PROFESSIONAL SUMMARY

• Around 7+ years of experience in Information Technology, which Involves in Design, Implementation and Hand on experience on All Lightweight Directory Access Protocol(LDAP), Identity &Access Management and Single Sign - on products.
• Work as the part of Identity Access Management, improving and automating IAM solution for Ping Federate, Ping Access, CA Siteminder, Radiant Logic VDS, LDAP and CA Directory Systems.
• Ping Federate, ADFS, Ping Access.
• Worked as Load Balancing Engineer where I was part of load balancing team providing extensive support for various banking applications which are desktop and mobile.
• Worked in successful implementation of Single Sign On and Federation Solutions on Prod, QA and Dev environments.
• Looked over the Implementation ofSailPointProject Life Cycle Management.
• Experience inSailPointIdentity IQ implementation and configuration for application on-boarding for access certification and provisioning.
• Worked on Out of the Box connectors provided bySailPointIIQ and Web Services to integrate with target applications.
• Worked on Single Sign on (SSO) to implement security polices and handle LDAP,Siteminderand Web server on Solaris environment. Also in has scope for maintenance of RSA SecurID.
• Worked on creating the Identity access to the employees and managing the certifications and provisioning accordingly with theSailPointIdentity IIQ.
• Experience in providing Single Sign-On across enterprise application using Ping Federate, improving technical efficiencies in Identity & Access Management and Single-Sign-On space, involved in designing and implementation of end-to-end security solutions.
• Integrated Open LDAP to work with Ping Federate Server as Data store to authenticate the userand to bind the Attributes of the user into SAML.
• Experience in migrating Siteminderto Ping Access using Ping Federation with session and authentication management between two access management systems.
• Using Ping Federate, Ping one worked on enterprise users Single Sign On through browser and through services with third party application hosted in enterprise or cloud.
• Worked on Ping Federate Upgrade from 6.0 to 7.0 and 7.0 to 8.3.
• Experience in integrating SAML Profiles with different binding methods like POST, Redirect and Artifact.
• Worked on Coreblox adapter to create SAML from SMSession. Worked on WAM Adapter which can exchange SMSession with Ping Access Tokens.
• Worked on HTML, Basic, Composite, and open token Adapters in Ping Federate.
• Adapter which can exchange SMSession with Ping Access Tokens.
• Worked on Ping Access Gateway to take the Application traffic directly using Virtual Hosts andredirect back to the application with Ping Access Token.
• Integrated Ping Access and Ping Federate using OAuth. Worked on Implementing OAuth.
• Configuration with the Clients to get the Access Token to access the web API's.
• Worked on OAuth Grant types to get Access Token to access Protected API's.
• Integrated OAuth with ping Access to protect rest full API's.
• Worked on ID Token to get the user information from user info endpoint and send to OAuth client in the form of scope.
• Experience in doing Web service federation (WS) between two web services' using SAML and by creating connection between the two soap Service clients.
• Worked on Token Generator and Token Processor to establish a connection between two web services from different Enterprises and Ping Access and JWT tokens to authenticate the user using Ping Federation.
• Worked on Unbound User directory to replace the Existing Oracle Directory Server ODSEE.
• Worked on Ping Access Integration with Ping Federate to Protect the applicationsusing Ping Access Tokens.
• Worked on cloud federation with SAML using ping one.
• Extensive experience in installing, configuring and administrating MS Active Directory, Internet Informative Services(IIS), Apache Tomcat, SunOne/iPlanet Webserver.
• Experience in debugging of authentication / authorization related issues and creating Rules, Responses, Realms and Policies in Siteminder Upgraded Siteminderfrom R12 to R12.52.
• Expertise in Installation, configuration, deployment and maintenance of the Siteminder components the Policy Server, Web Agent, Policy Store and Key Store certificate store.
• Provided Single Sign on for the internal applications with the multiple Domains using CookieProvider in Siteminder.
• Expertise in Installation, configuration, deployment and maintenance of the Siteminder components the Policy Server, Web Agent, Policy Store and Key Store certificate store.
• Experience in creating Siteminder Custom Authentication Schema and in creating Custom Responses using SiteminderAPI and SmWalker.
• Worked on SunOne LDAP, Site Minder administering tasks such as back-ups, recovery, and replications.
• Improved Siteminderand LDAP performance, High availability. Designed and implemented solutions for load balancing, fail-over. And monitoring the growth capacity planning.
• Experienced in supporting LDAP and Siteminderin production environment.

