Iam Developer Resume
MD
SUMMARY
- Around 8+ years of experience in Information Technology, which includes demonstrated work experience in design, development, testing and implementation of enterprise - wide security applications using CA SiteMinder, PingFederate, Ping Access, Ping Directory, CA Directory, Active Directory on Windows, Unix, and Linux.
- Experienced in Cloud based Identity and Access Management Solutions like OKTA and Ping One.
- Experienced in installing PingFederate and Ping Access on both Linux (RHEL) and Windows Platform.
- Experienced in upgrading of PingFederate from 7.3-10.1; Ping Access from 4.0-6.0
- Experienced in creating Polices using selectors in PingFederate to accomplish various business requirements.
- Experienced in deploying Ping Federate on dockers.
- Experienced in configuring application in Ping One and creating policies on Ping One docker for applications
- Experienced in protecting application using Ping Access; Rate Limiting; Step-up legacy applications from HTTP to HTTPS; creating reverse proxy for applications.
- Experienced in SAML based autantication using SAML 2.0, WS-Fed.
- Experienced in writing OGNL expression to meet teh vendor requirement for SAML Assertion and experienced in restricting teh access for certain users by writing OGNL expression in teh Issuance criteria
- Worked on OAUTH grant types to get teh access token to access teh protected API. Supported development with integration of Mobile Apps using OAuth/SAML in PingFederate
- Experienced on application configuration with Ping Access and defining Ping Access Sites, Site Autanticators, Virtual hosts, Policies and Rules.
- Experienced in performance testing teh Ping Engine servers depending on teh min and max threads, depending on dat we used to scale teh number of engine servers per cluster.
- Experienced in installing, configuring SiteMinder policy servers, Web agents, Web Agent Option Packs, Secure Proxy servers and various Web & Application servers on Multiple platforms like Windows, UNIX (Solaris), RHEL.
- Experienced in debugging of autantication/authorization related issues and creating Rules, Responses, Realms, and Policies in SiteMinder.
- Configured CA SiteMinder System objects like Agents, Agent Conf Objects, Host Conf Objects, User Directories, Domains, Administrators and Schemas.
- Integrated RSA as MFA in teh SiteMinder for high critical applications.
- Good understanding of Web Technologies like HTTP Protocol, fiddler, SAML Trace, HTML, Web-Form encoding.
- Installed and configured web agents on IIS, Apache, Sun Java System/me Planet web servers on Multiple Platforms.
TECHNICAL SKILLS
O/S: Windows 2012 R2, 2008, RHEL 6 and RHEL 7, Sun Solaris
Programming Languages: Java,J2EE,Jsp,Servlets, C/C++, Java Script, shell,perl,php,Html.
IAM/SSO: Ping Federate 10.1/9.2/8.4 , Ping Access 7.0/6.1/5.3, SiteMinder Policy Server R12.8/R12.7/R12.52/R12/6.x, ForgeRock AM 6.5, CA API Gateway 9.0/9.1/9.2/9.3 , Web Agents R12.5/R12/R6 agents, Ping Access Agents
Directory: CA Directory 12.0.18, 12.6, Odsee 10g, 11g, MS Active Directory, IBM-Tivoli Directory Server, IPlanets, Netscape Directory server 4.x, 5.x.
Servers: IIS, SunOne Web Server, Apache, Tomcat,SunOne App Server, WebSphere,Weblogic,IBM Http Server,JBoss.
Databases /RDBMS: MS SQL Server 2000/2005/2008/2012 R2, PL/SQL, SQL, Oracle 8i/9i/10g.
Tools: Dynatrace, Splunk, Grafana, Wily, One View
PROFESSIONAL EXPERIENCE
Confidential, MD
IAM Developer
Responsibilities:
- Designing and implementing internal and external applications integration with PingFederate/PingAccess/PingID in DEV/QA/PROD .
- Provide solution to business on how to integrate applications leveraging enterprise SSO using CA SSO, SPS, Ping Access, PingFederate to provide better web and API (web services) security to application users in a gateway or agent model.
- Working on all teh PingFederate supported standards like SAML protocols, WS-FED, OAUTH, OIDC, WS-Trust and implemented SCIM integrations for inbound and outbound provisioning.
- Worked on configuring teh domains, User Directories, Rules, Realms and Policies.
- Configured teh end to end process for all teh OAuth and SAML supported applications.
- Upgraded Internal and External Ping access in all environments(DEV/QA/PROD) from 5.3 to 7.0.2
- Worked on fixing teh vulnerabilities, Missing Patches in all teh nodes for Ping access and Ping Federate.
- Worked on teh OGNL expressions for customizing teh attributes to meet teh Vendor requirement and OGNL is used to restrict teh user access for accessing teh applications
- Developer custom Ping Federate adapters and Ping Federate custom data source drivers using Ping Federate Java SDK(IDPAutanticationAdapterV2/ Custom Data source Driver/ Password Credential Validator
- Worked on Ping Access installation and configured with Ping Federate to autanticate and authorize teh users for both Web and API based applications.
- Created custom templates as per teh requirement for teh adapters
- Worked on Ping Access POC to migrate applications from SiteMinder to Ping Access.
