation of Reports, Extracts and Feeds from various data sources like CATS (HR Database), Corporate Store, Oracle database etc.
  • Created and maintained attribute mapping document from IDM to all the managed endpoints

Environment: CA IDM r12/12.5 SP8 CR1, CA SSO r12.x, CA Governance Minder 12.6.1 CA Directory r12.x, WebSphere,ApplicationServer,JXplorer,Softerra,MobaXtermProfessional,Java,Javascript,Powershell,Oracle, SqlDeveloper, SNMP, UNIX, LINUX, Solaris, IBM AIX, Windows, Kettle (Pentaho/PDI)

Confidential - Denver, CO

SiteMinder& Ping Federate Consultant

Responsibilities:

  • Install, configure and administer Sun One LDAP Directory server andsiteminder policy server on Sun Solaris and implement single sign on across multiple domains using Cookie Provider.
  • Involve in the project to implement the Single Sign On starting from development phase till production went live. Work with responsible team to understand the requirements of a new SSO project and then design and implement the same.
  • Install and configure various web agents in accordance with the web servers involved.
  • Ensure all users have access to the necessary systems, including RSA, Epic, and other external users.
  • Create Realms, Rules, Policies and Responses for protecting applications to work under single sign on environment.
  • Hands on experience on Ping Federate CA single sign-ON, CA advance authentication, CA secure proxy server, Pingaccess, and Pingcloud.
  • Configuring SSO via Okta to login into Azure Directory and AWS as an application.
  • Provide expertise in the areas of Office 365 migration and OKTA SSO implementation.
  • Work in Development, QA and Production environments integrating OKTA and SharePoint 2016
  • Provided solutions for complex application using SiteMinder and Ping Federate
  • Experience in SAML based authentication 1.1 and 2.0 using PingFederation, SiteMinder Federation and integrate with SiteMinder authentication and other adapter.
  • Used Ping API to deploy and create SAML changes.
  • Worked on Open ID Connect for the user Authentication using ping Access.
  • Implement password policies for all the applications usingSiteminder.
  • Experienced in installing, configuring SiteMinder policy server Web agents, ASA agents, Domino Agents, Active Directory server (LDAP) and various Web & Application servers
  • Implement Policy Stores to utilize Sun ONE Directory Server (LDAP) as the user and policy repository on Linux.
  • Work on backup, recovery of userstores in Sunone LDAP Directory Server and configured Load Balancing, Failover mechanisms.
  • Configure User Authentication Stores and Policy Authorization Stores on LDAP.
  • Upgraded agents from R12sp3 to R12.52sp1 and registered them to talk to R12.52 Policy Servers
  • Monitor of SiteMinder server logs for identifying problems with Authentication and authorization of users.
  • CreatedSiteminder Agents for Federated Authentication and Authorization with partner sites.
  • Respond to direct questions from IT and business Management on the effects of emerging technologies on product development and business directions.
  • Implement password policies for all the applications usingSiteminder.
  • Work on Identity Manager to Provision the users into IDM and assigning the respective roles.
  • Work with a team on the daily problem resolutions and on the escalated issues for user administration.
  • Document, design and implement the Wellness Check URLs to verify the application code on Pre-Deployment basis with SSO.
  • Enable rollover of encryption keys in key store to maintain integrity of agent and session keys.
  • Provide 24/7 on call support for solving Tickets on a rotating basis with other team members.
  • Responsible forSiteminder, Web Servers and Application Server Production Support and Trouble Shooting.

Environment: Redhat (Linux), SunOne Directory Server, CA Siteminder 5.0 and 6.0, Apache, IIS and Tomcat applications servers.

