SUMMARY

• Around 8 years of IT experience in Identity and Access Management.
• Expertise in implementing, integrating and supporting Okta csloud SSO, MFA and enterprise SaaS technologies into complex IT environments across heterogeneous operating environments.
• Expertise in Okta provisioning, SSO and MFA.
• Expertise in implementing RSA token Authentication and good exposure in implementing the SAML based Single Sign - on (SSO) and Single Log-Out (SLO) involving service with third party applications.
• Streamlined and Automated the New Hire Onboarding and Off Boarding Process via Workday/ OKTA/ AD known as 'One Click On-Boarding/Off-Boarding’. The framework also included Provisioning/ Deprovisioning of SaaS base applications.
• Responsible for synchronization of all Active Directory accounts and groups to utilize Okta solution.
• Worked on day to day activities creating and managing OKTA policies and creating and managing OKTA application provisioning and user provisioning.
• Setup multi-factor authentication and made configuration changes as required - such as password policy updates.
• Experience with SSO and federation using SAML 2.0, OAuth 2.0, OpenID connect (OIDC) and WS-Federation.
• Knowledge on all the PingFederate OAUTH grant types to get the access token to access the protected API. Supported development with integration of Mobile Apps using OAuth/SAML in PingFederate.
• Sound Knowledge in Installation, Configuration of the SiteMinder and CA Directory.
• Knowledge on designing customized scripts to run scheduled batches for Feeder file in IDM.
• Worked on Delta Code Evaluation based on AD Raw data and processing Feed through HRDS (HR data).
• Solid understanding on SOX and Compliance.
• Experience in providing access to data, systems and other resources as per identity management policies.
• Created policy domains, realms, policies and rules, configuring access to User directories, setting up response attributes and cookie variables, defining authentication schemes in an SSO Environment.
• Experience in Software Development Life Cycle Entailing, Requirement analysis, design, development, testing and trouble shooting.
• Implemented ForgeRock OpenDJ for LDAP data store for internal user data.Implemented data sync between Active Directory and LDAP using ForgeRock.
• Installed and Configured OKTA LDAP Agent for delegated authentication with okta. Migrated Users from LDAP and Active Directory to OKTA Universal Directory and provided L2 support for LDAP.
• Configured User Authentication Stores, Policy Stores and Key Stores on LDAP and maintained replicated environment for load balancing and failover.
• Coordinate with the neighboring teams and analyze the data that is flowing to LDAP.
• Expertise in configuration of SiteMinder Authentication Schemes, Policies, Realms, Rules and Responses.
• Excellent troubleshooting skills verifying web agent and SiteMinder logs and monitoring the environment.
• Solid Experience in Strong Authentication AuthMinder - 2 Factor Authentications.
• Experienced with ticket tools such as ServiceNow, Remedy.
• Performed daily health checks and maintain integrity of production environment by proactively resolving services impacting incidents.
• Provided 24X7 on call production support to assist with application teams.

TECHNICAL SKILLS

Tools: Okta, CA Site Minder, CyberArk, SCCM

Directory Servers: Microsoft Active Directory, Provisioning Directory

Web Servers: Apache (1 3 x, 2 2x), MS IIS (4 x, 5 x, 6 x)

Web Browser Debugging Tools: Fiddler, Fire Bug, IEHTTP Headers

Programming Languages: HTML, UNIX shell Scripting, XML and PowerShell

Microsoft Office Tools: Word, Excel, PowerPoint, Access, Project

Operating Systems: Microsoft Windows Family, Red-Hat Linux

PROFESSIONAL EXPERIENCE

Confidential, Plano, TX

IAM - Okta Developer

Responsibilities:

• Generating New Users using OKTA CSV Import feature for Provisioning of new users.
• Integrated Okta SSO to 20+ applications along with enabling MFA Confidential Okta tenant & app level.
• Worked with application teams to integrate Okta for SSO and provisioning.
• Implemented Okta Group rules and birthright provisioning of users into downstream applications.
• Worked with firewall team to configure IP zones for internal & external network and blocked blacklisted IP’s in Okta.
• OpenIDM. The migration involved Directory Server, IDM & SSO software to ForgeRock’s OpenIDM.
• Installed Okta AD agents in Active Directory domains as part of AD domains integration with Okta and imported all AD groups to Okta to automate user group membership via Group Rules.
• Enabled MFA options based on requirement currently using DUO for sensitive groups like Director and above and Google Authenticator for rest of the users.
• Co-ordination with the offshore support teams to address technical or business requirements related queries.
• Installing, configuring, administration of Windows 2003/2008/2012 Servers, Active Directory Services, DNS DHCP, FTP, LADP, WSUS, IIS Web Server and System Management Servers (SMS) Servers.
• Integrate Okta with Service Now through Orchestration activity pack for Access Automation.
• Maintaining Active Directory groups and users. Configuring push groups from okta to active directory.
• Creating Service Accounts and Shared Mailboxes per request. Involved in Configuration and development of SailPoint Life Cycle (LCM). Providing access to users for shares (NAS and File) through AD Group Memberships.
• Setting up permissions through active directory groups on NAS & File Servers and Windows Servers.
• Reviewing Active Directory objects on a Quarterly basis and cleaning up.
• Generating reports of Active Directory using Netwrix Auditor & troubleshooting SSO issues using Fiddler and SAML Tracer. Participated in projects and initiatives in support of regulatory, audit and IDM directives.
• Execute (SailPoint IIQ) test cases through multiple launches and to include development and test environments. Implemented the foundation for entitlement certification for users to address regulatory compliance and audit requirements.
• Extensively involved in Unit testing and coordinated with the testing team and fixing Bugs Confidential various stages of the application development. Provided technical leadership in the provisioning space for an Identity Access Management system built on Oracle technology for automated user provisioning, auditing and compliance.
• Gained responsibility as POC Confidential client location for the IAM team. Troubleshooting user access issues. Participated in various team meetings and management meetings during project transition phase.
• Having hands on experience on various customer proprietary tools. Incident Management & Problem Resolution of tickets & Support Mailboxes.

