Iam Specialist Resume
TECHNICAL SKILLS
Identity Management & Security: CA IDM, RSA Aveksa, OAM, OIM, Microsoft Azure, OAuth, SAML, CA Siteminder & Federated SSO, RSA Secure ID, and SCRUM Management.
LDAP Directories: Microsoft Active Dir, CA Directory, Sun One directory Server
Back office Software: Database (SQL/Oracle), Webserver (IIS, Apache, IBM), Reverse Proxy, Citrix, Terminal services, Portal (Plumtree, WebSphere Portal) Application Server (BEA WebLogic, IBM WebSphere, Sun Java System), Integration (Dir XML, WebSphere MQ Workflow), RACF.
Operating Systems: Microsoft Windows up to Windows 2003 Enterprise Edition, UNIX (SOLARIS 2.x, SOLARIS, AIX, IRIX, HP/UX, LINUX, MS - DOS, and z/OS.
Networking: TCP/IP, DNS, WINS, NFS
Tools: Remedy, Service Now, HPSM, JIRA, CA Agile, Service Center, TADDM Console
PROFESSIONAL EXPERIENCE
Confidential
IAM Specialist
Technologies used: OAM, OIM, OAuth, Microsoft Azure, SAML.
Responsibilities:
- Implementation leading practices for key IAM areas related to user identification, user authentication, privileged access management, separation of duties, role-based access control (RBAC) and similar concepts, user access requests, user access requests, multi-factor authentication, and attestation and certification requirements.
- Installation, configuration and administration 10g and 11g Web gate and integration with web tier for OAM agent.
- Design and implement authentication and authorization policies in applications domains in OAM
- Configured SSO agents and authentication modules in OAM 11.1.2.2
- Provisioning and functional set up of Oracle Fusion Accounting applications.
- Involved in meetings with different teams and prepared reports and audits on time basis.
- Involved in analysis of requirements with business teams to deliver the best technical solution
- Created the default OAM Objects for an OAM Business Verticals.
- Created Application Domains, default AuthN policies and AuthZ policies for Each Application domain.
- Created OAM objects for Ti-pass Logins with Multi-factor and Authentication schemes needed for Multi-factor.
- Created Host-identifiers for Each Multi-Factor Level.
- Implementing Single Sign On (SSO) Solutions using Oracle Access Manager (OAM) or any other 3rd Party Single Sign On solutions.
- Configured custom Login page for SAML integrated application.
- Created Users, Groups, Roles and performed the Role Linking using OIM utility.
- Integrated multiple applications with OAM and Microsoft Azure by enabling SAML, Oauth Implicit grant, Multi-Factor authentication.
Confidential
Associate Security Consultant
Technologies used: CA Identity Manager, RSA Aveksa G&L, CA RCM.
Responsibilities:
- Implementation leading practices for key IAM areas related to user identification, user authentication, privileged access management, separation of duties, role-based access control (RBAC) and similar concepts, user access requests, user access requests, multi-factor authentication, and attestation and certification requirements.
- Configured the CA Identity manager administration console for application on boarding and drafted technical design document for Web application security.
- Configured Admin tasks, Admin roles and TEWS Web Services as per the requirement. Scheduling the explore-correlate in CA IDM.
- Apply the password policies to Users/Groups/Roles. Configured authentication schemes with custom templates.
- 24/7 administration in a web hosting organization providing server and application support
- Modified the password policies as per the security requirements. Configured LDAP instances on Active directory container.
- Configured the replication in between the multi master. Configuring the ACIs for the application service accounts to provide read/modify permissions on the specific node in Active directory server.
- Exported and imported data and schema between master and consumer LDAP databases using Admin Console and command line utilities.
- Responsible for provisioning users across endpoints like Active Directory, LDAP, Unix, and RACF/Mainframe.
- Designed and customized the solution as per customer requirement.
- Integration of Business Intelligence Report server with IDM for Out Of Box report generation.
- Creation of custom access roles and provisioning roles for endpoint provisioning.
- Configuring self-registration and password management using Identity Manager.
- Implementing password reverse synchronization between AD and IDM.
- CA Directory LDAP Extension and performance tuning.
- Integrated multiple applications to Aveksa such as Siebel, Web focus, Netezza, Oracle databases etc.
- Fixing cron job failures.
- Currently working on Version 6.9.1.140935 and we have deployed patch 17 in the environment.
- Performed Data Base cleanup pruning activity to remove the historical information of AccessMC Requests from Access MC Database.
- Performing reviews for Line manager access certifications.
- Performed application restarts: - Aveksa Server, Agent and AFX
- Worked on log management - backup of logs and troubleshooting.
- Performed application & performance testing’s in lower environments like Development, Stage and then promoted to PROD.
- Adding new workday fields to Aveksa by modifying the user attributes to the users.
- Performing Import/Export of customized workflows to Aveksa.
- Deployment of connectors and configuring connector templates.
- Provisioning UNIX and Active directory bulk access requests through web service call.
- Hands on experience working with RSA Aveksa Multi App collectors, Identity and Account collectors for custom application integrations in both production and non-production environments.
