PROFESSIONAL SUMMARY:

• 8+ years of experience in employing Identity and Access Management solutions by using TIM and TAM and also in administration of medium and large E - Business and Integration Infrastructures.
• Performed installation of ISIM.
• Virtual Machines in Development and Test Environments. Have loaded firmware images onto the Virtual Appliances.
• Expertise in core IAM Implementations with business engagement, Environment discovery process, Application On boarding, Certifications, provisioning and Life Cycle management for various applications for a large user groups.
• Very good understanding in the various IAM modules such as Identity Management, Identity Governance, Access Management and Life Cycle Management.
• Working Knowledge on creating PIM reports.
• Using new Privileged Session Gateway function to support agent-less access to shared credentials, in addition to the existing agent-based and manual credential access, providing users greater flexibility in choosing privileged activity controls.
• Provides centralized privileged identity management to address insider threats, improve control and reduce risk.
• Provides automated password management and single sign-on to protect access to enterprise resources.
• Maintain RACF databases for several clients from Delivery center.
• Administered DB2 authority access and security controls including secondary authorizations and RACF groups
• Experience in designing, development, deployment, migration and implementing Security and Infrastructure solutions using CASSO/Siteminder r12.52 SP2 CR1, Sun ONE Directory Server (LDAP) … earlier
• Knowledge on HP fortify and HIPAA
• Expertise in implementing ISAM 9.0 on a VMWare/ESXi environment.
• Experience in installing,Configuring ISAM 9.0 and SDS 6.4
• Configured Appliances and ensure connectivity setup between various components like LDAP, Policy Server, Authorization Server, and Advanced Access Control (AAC).
• Created Standard, Transparent & Virtual Host Junctions to enterprise backend applications. Defined the required access control leveraging ACLs, POPs and Authorization Rules (Authz) Rules using pdadmin and web interfaces. Familiarity with REST endpoint to set up the same in ISAM.
• Involved in gathering user requirements, detailed design, testing, and implementation, troubleshooting, and documenting using a waterfall methodology.
• Involved in designing and technical implementation included Portal based self-registration & delegation, Federated Identity Management & single sign-on between business partners via SAML, electronic online billing & payment system, data encryption between business partners, and integrating MANY commercial and custom applications with Web SEAL (Tivoli Access Manager) as Application Integration Specialist
• Use IBM Tivoli Directory Integrator (TDI) to build a simulated LDAP server adapter
• Performed provisioning on user accounts on a test service using ISIM LDAP server adapter
• Performed modify, provision, de-provision & listing existing user accounts using ISIM Ldap adapters.
• Manage various webseal instances (external & internal) from the Operations perspective. Perform start/stop/restarts of webseal instances during the support hours as required.
• Configuring various objects to pass additional attributes from LDAP through WebSEAL to the backend web applications.
• Debugging WebSEAL using pdweb, debug and request.log files.
• Creating Identities and accounts for various, setting up roles, Assigning users to various roles in ITIM. Modifying provisioning policies for adding additional groups for provisioning.
• The Security solutions / capabilities that we designed as team lead included desktop single sign-on via SPNEGO, centralized logging & reporting, access management via Role Based Access Control (RBAC), customized authentication via external authentication interface (EAI), and web based single sign-on between Web SEAL, Portal, and backend apps.
• All designs & implementations included automated provisioning via Tivoli Identity Manager using adapters and developing custom Tivoli Directory Integrator (TDI) to multiple endpoints including Active Directory (AD), LDAP, Tivoli Access Manager, and databases.
• Strong team player and effective individual with an ability to adapt to new technologies quickly
• Strong work ethic with desire to succeed and make significant contributions to the organization

Functional Domains: Justice Network, Health Care, Mobile apps.

Security IAM tools: IBM Security Identity Manager (ISIM v6.0) IBM Tivoli Directory Integrator (ITDI 7.1.1), LDAP - IBM Directory Server IDS (IDS v6.3), Sun One Directory Server 6.0, Windows AD, IBM Tivoli Access Manager (TAM v5.1, 6.0), ISIM 6.x, ISAM 8.x, 9.0 ISDS and TFIM (Tivoli Federated Identity Manager).