Confidential - Bentonville, AR

CA IDM/ SiteMinder administrator

Responsibilities:

  • Designed the new parallel Environment for SiteMinder R12.52 Policy Servers, which allows the Single Sign-On between the old and new environments with the agents talking to new Policy Servers.
  • Upgraded agents from R12sp3 to R12.52sp1 and registered them to talk to R12.52 Policy Servers.
  • Worked onCA Secure Proxy Server to intercept the request and redirect to policy server.
  • Developed a custom code to decode the SMSession of Policy Server using SiteMinder API's.
  • Used CA Wily Introscope monitoring tool to generate performance reports of SiteMinder policy servers and other LDAP servers
  • Configuring User Authentication Stores and Policy Authorization Stores on LDAP.
  • Created Custom Adapter replacing SiteMinder 3.0 Ping FederateIdentity Provider adapter.
  • Migrated passwords from legacy application toIDM capturing the last password change date
  • Coordinate with the neighboring teams and analyze the data that is flowing to LDAP.
  • Provide support for Oracle LDAP (Multi-master, supplier-consumer) in Solaris environment.
  • Installed, configured proxy servers with LDAP as the primary backend and provide transparent seamless authentication to users.
  • Responsible for exploring and correlating users from various endpoints
  • Developed and deployed JDBC and JNDI custom connectors using Connector Xpress as per the requirements for LDAP endpoint and used role definition generators to deploy to IDM
  • Responsible to handle complex JobCode logics which involved multivalued attributes and multiple PX's to tie groups, provisioning roles and endpoints to respective JobCode
  • Configured Open LDAP with UNIX and enabled users to authenticate against LDAP.
  • Improvised Logical Attribute Handlers, BLTH modules using CA identity manager API's
  • Involved in integration testing for third party API integration.
  • Installed and configured Web Agents on IIS Web Server which is using IIS7, IIS7.5 and Linux server with Apache 2.2.Executing Backups and Recovery strategies for directory data (DIF), resolving backup and recovery issues in a High availability environment.

Environment: Redhat (Linux), SunOne Directory Server, CA Siteminder 5.0 and 6.0, Apache, IIS and Tomcat applications servers.

Confidential

Siteminder and LDAP Consultant

Responsibilities:

  • Hands on experience onPing federate, CA Single Sign-ON, CA Advance Authentication, CA Secure Proxy Server,Ping Access, and Ping Cloud.
  • Experience in SAML based authentication 1.1 and 2.0 usingPing Federation, SiteMinder Federation and integrate with SiteMinder authentication and adapter.
  • Migrated SAML Based SSO partners from CA Single Sign-On federation toPing Federate.
  • UsedPing API to deploy and create SAML changes.Setup and maintain distributed IT systems including computational resources, servers, storage and networking.
  • Configured both Ping Access Proxy Gateway to decode the JWT tokens and also installed the agent on application server to communicate withPing federate server.
  • Worked on OpenID Connect for the user Authentication using Ping.
  • Experience in developing J2EE applications on different IDE’s like Eclipse,
  • Configured and supported SAML based Identity & Service Provider connections.
  • Written custom active responses to extend the capabilities of SiteMinder and to support the client requirement.
  • Designed transitioning strategies around Access Management systems and accordingly performed migration of application policies, risk, rules from Siteminder.
  • Provided Impersonation, SharePoint, HR Services, Sales Force solution using Ping federate and SiteMinder.
  • Hands on Experience on other Single Sign-On products like CA SiteMinder. Implemented and Designed Access Management Solutions.
  • Administering and Troubleshooting Tivoli Identity Manager 4.6 and 5.0
  • Successfully supported to migrate/Build all the infrastructure to a new environment.
  • Upgraded SiteMinder to R6 SP1/SP5/SP6, R12 SP2/SP3.
  • Migrated Web Authentication solutions from CA Single Sign-On (SiteMinder) toPing Access.
  • Configured application agents on PeopleSoft, WebSphere, WebLogic and OBIEE.
  • Worked on internal application like Splunk, Service-now, Wily to customize to our team and management requirements.
  • Created scripts to monitor Apps, dashboards, backup LDIF and generated reports.
  • Supported production environment without missing any SLA's and supported TIAA-CREF environment 24 X 7.

Environment: Windows Server 2003/2008, Unix, SiteMinder R6 SP1/SP5/SP6, R12 SP2/SP3,Ping federate 6, CA Directory 11, Oracle Directory Service 11g, Splunk, CA Wily Enterprise Monitor, WebLogic 8/10, JBoss 5, Apache 2.x, IIS 6.

Hire Now