Senior Security Engineer Resume
FL
SUMMARY
- Around 9 years of Professional experience in the IT industry with Identity/Access Management in implementation and providing Single Sign on across enterprise applications using Ping Federate, NetIQ's Access Manager, Active Directory Federation Service, CA Federation.
- Providing Single Sign on across enterprise applications using Ping Federate.
- Worked on Enterprise Users Single Sign On through browser and through services with third party application hosted in enterprise or cloud using Ping Federate, Ping One.
- Experience in design and development in IDM products like Sun Identity Manager.
- Installed and configured the WebLogic Admin,OIM and SOA managed servers in a single as well as multiple domains.
- Successfully implemented Web Access Management Solutions using Ping Access and other security products like CA Single Sign - On (CA Site Minder).
- Immense knowledge on provisioning, trusted/target reconciliation, user/roles, requests, adapters, scheduled jobs, application instance, design console.
- Installed and configured Ping Access servers, Gateways and Agent to protect the resources.
- Worked on Ping Access Integration with Ping federate to protect the applications using Ping Access Tokens.
- Installed and configured Oracle Identity and Access Manager11gR2 in high availability environment.
- Experience with single node and clustered implementations of IDM.
- Involved in upgrading the environment to newer versions majorly with Oracle Identity and Access Management systems.
- Part of team involved in installation and configuration of Enterprise SOA Suite on WebLogic stack, and Portal Servers, Oracle Service Bus Domains and Clusters. Developed Custom Adapters and Event Handlers.
- Experience in Replication, Chaining, Load Balancing and other Administration tasks involving Netegrity/CA Site-Minder Policy Server in both Production and Non-Production environments.
- Expertise in Developing, Configuration, Deployment, Troubleshooting and Management of Enterprise Applications for CA IDM, CA Site-Minder and CA e-trust Directory server.
- Solid understanding of Identity Access Management architecture and exposure to entire features of CA Site-Minder (Policy Servers & Web Agents), Ping-Federate 7.1.2 and later versions, Oracle Access Manager, ADFS.
- Working on the Identity Management service to enable client applications to manage identities such as users and roles.
- Involved in end-to-end implementation of IAM solution using Oracle's suite of Identity and Access Management.
- Experienced in Security Infrastructure Design, Authentication and Authorization and Business Application integration, custom-built security and technology frameworks.
- Ping Federate, ADFS, Ping Access.
- Deployed Ping One in Cloud and integrated with Ping federate on premise.
- Install/Deploy/Configure Oracle products, servers and domains related to OIM such as the WebLogic Admin, OIM and SOA managed servers.
- Extensively worked on OIM Connectors like Active Directory, ED, RSA, OID, OIF, Database User Management and Flat File.
- Working on the Identity Management service to enable client applications to manage identities such as users and roles.
- Involved in end-to-end implementation of IAM solution using Oracle's suite of Identity and Access Management.
- Proficient in Windows and Linux/Unix based environment setup and good knowledge on Linux commands and Shell scripting.
- Part of team involved in installation and configuration of Enterprise SOA Suite on WebLogic stack, and Portal Servers, Oracle Service Bus Domains and Clusters. Developed Custom Adapters and Event Handlers.
- Experience in Replication, Chaining, Load Balancing and other Administration tasks involving Netegrity/CA Site-Minder Policy Server in both Production and Non-Production environments.
- Expertise in Developing, Configuration, Deployment, Troubleshooting and Management of Enterprise Applications for CA IDM, CA Site-Minder and CA e-trust Directory server.
- Solid understanding of Identity Access Management architecture and exposure to entire features of CA Site-Minder (Policy Servers & Web Agents), Ping-Federate 7.1.2 and later versions, Oracle Access Manager, ADFS.
- Working on the Identity Management service to enable client applications to manage identities such as users and roles.
PROFESSIONAL EXPERIENCE
Senior Security Engineer
Confidential, FL
Responsibilities:
- Expertise in implementing SAML as both Identity Provider and Service Provider across multiple platforms Using SiteMinder and Ping Federate.
- Implemented OAuth to access the protected API with Access Token by using Different OAuth Grant types.
- Configured multi factor Authentication for internal applications using PingID.
- Worked on NetIQ Access Gateway to send all the traffic through a common proxy server and redirect to Resource Server.