- Provisioning of firecall role access to the end users with temporary access to the applications for troubleshooting production issues.
- Validating & fixing database related connectivity issues with Aveksa.
- Monitoring JMS queue & OEM (Oracle Enterprise Manager) to check for Database blocking sessions.
- Updating the Data Owner and technical owners for the newly acquired endpoint applications.
- Good knowledge and experience working with RSA Aveksa collectors, Connectors and Roles.
- Managed endpoint application passwords in the crypto vault repository.
- Strong knowledge and expertise using RSA Aveksa AFX (Auto Fulfilment Express) and workflows.
- Worked on RSA Authentication Manager 6.x/7.x for user’s self-service, workflow management, and delegated administration, token based and form based authentications as part of security solutions.
- Expertise in installation, configuration, deployment and maintenance of RSA Aveksa6.x/7.x
- Change - Creation/Implementation/Validation.
- Documenting all the standard procedures and placing them in the Wiki for reference.
- Monitoring the disk space in Aveksa server.
- Updated various Hotfix deployments in Production environment.
- Performed Appliance updater in Aveksa environment.
- Performed Database clean up and workflow cleanup activity in non-business hours.
- Performed hardware support configurations of platforms including Terminal Server and network KVM devices into the client Operations environment.
- Raising support case with RSA vendors and worked on troubleshooting the applications issues with RSA engineers.
- Responsible for exploring and correlating users from various endpoints
- Good experience in setting up Bulk Load Clients and automating different IDM tasks
- Worked on workflow approvals for the certification campaigns in Governance Minder
- Worked on install the CA Governance Minder Client Tools and Workpoint Designer application on a separate Windows computer running a supported operating system
- Worked on role-based user entitlements with the end applications in Governance Minder
- Worked on to enable certifications and other business processes, import predefined workflow definitions into Workpoint.
- Experienced in using out of box connector that import data from and export data to endpoint systems in Governance minder.
- Experienced in installing the CA IAM Connector Server in a cluster environment, install the CA IAM Connector Server on one of the nodes, or on a dedicated node.
- Experienced in role-based user entitlements with the end applications.
- Experienced in developing a POC to integrate CA Governance minder with CA Identity minder.
- Experienced in Repair CA Governance Minder Configuration, User, and Resource Files.
- Performed hardware support configurations of platforms including Terminal Server and network KVM devices into the client Operations environment.
- Raising support case with CA vendors and worked on troubleshooting the applications issues with CA Tech Support.
- Access Fulfillment Express, Access Certification Manager, Business Role Manager, Access Request Manager & Data Access Governance.
- Implementing entitlement management solutions for role based access controls and provisioning procedures for both external and internal application needs (understanding of multiple methods of role management).
- Excellent communication and interpersonal skills. Highly motivated, detail oriented and organized with the ability to multi-task projects, maintaining a high degree of proficiency.
- Facilitated Release Planning, Sprint Planning, Backlog Grooming, and Retrospective meetings.
- Removed team impediments on a daily basis to allow the team to deliver the sprint goals and deliverables.
- Collaborated with members of the Product, Business and Engineering Teams to develop and maintain Product Backlogs.
- Responsible for product delivery management. Renegotiated chip pricing with vendors, reducing bill of materials costs.
- Coordinated and participated in weekly estimation meetings to provide high-level estimates (Story Points) for backlog items.
- Coordinated the work efforts of 13 person team for various projects. Helped team complete tasks successfully and on-time and resolved obstacles encountered by team members.
- Removed impediments and protected team members from interruptions and distractions to maximize productivity. Encouraged and implemented process improvements. Created team-building opportunities.
Confidential
SiteMinder and Federation integrator
Technologies used: CA SiteMinder & Federated SSO
Responsibilities:
- Configuring SiteMinder policy server, Creating Rules and Policies, Policy Server maintenance, SSO configurations, Web Agent & Application Agent installations, and Troubleshooting SiteMinder integration specific problems.
- Installed SiteMinder Agent on various webservers and configured the same with policy server.
- Configured policies for different level of user access.
- Protected web applications and did E2E testing.
- Implemented production changes during change window.
- Implemented SiteMinder protection for the onboarding applications for both intranet and internet.
- Migrated SiteMinder configuration across various environments like development, testing, production etc. Migration was done manually and through scripts too.
- Prepared deployment design document.
- Integrated BT and non-BT Applications with SiteMinder for BT Line of Businesses.
- Federation configuration for BT and non-BT application.
- Troubleshooting for access manager integration and federation issues by logs scanning.
- Federation Configuration for SPs using CA federation
- Responsible for carrying out sanity testing & verification of SiteMinder integration work.
- Implementing the applications in SiteMinder with SSO, CDSSO & FSSO and troubleshooting the issues with Federated applications.
- Monitors progress of SiteMinder solution/component stories on STORM and reports discrepancies/bottlenecks to client and stakeholders.
- Involved in design and upgrading SiteMinder Policy Servers from R12.0 to R12.52.
- Upgradation of Web Agent on Apache and IIS Web Servers.
- Supported SiteMinder 24x7 with on-call rotation. Performed deployments, upgrades and changes during off- business hours and weekends.