- Integrated Ping Access with Ping Federate Servers to autanticate using custom adapters.
- Creating and managing application integrations for identify and access management. Having Experience of Creating conditional Access policiesMultifactor autantication (MFA), Resetting MFA and Resolving teh MFA issues
- Provided support to L2 team for all teh complex RITM/INC/PRB tickets, and involved extensively in teh support calls to resolve teh issues occurred in PROD/QA(Ping Federate and Ping Access) to avoid teh downtime for teh end users.
- Used tools like Cloud watch for automated logs and Putty(Linux) for manual log search and other tools like SAML Tracer, SAML Decoder, Fiddler, Wireshark, Jwt.io, Postman, Developer tools in Browser, for troubleshooting.
Environment: Ping Federate 9.3, Ping Access 5.3, 7.0.2, Ping ID, SAML 2.0,OAUTH 2.0, OIDC, AWS, S3, Cloud watch, Microsoft Azure, Linux, HTML, Java, Python, Ping Directory.
Confidential, NC
Autantication Engineer
Responsibilities:
- Experience in various security aspects such as access control, authorization, identification and autantication, public key infrastructure (PKI), network, and enterprise security architecture.
- Work with business / end client to gather requirements for integration and create documentations related to on-boarding.
- Worked on setting up Ping Infrastructure to support High availability and Disaster recover.
- Worked on multiple OAuth and OIDC integrations supporting various grant types.
- Customized Ping Federate adapter to accept access token and provide SiteMinder session using token translators.
- Plan a migration strategy for each application depending on complexity involved in architecture to move from SiteMinder SSO architecture to Ping Access architecture.
- Document all relevant technical aspects of migrations such as policy changes, code changes, status of migration, application pre-requisites etc. as required.
- Work on installation, configuration and troubleshooting of Ping Access agents on web servers for SSO.
- Assist application teams during teh migration phase by educating about teh changes required with policies, and resolving issues related to SSO.
- Analyze and document SiteMinder authorization and autantication policies of all applications in current SSO infrastructure to facilitate a smooth migration to Ping Access.
- Modify existing or design new architecture for teh applications integrating with enterprise SSO for a better experience to teh end users.
- Monitor teh performance of Ping Access systems and fine tune as required and provide support for Ping Access SSO solution for high availability.
- Integrate, configure and troubleshoot web agents to protect and manage resources with Site Minder policy server and assist application teams in resolving any SSO issues.
- Experience in integrating applications based on teh network zones.
- Experience in installing SiteMinder in high available clustered environment and constantly monitor using one view monitor for performance.
- Installed and configured one view monitor for CA Site Minder performance review.
- Support production environment for resolving teh high severity tickets incompliance with SLA's.
- Configured CA Wily Enterprise Monitoring tool against Apache Webserver, WebLogic Server and Policy Servers.
- Work with application teams to configure different kinds web servers to integrate with Site Minder SSO plug-in.
- Integrate applications to secure with Site Minder Policy Server and implement disparate autantication and authorization for applications.
- Work with applications for SAML integrations using PingFederate infrastructure, a federated SAML based SSO solutions, for both IDP initiated, and SP initiated (Inbound/Outbound) SAML requests.
- Experience in writing shell script to automate processes.
- Experience in integrating API with Layer 7 Gateway leveraging enterprise SSO architecture, to provide single sign on solutions for APIs/ web services.
Environment: PingFederate 10.2,10.1, 9.1, Ping Access 6.0, 5.0, Ping One, PingID, Ping Directory, SiteMinder R12.8, AD, RHEL 7.5
Confidential, NY
Sr. Sec Engineer
Responsibilities:
- Built PingFederate and Ping Access in Dev, Stage and Prod, integrated all teh PingFederate environments with teh Ping One and PingID for MFA
- Created reverse proxy for legacy applications and protecting applications using teh Ping Access
- Created SP/IDP connections using PingFederate with external partners via metadata.xml, URL’s files and Manual connections.
- Hosted all applications on Ping One dock with PingFederate as autanticating source, customizations on Ping One are made according to teh business requirement.
- Worked on different selectors like CIDR (For distinguishing intranet and internet traffic), Connection Set selector for bundling teh applications, HTTP Header Autantication selector to no from which browser is user is accessing teh application, HTTP Request Parameter Autantication Selector for to request Pram and AuthNRequest (For OAuth clients and for some use cases for teh Ping Access)
- Worked on writing different policies on PingFederate for fulfilling different business use cases
- Worked on PingID for triggering MFA for sensitive applications; depending on where teh user is accessing MFA is triggered
- Supported development with integration of Mobile Apps using OAuth/OIDC in PingFederate.
- Experience in troubleshoot using SAML Tracer, Fiddler tools to identify teh errors from Server log files and jwt for OAuth token troubleshooting
- Worked onPingAccessGateway to take teh Application traffic directly using Virtual Hosts andredirecting back to teh application withPing AccessToken.
- Worked on configuration of Ping Access asProxy Gateway to protect teh application without exposing teh application URL to teh end users.
- PingFederate and Ping Access Performance tuning is done to handle teh user-traffic.
