SUMMARY:

• 8+ years professional experience in Identity and Access Management
• Expertise in Installation, Configuration, Deployment and Maintenance of Site Minder Components like the Policy Server, Web Agent, ASA Agents, TAI Agents, Policy Store and Key Store.
• Expertise in implementing cross domain single sign - on using cookie provider
• Excellent trouble shooting skill set includes verifying various web agent and Site Minder logs and monitoring the health of the environment using One View Monitor
• Strong knowledge regarding delegation of the management of users and application access using CA Identity Manager R12. x. Experience in setting up SSO environments.
• Experience in configuring CA Secure Proxy Server to use as SSO and Federation Gateway for the application accessing from the internet.
• Experience in configuring multiple Site Minder Instances with Site Minder Federation/Option Pack (Ping Federate Equal)
• Experience in configuring Netegrity Site Minder 6.5/12 with WebLogic 6.0/8.1/9.2 and WebSphere Portal 6.0, Domino.
• Experience with using IDP and SP initiated SAML profiles with different binding methods like POST, Redirect to deliver a custom SSO environment as per the requirement
• Installation of CA Secure Proxy Server and enabled applications for SSO by creating the proxy rules
• Assist new applications with SSO integration, including configuring Secure Proxy Server configuration
• Excellent trouble shooting skills verifying web agent and SiteMinder logs and monitoring the environment
• Sound knowledge in creating and maintaining security policies for SiteMinder
• Experience in assisting Web Administrators, LDAP Administrators to determine what the best values for SiteMinder parameters and tune the system to boost SiteMinder performance in the Web Tier, the Application Tier, and the Data Tier
• Expertise in setting up integrated security access to the portal and Single Sign-On.
• Sound Knowledge in Installation, Configuration of the SiteMinder policy server, web-agents and application agents in a SSO Environment
• Expertise in installation/configuration of SiteMinder according to their suitable needs (platform).
• Experience in configuring multiple LDAP instances and defined LDAP Schemas.
• Solid Experience in Strong Authentication
• Configuring SSL in Apache and Web Logic servers
• Expert at RADIUS client configuration for Arcot to multiple Organizations
• Experience in implementation of CA Identity Manager Solution from scratch.

TECHNICAL SKILLS:

CA SSO Tools:  SiteMinder 5.x, 6.x- r12.0 SP1, r12.51, Web Agent 5.5, 6.0, 12.51

Application Servers:  BEA WebLogic 8.1 SP2, IBM WebSphere (WAS 5.x, 6.x)

Directory Servers:  Sun ONE Directory Server (5.1, 5.2), Microsoft Active Directory

Web Servers:  Apache (1.3.x, 2.2x), MS IIS (4.x, 5.x, 6.x), iPlanet (5.x, 6.x), IBM HTTP Server (1.x, 5.x, 6.x), JBoss EAP6.1-6.4

Web Browser Debugging Tools:  Fiddler, Fire Bug, IEHTTP Headers

Programming Languages:  .NET, JAVA, HTML, UNIX shell Scripting, XML, and PHP

Operating Systems:  Microsoft Windows Family, Solaris (8x, 9x, 10x), Red-Hat Linux

PROFESSIONAL EXPERIENCE:

Sr. IAM Consultant

Confidential, Dallas, TX

Responsibilities:

• Migration of policy server from SiteMinder 6.0 to 12.0 for Load balancing, and failover configuration of the Policy store
• Integrated SSO products such as Netegrity SiteMinder and Sun One LDAP with existing enterprise applications and middleware applications
• Integrated SAML 2.0 - Federation for BOX.com for both Internal and External users
• Performed the upgrade from SiteMinder version 6.5 to 12.0 in development, staging and production environments’. This included all web server agents, policy servers and Active Directory policy stores involving 1000 Plus applications
• Installed Ping SDK agents on the servers that do not support SAML or WS-FED for maintaining SSO between different realms of system security
• Installed, configured and integrated Web servers (plug-in file), SiteMinder Web agents and LDAP user directory with Web Sphere Application Server
• Worked on CA Secure Proxy Server to intercept the request and redirect to policy server.
• Installed & Configured SiteMinder  Policy stores, Key stores, User stores and Integrated with LDAP
• Implemented different vendors SSO using SAML 2.0 in CA Federation security services
• Worked on SAML1.1, SAML 2.0, SAML POST and Aircraft
• Performed Requirements Gathering for a Proof of Concept to be implemented into their environment in development for CA SiteMinder and Microsoft Active Directory server
• Monitored heartbeats and refresh rates for various components of SiteMinder
• Configured Node manager for administration of Managed servers
• Involved in troubleshooting of CA SiteMinder policy server, web agent and Active Directory issues.
• Proficiency in managing, maintaining, troubleshooting, and resolving issues in a 24x7 production environment to work under SSO environment
• Created, Maintained Policy server objects Agents, ACO, HCO, Domains, Rules, Realms, Policies, and Responses
• Analyzed SiteMinder logs on the policy server, enabled auditing to track suspicious activity and monitor the policy server
• Conduct capacity and performance planning of systems platforms. Perform various test and document results
• Maintaining all the Web Agents, logs, SSO applications and SiteMinder team's file system on all the Web Farm Apache servers in both the data centers
• Involved in installing, configuring and maintain the SiteMinder 6.0 infrastructure in our organization.
• Installed and configured agents in Dev, stage and production environments
• Worked on installing 6.0 agents on Apache, IIS. Worked on changing the policies and rules based on the application requirement
• Delivered new global enterprise SSO and LDAP architectures for development, staging and Production Environments
• Upgrade project plan and direction for SiteMinder version 12.0.
• Responsible for deploying enterprise applications from Admin console and enabling security using LTPA and LDAP for admin console and application components on AIX
• Day to day maintenance or Unix/Linux Servers and upkeep of existing server fleet, Update, test, and support software systems
• Installations and configurations of Broad Vision One-To-One Enterprise.
• Migrating Authminder from 7.1 to 8.1
• Rolled out 2 factor authentication for 1000+ users
• Perform Linux/Unix virtualization implementation, support and upgrades
• Design, configure, implement, and support Linux/Unix computing systems hardware and software infrastructure
• Perform Linux/Unix systems administration functions within a Red Hat Enterprise Server Linux systems environment

