SUMMARY

• Overall 9+ years of strong experience in Web and Network Security in administration and Installation, Configuration, Deploying, Troubleshooting and Migrating of OKTA, CyberArk, Azure AD, ADFS, Active Directory, Oracle database, Unified Access Gateway on AIX, Solaris, Linux, HP - UX and Windows servers on Development, Testing and Production Environments.
• Experience in Identity & Access Management Solution including Single Sign On.
• Experience in administrating OKTA and providing support to OKTA clients
• Supported operations & maintenance of SailPoint and LDAP connectivity and experience with directories like LDAP, Active Directory (AD) using Web Services.
• Experience in Oracle Identity Manager and Oracle Identity Analytics integration for Role Based Provisioning.
• Integrated the Identity data and controlling the models for risk and roles in the Identity Access and Management processes.
• Involved in governing Identity and Access Governance including Role Based Access Control, Access Request and Certification.
• Hands-on experience in SailPoint certifications like Manager, Advanced and Account Group Permissions with Delegation Rules.
• Integrated the Identity data and controlling the models for risk and roles in the Identity Access and Management processes.
• Involved in governing Identity and Access Governance including Role Based Access Control, Access Request and Certification.
• Hands-on experience in SailPoint certifications like Manager, Advanced and Account Group Permissions with Delegation Rules.
• Experience in administration of User and Role Provisioning, Connectors, Workflow, Certificate Management, Session Management, Encryption technologies and directories like LDAP, MS Active Directory.
• Experience in SailPoint tool Customization, Report Generation, Integration with end/target systems, SailPoint API's and Application Development.
• Experience in integration with OKTA and Worked on Multifactor Authentication Using OKTA
• Integrated Workday using OKTA SSO.
• Managed day to day activities creating and managing OKTA policies and creating and managing OKTA application provisioning and user provisioning.
• SaaS Solution implementation, customization and support, Implement SaaS solution for customer
• Experience in configuring Pingone to enable pingID
• Implemented and configured both IDP and SP connection using pingfederate (SAML)
• Demonstrated the capabilities in understanding clients' business environment and map the requirements into IAM solutions and proactively suggest alternatives as and when required
• Experienced in administrating OKTA and providing support to OKTA
• Experience in integrating OKTA with Active Directory
• Enabled SSO for Cloud application like Salesforce, Office 365 using OKTA
• Experience with OKTA API's; Setting up OKTA API tokens.
• Managed day to day activities creating and managing OKTA policies and creating and managing OKTA application, including SAML, and SWA applications.
• Experienced in the design and implementation of sign-on solution based on SAML and ODBC.
• Experience with SCCM 2012 R2, Office 365, Exchange 2010
• Strong understanding of common IAM protocols and standards such as OATH, SAML, JWT, SCIM, RBAC
• Knowledge of solution protocols, including SSL/TLS, HTTP, SAML, Kerberos, S/MIME, SCIM, and oAuth
• Experience as OKTA Admin.
• Played an active role in the execution of the project and demonstrated strong technical leadership skills.
• Experienced in administrating OKTA and providing support to OKTA clients
• Experienced in integration Experience in integrating OKTA with Active Directory.
• Worked on Ticketing tools like BMC Remedy, Service now, HP Service Manager
• Hands on experience in working on SDK integration kits which include Open Token method and Agentless Integration Kit for performing IDP and SP adapter processing.
• Good Knowledge on IBM security verify Access and Governance.
• Provided On-call coverage and demanding 24x7 production supports.

TECHNICAL SKILLS

Application and Web servers: IBM WebSphere Application Server 6.x/7.x/8.x, JBoss Application servers 5.x/6.x/7.x, Tomcat Application server 5.5, Oracle WebLogic 8.x/10.x/12.x, IBM HTTP Webserver, Microsoft IIS, Apache Webserver.

Cloud Technologies: SAAS, Azure,AWS,OKTA

Security: OKTA, PingFederate 7.x/6.x/5.x/4.x, PingAccess 4.x/3.x, PingOne 2.x, CA Identity Manager 12.x, CA SiteMinder 6.x/12.x, ADFS and UAG 2010.

Directories: Azure AD, Oracle Internet Directory 10g/11g PS2, Oracle Virtual Directory 10g/11g PS2, Oracle Unified Directory 11g PS2, Active Directory, Directory server 12.x/11.x, Sun ONE Directory Server 5.X/6.X, IBM Tivoli directory server 5.x/6.x

Monitoring Tools: CA Wily, Tivoli Performance Viewer, Thread Analyzer, Log Analyzer, Introscope, Splunk, JON 2.x/3.x

Database: Oracle, Microsoft SQL and IBM DB2.

Networking and Protocols: TCP/IP, Telnet, HTTP, HTTPS, FTP, SNMP, LDAP, DNS, SSL, SOAP, MSXML, ASPX.