- Documented user error stories and their resolution.
- Assisted in updating teh production incident reports and submitting a summary to management each month.
Environment: PingFederate 9.1, Ping Access 5.0, Ping One, PingID, Ping Directory, AD, RHEL 7.5
Confidential, CA
Sr. IAM SSO Engineer
Responsibilities:
- Working on federation single sign on between third party vendors making both inbound and outbound calls security exchanging teh attributes in SAML both as identity and service provider.
- Worked on Ping One where all teh applications are placed in teh docker, autantication call will be redirected to Federate server and depending upon teh applications policies will be triggered
- Working on PingID for MFA autantication
- Worked on protecting PingFederate with Ping Access; enabled sticky sessions on teh Ping Access so dat transaction will be served to teh same Federate server
- Worked on creating reverse Proxy for teh applications, rewriting teh headers, rate limiting, step up from HTTP to HTTPS.
- Worked on application configuration withPing Accessand definingPing AccessSites, Virtual hosts, Policies and Rules.
- Deployed several PingFederate integration kits for Coreblox, Agentless, IWA etc., to establish teh "first- and last-mile" implementation of a federated-identity.
- Implemented OAUTH using different Grant Types to get teh Access token and access teh protected Restful API's.
- Worked on ROPC Grant Type to fetch teh Access Token for Native Mobile Applications to call teh third-party API's.
- Worked on ID Token to get teh user information using user info endpoint and send as part of scope along with Access Token.
- Migrated SAML Based SSO partners from Ping Federate 7.x to Ping Federate 8.x. and 8.x to 9.1.4.
- Experienced with multiple Ping Federate adapters like HTTP Adapter, Open Token adapter and Composite adapters.
- Worked on Token Generator and Token Processor to establish a connection between two web services from different Enterprises andPing Accessand JWT tokens to autanticate teh user usingPingFederate.
Environment: Ping Federate 7.1, Ping Federate 7.3, Ping Federate 8, Ping Federate 9.1, OAuth2.0.
Confidential
SiteMinder Admin
Responsibilities:
- Integrated many applications in Policy server by creating new policies.
- Installed and configured various web agents in accordance with teh web servers involved both on Windows and Unix.
- Implemented password policies for all teh applications using SiteMinder.
- Created policies, realms, rules, and responses to protect teh applications and configure them to work under teh SSO environment.
- Configured load balancing and failover mechanisms for various SiteMinder components in different environments.
- Configured multi-master replication setup in teh production environment across multiple data centers.
- Configuring User Autantication Stores and Policy Authorization Stores on LDAP.
- Installed and configured Web agents on IIS Web Server, IHS Web Server.
- Worked on fetching teh LDAP attributes from multiple data sources.
- Worked on WS-Trust Federation which is used to provide SSO between web services using STR.
- Experienced in Token Generator and Token validator as part of STR and RSTR.
- Involved in Signing teh SAML using digital certificates
- Worked on SAML Encryption and Decryption for certain financial clients.
- Involved in Upgrading teh SiteMinder Policy Server version from 6.0sp5 to R12.
- Installed and configured Oracle WebSphere and Worked on bridge between SiteMinder Policy Server and WebSphere.
Environment: SiteMinder 6.0sp5, r12 sp3, Web agents 6QMR4,6QMR5 Active Directory Server, Sun Solaris 2.8, Windows 2003/2008, Sun Java System Web Server 6.0, 7.0/Oracle me Planet Web Server and IBM HTTP Web Server, IIS 5.0 and 6.0 and 7.0.
Confidential
Jr. Programmer Analyst
Responsibilities:
- Integrated many applications in Policy server by creating a new policy.
- Installed and configured various web agents in accordance with teh web servers involved both on Windows and Unix.
- Configured few applications with Custom responses and with custom autantication schema.
- Created policies, realms, rules and responses to protect teh applications and configure them to work under teh SSO environment.
- Capacity Planning in terms of hardware and user load for policy server and web agent.
- Performance tuning for web server and SiteMinder along with LDAP for better response time, low latency and high throughput.
- Implemented password policies for all teh applications using SiteMinder.
- Configured load balancing and failover mechanisms for various SiteMinder components in different environments.
- Upgraded SiteMinder Policy server from version 6.0 sp5 to R12.
- Worked on almost 60 policy servers in production environment.
- Configured multi-master replication setup in teh production environment across multiple data centers.
- Configuring User Autantication Stores and Policy Authorization Stores on LDAP.
- Installed and configured web agents on IIS Web Server, IHS Web Server.
- Created User Directory Object and Directory Mapping object and set cookie provider.
- Performed technical review of all changes in conjunction with Change management team.
- Migrated policies from lower environments to higher levels. Provided assistance to development teams in identifying and resolving environment related issues.
- Provided 24/7 on call support for solving Tickets on a rotating basis with other team members.
- Worked on many Production Issues with High Priority.
Environment: SiteMinder R12,6.0sp5, Web agents 6QMR4,6QMR5 Active Directory Server, Windows 2003/2008, IBM HTTP Web Server, IIS 5.0 and 6.0 and 7.0.