SUMMARY

• 7+ years of experience in Identity and Access Management involving migration, design, development, testing, implementing enterprise wide security solutions using Okta and CA Single Sign - On (aka SiteMinder), CA Federation Services, CA Identity Minder (IDM)
• Designed, implemented user authentication and security solutions for enterprise applications to use OKTA Identity cloud solution while maintaining the existing SiteMinder environment.
• Hands on experience implementing Okta Api, Okta Universal Directory, profile editor, profile mappings and Okta Expression Language. Integrated AD and Workday as profile master. Fully understand the concept of AD/Okta mastered user and Okta delegated authentication.
• Experience in Setting up SAML and OIDC applications, customizing login pages using OKTA login widget.
• Worked on MFA and Factor sequencing to work along with routing rules for different okta org’s.
• Worked on SCIM connector, SCIM server to host SCIM services, OPP agent and Okta SDK for automated provisioning.
• Integrated Okta Widget to various application. Also enable feature of self service like reset, change password etc through Okta Widget by using Okta Rest API.
• Used Okta Access Gateway to connect Okta to on-premises applications for SSO that use header-based,Kerberos, or URL-based authorization.
• Experience in working with the single sign on and federation protocols like SAML 2.0, OIDC and SWA.
• Good understanding of access management, federated identity, 2- factor solutions, MFA.
• Understanding of Okta infrastructure and used third party open source library Picketlink for parsing SAML response.
• Expertise in Capacity Planning and Performance Tuning of Microsoft AD and SiteMinder.
• Proficiency in managing, maintaining, troubleshooting, and resolving issues in a 24x7 production environment.
• Strong knowledge of Identity Management Systems.
• Ability to troubleshoot Firewall and Network related issues.
• Proficiency in analyzing the Root Cause, implement solutions and document Root Cause Analysis (RCA).
• Experience in working with GIT and Jenkins Build.
• Experience in integrating the application on AWS Cloud Environment.
• Good exposure to other cloud environments like Google Cloud Platform (GCP) and Microsoft Azure.

TECHNICAL SKILLS

Technologies: Okta, CA SiteMinder Policy Server R12.5/R12.52 SP1,SP2,SP3/R12.6/R12.8, Web agent 4.x/5.x/6.x

Web Servers: IIS, IHS, Apache, iPlanet Web Server 6.x and other Web Servers

Directory Services: Universal Directory, CA Directory Server, Microsoft AD, Sun ONE Directory Server

Operating Systems: Windows Server 2003/2008/2012 , Red Hat Enterprise Linux 5-7, UNIX (AIX, Sun Solaris 7-11)

Databases & Scripting: Oracle, MS SQL Server, Unix Shell Scripting (bash), Perl, Java Scripting

Application Servers: BEA Web Logic 8.1, Tomcat 3.3/4.1.3/5.5 , JBOSS, Web Sphere 4.x/5.x

PROFESSIONAL EXPERIENCE

Confidential, WI

Information Security Engineer

Responsibilities:

• Designed and implemented user authentication solutions for enterprise applications to use Okta cloud Identity solution while maintaining the existing CA SSO (aka Symantec SiteMinder) environment
• Managed multiple Okta tenants for different business units.
• Commissioned Okta AD and LDAP agents for delegated authentication with Okta
• Set up Okta to co-exist with CA SSO/SiteMinder and ADFS to use Okta MFA plugin in migration process
• Setting up SAML and OIDC applications in OKTA.
• Experience in customizing login pages using OKTA login widget.
• Manage Okta Profile editor for mapping user account from AD to Okta(Profile mapings)
• Managing users and groups Discovery scans Onboarding and offboarding accounts Policy modifications template modifications
• Manage Okta profile integrations to setup AD and Okta
• Configured and administered CA SiteMinder R12.52 SP3, R12.8 SP1 policy servers on windows 2008/2012 and RHEL
• Implemented Rest APIs using Spring framework
• Created policies, realms, rules, responses to protect application resources
• Setup Agentless Desktop Single Sign On (ADSSO) for enterprise application with Okta
• Configuring multiple custom authentication schemes for various application to use Forms based and Integrated Windows Authentication (IWA)
• Installed and Configured SiteMinder R12.52 web agents for Apache webserver 2.2.x and 2.4.x, IIS 7.0, 8.0 and 10.0 and Sun one iplanet Webs Server 6.0
• Set up Okta to co-exist and single sign on with SiteMinder.
• Supported multiple enterprise application to work with CA SSO, IDF connect and okta identity cloud
• Configured the Replication over Failover Suppliers and Consumers on Sun One directory server.
• Work with Software Development vendors to discuss the product compatibility and understand the complexity involved for implementation specific to the given scenario.
• Work with the security team to implement best security policies by manage user access and users privilege access
• Experience in Troubleshooting urgent priority tickets with minimum response time
• 24x7 production support with on-call rotation. Co-ordination of Stress & Performance Tests
• Troubleshooting and resolving issues in real time during the complete integration process and On-call Support (24x7)