Hardware / OS: Windows, Linux, AIX, Solaris, HP UX, MacOS.

Languages: C, C++, JAVA, .Net.

PROFESSIONAL EXPERIENCE

Confidential, New York

Sr. IAM Engineer

Responsibilities:

• Experience in Identity & Access Management Solution including Single Sign On.
• Experience in administrating OKTA and providing support to OKTA clients
• Configured ISAM Runtime Component on the Appliance
• Configured ISAM Federated User Registry using Security Directory Server and enabled basic user support
• Experience in integration with OKTA
• Worked on Multifactor Authentication Using OKTA
• Integrated Workday using OKTA SSO.
• The framework for New Hire Onboarding and Off Boarding Process via Workday as a Master using Okta.
• Design secure solution for moving program data from on premise locations and applications to Office 365 for dashboards and business intelligence.
• Create, DR runbooks, SOP runbooks, workflows, and applications, lists as needed.
• Supported operations & maintenance of SailPoint and LDAP connectivity and experience with directories like LDAP, Active Directory (AD) using Web Services.
• Experience in Oracle Identity Manager and Oracle Identity Analytics integration for Role Based Provisioning.
• Experience in Migration from on- Prem ISAM to OKTA Cloud
• Involved in configuring OAuth2.0 for SCIM API Configuration.
• Integrated the Identity data and controlling the models for risk and roles in the Identity Access and Management processes.
• Involved in governing Identity and Access Governance including Role Based Access Control, Access Request and Certification.
• Installed, Configured, Designed and implemented SailPoint Identity IQ.
• Worked on developing user provisioning and deprovisioning workflows, aggregation, tasks, rules and roles in SailPoint IIQ.
• Involved in upgrading SailPoint from 6.4 and in installation of SailPoint IIQ in various environments like UNIX and Windows.
• Involved in building, testing, supporting and determining SailPoint Identity IQ Solution design.
• Worked on onboarding connectors like Active Directory, LDAP and other Out of the Box connectors, UNIX and Outlook Office 365.
• Consult and configure access management policies for customer applications using enterprise level identity management tools.
• Worked on leading IAM concepts such as Least Privilege, Privileged Access, Roles and Data Mining, Segregation of Duty and Role Based Access Control (RBAC).
• Extensively worked on identifying, analyzing, and resolving defects and issues with SailPoint IIQ.
• Migration and Configuration of pingfederate from 7.X, 8.x, to 9.X on Linux Services
• Strong understanding of common IAM protocols and standards such as OATH, SAML, JWT, SCIM, RBAC
• Knowledge of solution protocols, including SSL/TLS, HTTP, SAML, Kerberos, S/MIME, SCIM, and oAuth
• Hands-on experience in SailPoint certifications like Manager, Advanced and Account Group Permissions with Delegation Rules.
• Designing the framework for New Hire Onboarding and Off Boarding Process via Workday as a Master using Okta
• Streamlined and Automated the New Hire Onboarding and Off Boarding Process via Workday/Okta/AD, it was popularly known as 'One Click On-Boarding/Off-Boarding'.
• The framework also included Provisioning/Deprovisioning of SaaS base applications
• Designed and implemented Okta SSO and Okta MDM from ground up with 150+ SAML/SaaS applications.
• Worked with more than 40 different groups to integrate their applications to SSO.
• Streamlined and Automated the New Hire Onboarding and Off Boarding Process via Okta/AD, it was popularly known as 'One Click On-Boarding/Off-Boarding'.
• The framework also included Provisioning/Deprovisioning of SaaS base applications.
• Experienced in administrating OKTA and providing support to OKTA
• Experienced in multiple integrations with OKTA.
• Experience in integrating OKTA with Active Directory.
• Experience with OKTA API's; Setting up. OKTA API tokens.
• Working knowledge of standard infrastructure tools (DHCP, DNS, NTP, SYSLOG, SSH, SFTP, GPO, etc.)
• Actively involved in the SEP patching process and Implementation plan for all servers.
• Experience with SCCM 2012 R2, Office 365, Exchange 2010
• Experience with OKTA, ADFS and certificate and domain management
• Managed day to day activities creating and managing OKTA policies and creating and managing OKTA application, including SAML, and SWA applications.
• Experienced in the design and implementation of sign-on solution based on SAML and ODBC.
• Minor development experience on Python in PYcharm also with Workato.
• Senior understanding of Active Directory, Azure Active Directory and ADFS

Environment: Pingfederate8.x,7.x,6.x,PingAccess 3.x,4.x, PingOne 2.x, CA IdentiyMinder 12.x, Netegrity/CA SiteMinder Policy Server 6.0/12.0, JDK 1.6/1.7, J2EE, JDBC, XML, SAML 2.0, CA SiteMinder 5.X/6.X,12.X, AWS, Sun ONE Directory Server, Microsoft Active Directory, Azure AD, ADFS,IBM WebSphere application Server 8.x/7.x/6.x,Apache 2.0, Wily Introscope 7.0/7.2, Solaris 8/9/10, Windows 2000/2003, Oracle 10g/11g, SQL Server 2005,2008,2012, DB2 8.x.