- Developed custom Ping Agent using Ping SDK and Implemented SAML Protection with Digital Signature.
- Designed Sail point deployment activities, connector configuration, custom rule development, workflow configuration, development and third party system integration.
- Migrated existing Infrastructure of Guidewire products into cloud using Amazon AWS and its associated Services.
- Working as a part of Single Sign on team, Protecting Web applications with Standard/Custom Authentication Schemes and educating the application team about the flow of authentication and authorization.
- Designed, deployed and supported highly available and scalable Ping Federate infrastructure in AWS and On-premise that provides single-sign-on (SSO) and federation solutions for internal accesses.
- Worked in tuning the environment and setting up High availability with LDAP and Access manager. Implemented Single Sign-On using SiteMinder on single/multiple cookie domains for Web applications and integrated SSO with SunOne LDAP and MS Active Directory and e-Directory. This also includes Federation both inbound and outbound using SAML 2.0.
- Experienced in migrating NetIQ Access Manager to Ping Federate..
- Experience in Sail point tool customization, Report Generation, Integration with end/target systems, Sail point API's and Application Development.
- Designed and implemented a level2 approval workflow for self-service access requests.
- Troubleshooting and often restarting the servers.
- Integrated five home grown applications with OIM with disconnected way of provisioning using SOA.
- Configured BI publisher to run different kind of reports. Also developed custom reports to meet clients.
- Experience in Sail point tool customization, Report Generation, Integration with end/target systems, Sail point API's and Application Development.
- Creating a single sign on deployments for system administrators and application target.
- Working with the client to know all the requirements in order to customize the OIM and OAM consoles by creating sandboxes.
- Primarily responsible for the Adobe's Identity (Federation, Directory), Identity Management Automation and web security. Technically, this includes "ForgeRock OpenAM" Customization (Basic Java programming), OpenAM deployment and configuration, Red-Hat Directory Server 8.0/9.0, Legacy Sun OpenSSO / ForgeRock OpenAM, Active Directory and Sun LDAP (5.2/6.3.1/7.0 ) environments at Adobe.
- Creating domains of all the products. Also creating schemas and running them using the repository creation utility.
- Troubleshoot and Monitor OIM, OAM, & OID logs to fix performance issues.
- Hands on Oracle Business Intelligence Enterprise Edition 11g.
- Created an OAM Web Gate in SELinux environment.
- Developed OIM connectors (SOAP, LDAP, ERP) to support LDAP and manual-workflow systems.
- Integration of applications/target resources so that end user can make request or any ID Admin using OIM 11g R2 (a new UI based shopping cart based has been introduced) can request any catalog type item which includes roles, resources, entitlements or all clubbed together in a profile (Save as profile feature) & after approval end user will get target application access.
- Worked on service management E-business suite.
- Creating and deploying BI publisher schema into the Oracle Identity Manager Repository database.
- Had meetings with clients during the QA environment to discuss that the tools deployed are perfectly running without any bugs.
- Having control over the products performance and up/down of products using the Oracle Enterprise.
Environment: /Tools: SiteMinder, Ping Federate, Ping-federate 7.1, SAML 2.0, SAML1.1, WebLogic, Webgate, SSO,OIM 11gR2 PS2, OIM 11gR2 PS3, OBIEE 11g, Active Directory, OUD, Linux
IAM Engineer
Confidential, NY
Responsibilities:
- Understanding of automated account provisioning environments architecture, components and inter-dependences to drive improved efficiencies and effective changes
- Worked with application and entitlement owners to collect data using the automated manual means.
- Worked on documenting & facilitating detailed user acceptance & business focused test cases leveraging gathered requirements
- Install, integrate, configure, and deploy IAM solutions and systems to facilitate User Life-Cycle Management, Identity and Access Governance, Automated Provisioning, Single Sign-On, Federation, Privileged Account Management
- Integrated IDM with CA SSO, Providing Authentication and Authorization to IDM
- Developed multiple Policy Xpress to trigger on various tasks.
- Configured System objects like Agents, Agent Conf Objects, Host Conf Objects, User Directories, Domains, Administrators and Schemas
- Work on implementing and supporting SAML-based Federation technologies and Active Directory Federated
- Experience in SAML based authentication SiteMinder Federation and integrate with SiteMinder authentication and other adapter.