Confidential, Atlanta, GA

CA SiteMinder Consultant

Responsibilities:

• Upgraded the SiteMinder Policy Servers from version R12.0 to R12.52 SP3.
• Installed, configured and administered CA SiteMinder Policy Server, Oracle Directory Server (LDAP) and Web agents on various platforms for a clustered and HA environment on WebSphere 8.5, JBOSS 6.4EAP and various Platform
• Involved in collecting the requirements, feasibility analysis and documentation for accomplishing the enterprise SSO.
• Installed and configured SiteMinder Policy Server 12.52 on UNIX/Windows environments
• Configured the Policy Domains, User Directories, Rules, Realms and Policies to protect web resources
• Experienced handling configuration changes using ping federation manager (Service provider)
• Implemented Load balancing and Clustering under SiteMinder for ensuring high availability in production environment
• Implemented Enterprise SSO security infrastructure using SiteMinder 6.0 and Sun ONE Directory Server 5.2 on multiple OS environment
• Worked on installation, configuration and fine-tuning applications integrate with SiteMinder
• Implemented a strong Authentication and Authorization framework for the well maintenance of the SSO environment by defining User Policies and Rules
• Opened tickets with CA (Computer Associates) related to bugs and issues
• Maintained and backed up the User Store, Key Store and Policy Store for upgrading
• Experience with Change management procedures and F5 Load balancing
• Determine the root cause, implement solutions, and apply patches to resolve authentication, authorization, and performance issues, as well as provide feedback to Computer Associates on Siteminder product bugs
• Coordinating with cross functional teams to configure SSO functionality and protect the resources
• 24x7 production on-call support. Expertise in Troubleshooting urgent/high priority tickets with minimum response time

Confidential, Omaha, NE

CA SiteMinder Consultant

Responsibilities:

• Installed and configured Policy servers and Policy Stores using CA Directory in Linux environment
• Installed and Configured Web Agent on Apache 2.2/2.4 web servers and configured the Proxy Connection with Tomcat Application Server
• Installed Web Agent Option pack for configuring the Federated Security Services and Webservices for Assertion generation and user identity between the partner sites
• Created SAML token for SSO between partner sites using CA Siteminder Federation
• Created System Objects, Policy Domain Objects and Global Objects in Siteminder Policy Server to protect the applications by validating the user against the user store on Directory Server
• Worked with the team architect to put together shell scripts for a seamless, script oriented object migration, backup and deployment
• Performance tuning for Siteminder to provide better response time, high availability and maximum throughput
• Fulfilled the very tight timeline goal of the client by building the entire working network of 9 Policy severs, 9 CA Directory Servers, 6 Apache Web Agents in a record time of 20days
• Acted as a Level-1 point of contact and support for all the project steps until the final stream lined cut over was achieved
• Worked on CA Siteminder SharePoint Agent
• Installed and configured CA Siteminder SharePoint Agent, including people picker

Confidential

Systems Analyst

Responsibilities:

• Working on more than 90% virtualized VMware environment / Windows Server in an enterprise environment. Virtualization monitoring and performance planning.
• Running patches and updates through update manager for the ESXi hosts.
• Administering Windows 2008 Active Directory, DNS, DHCP and building new windows physical/virtual servers as per the requirement of the project.
• Deploying security patches from Tivoli End point Manager.
• Checking for 100% compliance of the documentation.
• Responsible for OS upgrade, patching and migrations.
• Active Directory management, Group Policy administration, maintenance of DHCP, DNS and other application servers.
• Enforce domain security through Group Policy Administration, Active Directory Management.
• Creating & managing user accounts, e-mail accounts, managing user rights and permissions. Configure mail clients. Managing User & Group accounts and their access control.
• In place upgrade of Windows 2003 servers to Windows 2008 of physical and virtual machines.
• Create Active Directory users and groups, including delegating authority and applying permissions to various member servers’ nomenclature.
• Manage change requests for all environments using Change Management process.
• Performance tuning of Application and Server architecture for improved performance.
• Monitoring the end-user experience and create action plans to address connectivity or compatibility issues.
• Manage the coordination efforts of design & development, documentation, training and end-user support.