Confidential, Los Angeles, LA

ISAM Engineer

Responsibilities:

• Using Local Management Interface (LMI) of the appliance successfully created and modified Reverse Proxy Instance
• Configured ISAM Runtime Component on the Appliance
• Created SAML 2.0 Identity Provider and Service Provider federation
• Uploaded keystore files as well as mapping rules for both Identity Provider and Service Provider.
• Exported meta-data for Identity Provider and Service Provider partners for seamless communication between Idp and SP
• Installed and configured of IBM Security Access Manager 9x, and various components like WebSEAL, Policy Server, Authorization Server, IBM Security Directory Server
• Configured ISAM Federated User Registry using Security Directory Server and enabled basic user support
• Created virtual host, mutual auth junctions, attached ACLs passing customized attributes in the HTTP/HTTPs header
• Configured federations using SAML 2.0 and OpenID, using implicit flow and added partner

Environment: Pingfederate 3.x/4.x/5.x,CA SiteMinder 6.x, CA IdentiyMinder 12.x, AWS, Microsoft Active Directory, CA Directory UAM, Oracle Weblogic Application Server, Sun ONE Directory Server 5.1, RACF, Sun ONE Webserver 6.1, Netegrity SiteMinder Policy Server 6.0.

Confidential

WebSphere Administrator

Responsibilities:

• Strong Knowledge in Incident management, change management, problem management for IBM WebSphere Application server, WebSphere MQ, WebSphere Message Broker, IBM HTTP Server, Portal on Multiple platforms.
• Build and maintained the complex environments with applications implemented for architecture involving WebSphere, MQ series, Broker, Portal.
• Implement horizontal and vertical Clustering of WebSphere Application Server (WAS) in a workload-managed cluster involved modeling and cloning services in WAS 6.1/7.0.
• Worked on major migrations like WAS 6.0,6.1 & 7.0 and co-ordinate with MQ team on WebSphere MQ 5.3 to 6.0
• Participated in the Migration Process Includes Installation, Configuration from 6.1 to 7.0.
• Building issuances for install/update/un-install of existing and new applications.
• Participated in meetings with project team and performance team to discuss requirements and help them with analyzing the load and fine-tune the JVMs depending on the estimated load.
• Worked on procedures and knowledge items for 1st level support.
• Expert in Monitor the health of JVM using HP dig and take appropriate recovery actions in case a JVM going bad and Track the CPU and memory usage of JVMs and take necessary steps for recovery.
• Wrote scripts for restarting JVMs/deployment managers when they are OOM, monitor CPU usage and swap usage.
• Worked with MQ 3rd level in developing scripts to start/stop MQ, installing MQ in Linux servers and windows servers.
• Worked with WAS 3rd level in developing scripts that are capable of installing, uninstalling and updating applications.
• Troubleshooting and debugging WMB messages flows using Trace nodes, flow debugger and error handling nodes.
• Shell scripting of MQ/Broker issuances and for daily activities on AIX and Linux
• Hands on experience in using WebSphere message broker toolkit to build the execution groups and deploying the broker flows.

Environment: Websphere Application Server 5.x/6.0/6.1, Websphere Portal Server 5.1/6.0, Process Server 5.1/6.0, WebSphere MQSeries v 5.3/6.0, JSPs, Servlets, XML.

Confidential

UNIX Administrator

Responsibilities:

• Perform proactive monitoring for high availability, System data protection, backup and restore, UNIX central authentication, user account management, disk storage management, hardware and OS maintenance, and application maintenance.
• Maintain UNIX infrastructure environment at NYCHA datacenters during business hours and off-hours; troubleshoot Solaris networking services and protocols: TCP/IP, NIS, DNS, NFS, LDAP, FTP, SSH, SMTP, SNMP, SSL, and HTTP.
• Install, configure, and maintain UNIX server equipment, disk arrays, tape libraries, virtual tape libraries and terminal servers; UNIX routine operation functions; maintain high end UNIX servers E25K and current and new UNIX projects.
• Provide data protection, recovery and business continuity; test and validate disaster recovery and business continuity methods in UNIX environment.
• Perform routine backup and recovery for data protection and integrity for 150 UNIX servers; monitor UNIX infrastructure which consists of complex sets of equipment and system software; provide proactive remediation.
• Perform proactive monitoring for high availability, System data protection, backup and restore, UNIX central authentication, user account management, disk storage management, hardware and OS maintenance, and application maintenance.

Environment: Solaris 9/10, Red Hat Linux 5.0, Cent OS VxFS, VxVM, SVM.