Languages: Java, JavaScript, C/C++, Perl, SQL & PL/SQL, Shell Scripts

Scripting Languages: UNIX Shell (Korn, C, Bash) Scripts, JavaScript

Application/Web Servers: WebLogic 8.x, 9x, 10x, WebSphere 6x, 7x, Apache Tomcat, IBM HTTPS, IIS 5, 6, Vmware

Databases: DB2, MS SQL Server2012, Oracle /8.x/9i

Operating Systems: Windows, Linux, IBM AIX

PROJECTS EXPERIENCE:

Confidential, Princeton/ NJ

Sr. IAM Consultant

Responsibilities:

• Primary responsibilities in the project included overall Installation, Support, and Development of new tools to enhance productivity and overall performance of the ITIM systems.
• Played a key role in design, deployment and testing of IBM Security IAM suite providing efficient user management through an innovative, enterprise-wide automated provisioning system.
• Involved in migration of ITIM 5.1 to ISIM v6.0, TAM 6.1 to ISAM 8
• Expertise in managing SSL Certificates on different OS Servers.
• Good Knowledge on how to implement security solutions in multi-tier architecture.
• Experienced in configuring IDS webapp tool for admin management.
• Experienced in implementing enhanced authentication web services for multi-factor authentication
• Involved in implementation of Tivoli Directory Server 6.3.
• Configured, administered and monitored ITDS LDAP replication topology.
• Worked on different parsers.
• Creation of assembly line hooks and connector hooks.
• Worked closely with Incident Management and other Problem Management teams and Perform incident resolution for WebSphere Application Server and for WebSphere MQ
• Led the successful customization of ISIM based IAM solution for the client's specific requirements to integrate and support exchange 2013 and also worked on the upgrade of IAM technology stack from ITIM 5.1 to ISIM 6.0
• Set up LDAP authentication using Apache DS and integrate with state cloud solution to improve the overall security for the client.
• Strong Java Script development skills.
• Wrote custom operations in ISIM and maintaining existing java script code base in ISIM.
• Led z/OS 1.13 upgrade from 1.12
• Excellent Enhancements, Troubleshooting and Support Skills of ITIM, TAM, ISAM and its Inter dependent components (like IBM Tivoli Directory Server, IBM Tivoli Directory Integrator, IBM HTTP Server, WebSEAL Server and Policy Server).
• Creating Identities and accounts for various, setting up roles, Assigning users to various roles in ITIM. Modified provisioned policies for adding additional groups for provisioning.
• Configured Password Policy to change Repeated history length with respective to client requirement.

Environment: IBM Security Identity Manager 6.0.0.3, Apache Directory Studio, Active Directory, LDAP, IBM security Directory Integrator, ISAM 8.0, IBM Security Directory Server Adaptors.

Confidential, Columbus/OH

IAM Consultant

Responsibilities:

• Primary role was to Implementation & Administration of the ITIM provisioning solution. (ISIM 6.x)
• Technical Requirement Gathering: was responsible for gathering the user provisioning requirement for all the end points of ITIM
• Selection, installation and configuration of End Point Agents for ITIM
• Used IDI scripts for Batch and real time attribute sync
• Used IDI script to notify users of password expiration date
• Developed IDI scripts, Provisioning Policies, Organization roles, Oracle database objects, ITIM groups, ACIs, Work Flows, Sub forms, Life Cycle rules
• Used ADSI services to enumerate and manage the resources in a directory service (add, delete, and modify users, groups and permissions).
• Configuration and Administration of ITIM -
• Design org tree structure
• Create provisioning and de-provisioning policies
• Implementation of id policies, password policies
• ACI
• Reconciliation
• Password Synchronization
• Service definition for End Point Agents
• Workflows
• Wrote the crontab scripts for automated recycle of ITIM application and log rotation.
• Installed and configured TAM 6.x
• Created ACL, POPs, proxy server and web seal junctions
• Configured single sign on solutions for many applications.
• Provided trouble-shooting and configuration of Web SEAL and all components with-in the TAMe/Identity Management space

Environment: IBM Security Identity Manager (ISIM v 6.0), IBM Security Access Manager (ISAM v 7.0, 8.0), IBM Tivoli Directory integrator (ITDI v 7.1.1) IBM security directory server (ISDS). Tivoli Federated Identity Manager (TFIM v6.1), IBM Web Sphere, IBM Directory Server IDS LDAP, ADFS (Active Directory Federation Server), Planet LDAP, SSIS, TSM, Lotus Notes.