IAM Consultant

Confidential, San Jose, CA

• Configuring SSO for different applications in different domains with Cookie Provider and troubleshooting issues related to them.
• Working with Apache webhosting, Load balancer and LDAP teams to set up SSO for the intranet and internet applications.
• Enabling and analyzing trace logs for single user login issues.
• Installed, Configured and Managed SiteMinder 12.0 SP3
• Involved in Virtualization / Decommission of SiteMinder policy servers and SunOne LDAP servers across multiple data centers.
• Configured Dev/Test/PROD from 12.0 with 500+ web agents
• Involved in detailed setup for troubleshooting and implementation of support procedure.
• Defined and maintained Sun and Active Directory (LDAP) security models.
• Administered policy and user stores using the Sun ONE Directory servers while also providing redundancy and availability.
• Involved in Configuring SSL for high security of web application.
• Involved in troubleshooting of CA SiteMinder policy server, web agent and Active Directory issues
• Involved in the performance testing conducted by application teams with respect to SiteMinder Policy Server CPU utilization.
• Migration of IDM roles, policies. Migration of IDM environment settings, custom code.
• Create/update new IDM tasks for user management. Experience in implementation of Security Management tools in enterprise wide Applications to achieve Authentication, Authorization and Accountability
• Supported IBM Security Identity manager presentations and demonstrations as well as accomplished
• Defined monitoring, maintenance and capacity planning for SiteMinder policy servers.
• Designed processes for enterprise Active Directory user, group, printer, file share and password policy.
• Deployed installed and configured WSO2 product which includes troubleshooting, patching

Confidential Columbus, OH

• Designed the LDAP schema and replication to support SiteMinder Policy, User store and Key Store in highly available mode
• Involved in capacity planning, implementation of Oracle LDAP, SunOne Directory server, SiteMinder, i-planet webserver, IBM WebSphere server
• Implemented different authentication schemas to meet the application requirement
• Involved in monitoring and analyzing the web agent and policy server logs
• Involved in troubleshooting various issues related to SiteMinder
• Created Run books for better understanding of the infrastructure for future needs
• Implemented different vendors SSO using SAML 2.0 in CA Federation security services
• I provide technical leadership for a team of .NET developers for the custom components and Ping configuration
• Policy Server Optional Pack and Web Agent Optional Pack for Federation web services
• Troubleshooting issues with Single Sign On between cross-domains of decision and its affiliate organizations
• Support users with issues in AD, LDAP, or other internal proprietary systems

SiteMinder Developer

• Installation of Confidential, configuring the scenario for federation on development and Production environment and procuring Certificates PKI.
• Meta data Exchange and establishing Circle of Trust Creation (COT)
• Enabling SSL for IDP, SP Domains and for obtaining, Signing, Encryption Certificate from Certificate authority
• Attribute Exchange and Enabling Provisioning.
• Modifying the Clarity Application, to consume SAML 2.0 Assertion.
• Refining the Oracle DB store to fetch user information from IDP.
• Worked extensively on SMKeyTool, Fed Export and SM Objects.
• Worked with the CA Team to modify the SiteMinder FSS Product for a customer specific requirement i.e., incorporated a certificate in FSS SM key store with quotes in its Issuer DN.
• Federation partner onboarding and certification: Used FuGen MISP tools in a cloud/virtualized environment to create virtual scenarios, onboard, test, validate and certify the federation partnership
• Testing and On-Boarding users
• Generated FuGen MISP Validation report for the customer deployment profile.