PROFESSIONAL EXPERIENCE

Confidential, Tampa, FL

IAM/LDAP/CA SiteMinder Engineer

Responsibilities:

• Upgraded CA Siteminder 12.0 Sp 3 to Siteminder 12.5 CR 2 and resolved various issues that arise while up gradation.
• Performed the periodic backups and configured the Failover between different policy servers pointing them to same policy store.
• Created System Objects, Policy Domain Objects and Global Objects in Siteminder Policy Server to protect the applications by validate the user against the user store on Directory Server.
• Implement SSO for partners across multiple domains and LOBs.
• IntegratedSailPointsolution with in-house and third-party applications for birthright provisioning, access request approval and fulfillment, provisioning, custom workflows etc
• Configure SAML affiliate agents on the web servers designated for affiliate customers.
• Design and implement user authentication, web security and security solutions.
• Partner with and organize business and external counterparts to design, plan and implement SSO solutions based on SAML Artifact/1.1/2.0/Ws-Fed technologies.
• Create policies, realms, rules and responses to protect application resources via CA Siteminder for complex application requirements enabling fluid single sign on.
• Re-architecture of existing (R6/R12.52) SiteminderRealms, Rules and Policies performed for performance enhancement and stability.
• Document all design, development and upgrade efforts in testing, staging and production environments.
• Configuration and development ofSailPointLife Cycle Events (LCM).
• Build and ConfigureSailPointOOB tasks like aggregation, ID refresh, schedule tasks, correlation, etc
• Configured Business and It roles inSailPointIIQ according to the Entitlement hierarchy in the target application.
• Implement Signing and Encryption for Authnrequests and SAML tokens using X.509 certificates.
• Configuring User Authentication Stores and Policy Authorization Stores on LDAP.
• Installed and Configured Web Agent on IIS 6.0, Apache 2.2 and Sun One Web Servers and configured the Proxy Connection with Tomcat Application Server.
• Installed Option pack for Policy server and Webagent for configuring the Federated Security Services and Webservices for Assertion generation and user identity between the partner sites.
• Involved in building, design, testing, supporting and determiningSailPointIdentity IQ Solution design.
• Provide weekly updates to Management and Leadership via one on one meetings and team meetings.
• Help team mates and new hires with process and infrastructure guidance in their assignments and needed troubleshooting.
• Configured single sign on (SSO) across multiple domains as well as on the same domain using CA Siteminder.
• Setup and configured SiteminderWeb Agent for Single Sign On on application servers.
• Analyzed the existing configuration and provided the road map to integrate the CA Siteminderwith several web applications.
• Configuring multiple authentication schemes like Forms, SSL Certificate and Token based authentication.
• Developed custom login forms and web pages for CA SiteminderAuthentication using Java JSP & HTML code.
• Responsible for resolving Siteminder performance issues while upgrading SunONE Directory Servers from 5.2 to 6.3.
• Configuring the Trace logs in policy server and webagent to keep the track of user activities.
• Perform Functional, Regression, Stress and Certificate-based Authentication tests for the performance tuning.
• Used batch scripting to restart the Web servers and to transfer files from local to remote machines.
• Conduct performance tuning for Web Agents, Policy Servers, Policy Stores, and User Stores to meet and maintain operational requirements (process, thread, connection, cache).
• Determine the root cause, implement solutions, and apply patches to resolve authentication, authorization, and performance issues, as well as provide feedback to Computer Associates on Siteminder product bugs.
• Experience in Troubleshooting urgent priority tickets with minimum response time.
• Documented technical specifications and procedures for Siteminder best practices.
• 24x7 production support with on-call rotation. Co-ordination of Stress & Performance Tests.

  Environment: Netegrity Siteminder12.0/6.0, Linux4.0/5.0, Windows Server 2003, SunOne Webserver 5.2/6.0, Microsoft IIS, SunOne Directory Server5.2/6.3, Java Scripts, JSP, Weblogic, SailPointIIQ 7.0,SailPointIIQ 7.1.

  Confidential, MO

  CA SiteMinder Engineer/ Production Support

  Responsibilities:

  • Created SP/IDP connections using Ping Federate with external partners via metadata.xml, URL's files and Manual connections.
  • Migrated SAML Based SSO partners from Ping Federate 7.1 to Ping Federate 7.3 and 7.3 to 8.2.
  • Provided support for the maintenance ofSiteMinderinfrastructure/architecture and security framework, API and application integration for authentication, authorization/entitlement and data encryption.
  • Install configured & SupportedSiteminderFederation security services on JBoss and Tomcat servers and configured application in various platforms.
  • Implemented SAML 1.0 & 2.0 usingSiteminderfederation services in various environments.
  • Supported development with integration of Mobile Apps using OAuth/SAML in Ping Federate.
  • Excellent communication skills and working on with SAML Trace, Server log files for trouble shooting the error from client end.
  • Used Ping API to deploy and create SAML changes.
  • Implemented Design Security Network on CA Single Sign On.
  • Implemented openID and OAuth solutions using Ping Federate.
  • Co-ordination with Server hosting team if any hardware related issues.
  • Co-ordination with PingFederate vendor if any software related issues.
  • Maintained both Test and Production servers for Ping Federate along with the cluster management and timely Replications to deploy changes to servers.
  • Developed custom Ping Agent using Ping SDK and Implemented SAML Protection with Digital Signature.
  • Designed, deployed and supported highly available and scalable Ping Federate infrastructure in AWS and On-premise that provides single-sign-on (SSO) and federation solutions for internal accesses.
  • Ping Federate Performance tuning for supporting support heavy traffic.
  • Responsible for preparing documentation for each application and also providing the Run Book to the Operations team to troubleshoot issues.