- Worked with the Application development teams to resolve CA SiteMinder Agent issues during upgrade process on Microsoft IIS, Apache, WebLogic and WebSphere servers.
- Determine the root cause, implement solutions, and apply patches to resolve authentication, authorization, and performance issues, as well as provide feedback to CA Siteminder product bugs.
- Created Identity Provider and Service Provider policies for SAML2.0 Post Federation Assertions.
- Created documentation for Change Requests, Service Requests, and upgrading processes for support purposes.
- Analyzed the existing configuration and provided the road map to integrate the CA SiteMinder with several web applications.
- Maintain and Monitor Siteminder Policy Server logs.
- Handled user tickets, trouble shoot and resolve Siteminder Issues.
- Supported Operating System and Web Servers patching.
- Documented the application SSO on-board process procedure for future reference.
- Performed tuning for SiteMinder along with LDAP for better Response Time, Low Latency and High throughput.
- Created policies, realms, rules, responses in Siteminder Policy Server to protect the applications and validate the users to work under SSO environment.
- Installed and Configured CA Siteminder Web Agent on IIS, Apache and SunOne Web Servers.
- Configuring Siteminder Policy/Key Stores on Oracle DSEE 11G.
- Developed Custom Login Forms for user authentication.
- Experience in helping the application team troubleshoot errors when integrating with SSO.
- Perform Functional, Regression, Stress and Certificate-based Authentication tests.
- Conduct proactive and reactive performance tuning for Web Agents, Policy Servers, Policy Stores and User
- Stores to meet and maintain operational requirements (process, thread, connection, cache).
- Documented technical specifications and procedures for Siteminder best practices.
- Used smobjexport and smobjimport and migrated policies from Sun One directory server 5.2 to 6.3
Confidential, Venezuela
Software Engineer
Technologies used: CA SiteMinder, LDAP
Responsibilities:
- Requirement gathering and analysis/Installing and Configuring the Policy server and Oracle Directory server.
- Installing the web agent in Apache and IIS web servers and Configuring the web agent to communicate with SiteMinder
- Configuring the apache as the proxy server to redirect the requests to application servers.
- On boarding new applications in SiteMinder and providing the Authentication, Authorization, SSO Services to the applications
- Troubleshooting the SiteMinder and Web agent issues.
- Configuring the policies for the applications to provide authentication and authorization.
- Configuring the SSO (single sign on) between the applications and CDSSO between the applications which are in different domain.
- Configuring the Master and Consumer instances and implementing Multimaster replication.
- Meeting the SLAs for the issues reported by the application teams or customers.
- Performing daily status checks, Junction status and disk space usage on regular basis.
- Experience in managing end-to-end implementation lifecycles of Identity/Access Management projects. Excellent hands-on knowledge on the best-practices of deploying the security solution.
- Performing Maintenance activities as per the Business requirements.
- Performing disaster recovery activities every year.
- Writing Assembly line programs for any Bulk requests.
- Login package deployments for any code change from the application end
- Advanced knowledge on Change Management (Planning & Execution)
- Good understanding of information security concepts especially identity and access management, Web application server (WebSphere), regulatory compliance requirements.
- Operations support (24x7 on call support): Troubleshooting, Investigating operational problems and provide work around and resolution /remediation.
- Technical knowledge of command line utilities running on various platforms including UNIX, Linux and MS Windows.
Confidential
Siteminder Integrator
Technologies used: CA Siteminder (Access Management)
Responsibilities:
- Implementation and Operational support for (CA Siteminder, Webagentinstallation/Configuration & Administration). Day to day operational functionsadministration, troubleshooting, and resolution.
- Installing and configuring the SiteMinder on Linux platform
- Installing and configuring the Sun one directory server on Solaris platform.
- Installing and configuring the apache on Solaris platform.
- Onboarding new applications in CA SiteMinder and providing the support to the applications
- Troubleshooting the CA SiteMinder and web agent issues
- Configuring the Master and Consumer instances and implementing Multimaster replication.
- Configuring the apache as the proxy server to redirect the requests to application servers.
- Adding the new attributes into the schema as per application requirements.
- Configuring the ACIs for the application functional Ids and providing the search/read/write permissions to the application accounts.
- Configuring the replication agreements to implement the referrals for the consumers to redirect the write operation to Master instances
- Managing the users and groups in the LDAP by adding the users and adding them to the groups.
- Created policies, realms, rules, responses to protect SiteMinder resources
- Configured SAML affiliate agents on the web servers designated for affiliate customers.
- Installed and Configured Web agent on IIS 6.0, Apache 2.0 to implement SSO.
- Created strategies for backup and recovery of SiteMinder environment.
- Performance tuning for SiteMinder to provide better response time, low latency, high availability and maximum throughput.
- Good understanding of information security concepts especially identity and access management, Web application server (WebSphere), regulatory compliance requirements.
- Operations support (24x7 on call support): Troubleshooting, Investigating operational problems and provide work around and resolution /remediation.
- Technical knowledge of command line utilities running on various platforms including UNIX, Linux and MS Windows.