Confidential, Austin, TX

Tivoli Identity Manager

Responsibilities:

• Involved in design, implementation of ITIM / TAM solution
• Designed and assisted with review with Tivoli Identity Manager 4.6.
• Installation and configuration of multiple instances of ITIM / TA
• Installation and configuration of multiple instances of WebSphere
• Installation and configuration of LDAP - IBM Directory Server.
• Installation and configuration of multiple instances IDI
• Configuration and Administration of ITIM
• Create provisioning and de-provisioning policies
• Tivoli Workload Scheduler Implementation, migration, RACF
• RACF Administration, including installation, customization, upgrades
• Implementation of id policies, password policies
• Implementing Replication process in Tivoli Identity Manager (TIM)
• Design / customize Workflows
• Wrote the crontab scripts for automated recycle of ITIM
• Provided trouble-shooting and configuration of Web SEAL and all components with-in the TAMe/Identity Management space
• Supported environments across multiple geographies. Represented client Confidential all executive and technical/development meetings both on-site and off.
• Provide architecture review for client's applications, documents and install processes.
• Provide clients with recommendation and systems best practices documents.
• Documentation and internal training of said products for smooth transition of ownership.
• Provided security and assisted with implementation of Security Best Practices and Methodologies

Environment: Tivoli Identity Manager (ITIM v4.6), Tivoli Access manager (ITAM v6.0),ISAM 8.0 IBM Web Sphere 5.1.x/6.0.2, IBM Directory Server IDS LDAP, IBM Directory integrator (IDI), Active Directory, Windows.

Confidential, Mountain View/ CA

Security Consultant

Responsibilities:

• Primary responsibilities include Installation and configuration of multiple instances of ITIM, Web Sphere, LDAP - IBM Directory Server and IDI
• Configuration of ITIM agents for multiple end points (AD, Sun OneLDAP and TAM/GSO)
• Configuration and Administration of ITIM
• Design org tree structure
• Create provisioning and de-provisioning policies
• Implementation of id policies and password policies
• Reconciliation
• Service definition for End point Agents and Workflows
• Password Synchronization
• ACL, POPs and proxy server
• Created web seal junctions
• Used IDI scripts for Batch and real time attribute sync
• Used IDI script to notify users of password expiration date
• Developed IDI scripts, Provisioning Policies, Organization roles, Oracle database objects, ITIM groups, ACIs, Work Flows, Sub forms, Life Cycle rules
• Used ADSI services to enumerate and manage the resources in a directory service (add, delete, and modify users, groups and permissions).
• Resolved Ad Initial load problem
• Resolved duplicate same account names during the provisioning period.
• Created AD default groups based on the employee type during the provisioning period using JavaScript.
• Created groups for corporate LDAP using ITIM and IDI.
• Created custom adaptor for ACF2 using IDI.
• Created add, delete and modify person using ITIM APIs for other Applications (Real-time changes).
• Provided trouble-shooting for ITIM, FIM and WAS.

Environment: Tivoli Identity Manager 4.x, 5.x, Tivoli Access Manager 6.x, Tivoli Directory Server 6.x and Tivoli Directory Integrator 6.x,7.x, Web Sphere Portal 7.x, Web Sphere Application Server 6.x,7.x,8.x Web Sphere Process Server 7.x, IBM Http server 7.xJSF, Java/J2EE

Confidential, Burbank/CA

Server Administrator

Responsibilities:

• Responsible for the design, implementation and support of physical and virtual infrastructure and application system related services in a fast paced, environment.
• Implementation and Support and file restores using IBM Tivoli Storage Manager.
• Assumed automation expert role and wrote scripts to regularly configure over number of servers in hours rather than over a few months.
• Developed maintenance and health script using shell.
• Install, migrate and tune directory server.
• Participate in design and analysis of day to day production related issues.
• Applied fix packs and Java Updates
• Worked on day-to-day issues related to user identities.

Environment: TIM 4.6, TDS 5.2/6.0, DB2, AIX, WAS 5.x