Confidential, Irving, TX

IAM - Okta Admin

Responsibilities:

• Created project high-level designs and converted high-level designs to detail designs.
• Involved end to end Okta architecture workflow and deployed Okta (SSO, MFA & Provisioning) Confidential Vistra energy.
• Worked with application teams to integrate Okta for SSO and provisioning.
• Implemented Okta Group rules for segregation of duties and birthright provisioning of users into downstream applications.
• Migrated users from multiple Active Domains and open LDAP to AD LDS. Managing and maintaining Active Directory, DNS, DHCP servers and Event Logs. Installation/Configuration/Troubleshooting of Windows Server 2003/2008 and Active Directory. Worked with firewall team to configure IP zones for internal & external network and blocked blacklisted IP’s in Okta.
• Installed Okta AD agents in Active Directory domains as part of AD domains integration with Okta and imported all AD groups to Okta to automate user group membership via Group Rules. Used Intranet web applications can enforce Kerberos as an authentication method for domain joined clients by using APIs provided under SSPI.
• Implemented and deployed Agentless Desktop SSO feature in Vistra environment to provide SSO to Okta & apps integrated with Okta in windows network.
• Designed, Implemented and Deployed a framework for New Hire Onboarding and Off Boarding Process via Workday as a Master using OKTA. Implemented and deployed ServiceNow Orchestration with Okta for Automation of Okta operational activities and downstream applications access.
• Designed and implemented OKTA SSO from ground up with 100+ SAML/SaaS applications. Worked with more than 40 Application team to integrate their applications to SSO.
• Develop and deploy SCIM connectors for on-premises applications for user provisioning and & De-provisioning.
• Protect Applications by integrating them to Okta through Modern Authentication Protocols like SAML, OAuth, OpenID Connect (OIDC).
• Implemented OAuth to access the protected API with Access Token by using Different OAuth Grant types.
• Worked on OAuth Integration using Ping Federate and Ping Access and implementing Federation SAML services to SSO into third-party vendors.
• Integrated more than 12 applications with Okta to automate users provisioning (Box, Workplace, Zoom, AWS, Adobe Signon, JIRA, TEEM, Zscaler, Salesforce …). Experience with OKTA API's; Setting up. OKTA API tokens.
• Working knowledge of standard infrastructure tools (DHCP, DNS, NTP, SYSLOG, SSH, SFTP, GPO, etc.).
• Experience in troubleshooting Workday import issues and Applications SSO & Provisioning issues.
• Experience with OKTA, ADFS and certificate and domain management. Part of the 24x7 on call team for troubleshooting outages/issues.

Confidential, Richardson, TX

IAM - Okta Admin

Responsibilities:

• Experience in Identity & Access Management Solution including Single Sign On & Multi Factor Authentication.
• Gathered requirements from application teams to Okta integrations.
• Configured MFA polices and MFA Factors to application access such as Okta verify, SMS Authentication & Voice call authentication.
• Migrated all SSO Apps configured currently in CA Site Minder to Okta Platform to leverage the combination of SSO and Contextual MFA.
• Expertise in administrating OKTA and providing support to OKTA clients. Integrate CyberArk with Okta Platform for SSO & MFA.
• Integrated more than 25+ applications with Okta to provide SSO & MFA.
• Performed batch requests by using PowerShell scripts.
• As a part of Active Directory integration with Okta, installed AD agents in Active Directory prod domains.
• Imported all existed AD groups and users into Okta and linked with Okta groups using Push groups concept.
• Developed Okta Foundation Elements by rolling out Self Service Features (Password reset, Unlock Accounts, Forgot Password) for End Users.
• Experience with OKTA API's; Setting up OKTA API tokens.
• Enable Delegated Authentication on AD domains to allow users to authenticate using their Active Directory Credentials. Creation Of Secured Socket Layer (SSL) Using IBM tool Ikeyman, where we will be generating Six keys(.arm .cer .kdb .sth .rdb .crl) to protect the Website from Security threats.
• Installed Okta Radius Agent to enable MFA for Cisco AnyConnect VPN and Citrix NetScaler thereby migrating functionality from CA Advanced Authentication to Okta.
• Generated reports for various monthly, Quarterly and Yearly SOX audit controls from Active Directory as well as IAM Suite on provisioning/de-provisioning users, NAS share reports using Hyena, User Access Reviews for IAM Applications, Legal Hold Reporting etc.
• Interacting with onsite and offshore team in resolving their problems.