- Worked on creating the Account Templates, creating the Provisioning Role, Creating the Account on the Endpoint.
- Worked on setting up remote task to IDM through Web services calls from EFI front-end applications via Task Execution Web Service (TEWS).
- Improvised Logical Attribute Handlers, BLTH modules using CA identity manager API's
- Migrated passwords from legacy application to IDM capturing the last password change date.
- Good experience in setting up Bulk Load Clients and automating different IDM tasks
- Worked on Managing the Identity Policies which includes (Profile, Polices, Owners)
- Worked on Creating the Policy Xpress Policy for Disabling / Enabling the User, worked on Enabling / Disabling the Email Notification
- Build and Configure IAM/IDM Product in-built tasks like aggregation, ID refresh, schedule tasks, correlation, etc
- Worked on Creating the Roles and Tasks (Admin Roles, Admin Tasks, Access Roles and Provisioning Roles)
- Responsible for exploring and correlating users from various endpoints
- Good experience in analyzing SiteMinder logs, IDM application server logs, provisioning server logs to troubleshoot various authentication/endpoint related issues
- Created and maintained attribute mapping document from IDM to all the managed endpoints
Environment: /Tools:CA IDM 14.2 Suite, CA Identity Portal, CD Identity Governance, Oracle Directory Service 11g, Ping Federate, Ping Access, Ping OAuth, CA SiteMinder, CA Directory Server, WinSCP, Java, SQL Queries, Scripting languages, JBoss v6.3, Linux, CA Wily Enterprise Monitor, Windows Server 2003/2008/2010
Siteminder Admin
Confidential, IL
Responsibilities:
- Installed, configured and upgraded CA Siteminder Policy Server 6.0SP6 to r12SP3
- Applied operating system patches to Siteminder according to the system requirements to resolve authentication, authorization, and performance issues.
- Creation of trusted hosts, host configuration objects, agents, agent groups, and agent configuration objects, and implementation of trusted host registrations
- Creation of application based Domains, Realms, Rules, Policies and Responses.
- Implementation of SSO and authentication services using CA SiteMinder.
- Involved in capacity planning in terms of hardware and user load for CA Siteminder policy server.
- Designed and implemented user authentication, web security and security solutions.
- Created strategies for backup and recovery of Siteminder environment.
- Configured SAML affiliate agents on the web servers designated for affiliate customers.
- Created Identity Provider and Service Provider policies for SAML2.0 Post Federation Assertions.
- Extensively created documents on Root Cause Analysis and the solutions implemented.
- Experience in Troubleshooting urgent priority tickets with minimum response time
Environment: /Tools:CA Siteminder 6.0SP6/r12SP3, Windows Server 2003/2008, Microsoft IIS 6.0/7.0, Apache 2.x, SAML.
Java Developer
Confidential
Responsibilities:
- Involved in developing the UI pages using HTML, DHTML, CSS, JavaScript, JSON, JQuery, Ajax.
- Developed core business logic implementation in Java / J2EE.
- Involvement in the use cases, development of OOAD and modeling, which involved in class diagrams and Object Diagrams using UML.
- Developed JSPs and Servlets to dynamically generate HTML and display the data to the client side.
- Extensively used JSP tag libraries.
- Work with team of developers on Java applications for RISK management.
- Generated property list for every application dynamically using JAVA.
- Developed user interface using CSS, HTML, JavaScript and JQuery.
- Handled all the client side validation using JavaScript.
- Creating unit test/regression test framework for working/new code.
- Followed the Agile and Scrum development methodologies.
- Integrated the Java code (API) in JSP Pages.
- Involved in writing test cases using JUNIT.
- Extensively used Eclipse while writing code for JSPs and Servlets.
- Deployed the application in Tomcat server.
- Used JQuery core library functions for the logical implementation part at client side for all the application.
- Debug the application using Firebug to traverse the documents and manipulated the Nodes using DOM and DOM Functions using Firefox and IE Developer Tool bar for IE.
- Involved in developing HTML and JavaScript for client side presentation and data validation on the client side with in the forms.
- Involved in writing SQL Queries, Stored Procedures.
Environment: /Tools: Java, JSP, Servlets, Java Script, CSS, HTML, XML, CSS, JUNIT, Apache Web Server, Tomcat Server, and MySQL.