  Environment: Ping Federate 7.1, Ping Federate 7.3, Ping Federate 8.2, SAML 2.0, OAuth2.0, AD, Java, PowerShell, Oracle ODSEE 11g, SiteMinderpolicy server 6.0/R12,SiteminderWeb agent R12/6x Web Agents, Policy Servers Oracle LDAP Directory Server 11.0g, IBM WebSphere, SQL Server, HTML, SQL, MS Visual.

  Confidential

  SiteMinder / LDAP Consultant

  Responsibilities:

  • Installed, Configured and Managed Netegrity Siteminder 12.0.
  • Migration of policy server from Siteminder5.5 to 6.0 for Load balancing, and failover configuration of the Policy store.
  • Configured and Defined the Policy Domains, User directories, Rules, Realms, Policies and Responses in Siteminder.
  • Configured IBM HTTP Web server, Siteminderto work with WAS.
  • Worked on OneView Monitor statistics, error corrections for possible problems, reviewed SNMP events for possible problems and worked on the status of SiteminderP1 tickets.
  • Worked on Siteminder Platform Support Matrix for changes.
  • Worked on webagent.conf, sm.registry, etc. configuration files on Siteminder.
  • Reviewed and updated SIteminder policy and procedures.
  • Worked on Siteminderarchitecture and taken care of changes that are needed based on capacity planning.
  • Created, Configured and Administered Profiles, Clusters, Nodes and Node Groups for WebSphere Application Server.
  • Used One View Monitor in Siteminderfor identifying performance bottlenecks.
  • Monitored heartbeats and refresh rates for various components of Siteminder.
  • Experienced in creating and maintaining security policies for Siteminder.
  • Configured Node manager for administration of Managed servers.
  • Installed and configured Wily Introscope Enterprise Manager with agents.
  • Responsible for deploying enterprise applications from Admin console and enabling security using LTPA and LDAP for admin console and application components on AIX.
  • Configured SSL for WebSphere Application Server for security reasons.
  • Experienced in assisting Web Administrators, LDAP Administrators to determine what the best values for Siteminderparameters and tune the system to boost Siteminderperformance in the Web Tier, the Application Tier, and the Data Tier.
  • Provided training and group presentations on Sitemindersecurity planning to all employees, using Microsoft Visio and PowerPoint.
  • Experience in implementing failover and load balancing schemes between WebAgents and Policy Servers and also between PolicyServers and LDAP.
  • Experienced in setting up integrated security access to the portal and Single Sign-On.
  • Implemented clustering and worked on analyzing the scalability of applications with the help of tools like IBM Tivoli Site Analyzer.
  • Used ANT script to automate loading Users and User Groups into Active Directory (LDAP), and XML based EAR/ WAR deployment.
  • Responsible for deploying enterprise applications from Admin console and enabling security using LTPA, LDAP for admin console and application components on Windows.
  • Updated Latest Fix-pack 6.1.0.13 for AIX.
  • Trouble shooting of errors in both Application and JVM, also analyzed heap or core plus error logs.
  • Involved in setting up JVM tuning parameters and used garbage collection.
  • Assembled and deployed the application in production, staging for following g change management practices.
  • Regularly attended meetings on behalf of Middleware Team & co-ordinate with different teams for task accomplishment.

  Environment: Netegrity Sitminder5.x/6.x, Identity Manager 6.0, Web agents 5.x/6x, Webshphere 5.x,/ 6.x, Apache 2.x, IIS 5.0/6.0, Sun ONE Directory Server 5.2/6.1, SAML, XML, LDAP, LDOM 1.1, Solaris (10), Unix, Linux, Sun Iplanet6.0/6.1, IIS 5.0/6.0, ANT, JACL, Foglight, Unix shell scripts, Jython, Struts, Hibernate, Java/J2SE 1.4, J2EE 1.3, Eclipse, SOAP, UDDI, IBM Rational ClearCase