SUMMARY:

• Around 8+ years of experience in Information Technology in implementation and providing Single Sign on across enterprise applications using Ping Federate, NetIQ's Access Manager, Active Directory Federation Service, CA Federation.
• Worked on implementation of Novell/NetIQ's e - Directory, Identity Manager, i-Manager
• Worked on Enterprise Users Single Sign On through browser and through services with third party application hosted in enterprise or cloud using Ping Federate, Ping One.
• Upgraded Ping Federate from Version 7.1.1 to 7.3.
• Installed and Configured Ping Federate.
• Expertise in implementing SAML as both Identity Provider and Service Provider across multiple platforms Using SiteMinder and Ping Federate.
• Implemented OAuth to access the protected API with Access Token by using Different OAuth Grant types.
• Configured multi factor Authentication for internal applications using PingID.
• Worked on NetIQ Access Gateway to send all the traffic through a common proxy server and redirect to Resource Server.
• Experience in Sail point tool customization, Report Generation, Integration with end/target systems, Sail point API's and Application Development.
• Designed Sail point deployment activities, connector configuration, custom rule development, workflow configuration, development and third party system integration.
• Experienced in migrating NetIQ Access Manager to Ping Federate.
• Working as a part of Single Sign on team, Protecting Web applications with Standard/Custom Authentication Schemes and educating the application team about the flow of authentication and authorization.
• Worked in tuning the environment and setting up High availability with LDAP and Access manager.
• Implemented Single Sign-On using SiteMinder on single/multiple cookie domains for Web applications and integrated SSO with SunOne LDAP and MS Active Directory and e-Directory. This also includes Federation both inbound and outbound using SAML 2.0.
• Experience in implementation of IAM solution from scratch.
• Hands on experience in IAM requirement analysis, implementation of Access Gateways and SAML based integrations.
• Experience in collaborating with teams to determine systems requirements and functionalities needed in LDAP.
• Experience working with Active Directory using LDAP protocol and good understanding of the LDAP concepts.
• Experience in redesigning the existing LDAP schema with some custom attributes and object classes.
• Experience in developing applications using java, j2ee and using databases oracle 10g.
• Excellent communication skills and good Interpersonal skills helped me to keep productive and positive working relationships with staff from varying technical backgrounds and skill levels.
• Good in prioritization, multi-tasking and project planning skills. Expert in documentation and management of standard operating procedures.

PROFESSIONAL EXPERIENCE:

Confidential, Detroit, MI

IAM Engineer

Responsibilities:

• Valuable experience in analyzing IAM logs, IAM application server logs, provisioning server logs to troubleshoot various authentication/endpoint related issues.
• Co-ordination with Server hosting team if any hardware related issues.
• Co-ordination with Ping Federate vendor if any software related issues.
• Maintained both Test and Production servers for Ping Federate along with the cluster management and timely Replications to deploy changes to servers.
• Developed custom Ping Agent using Ping SDK and Implemented SAML Protection with Digital Signature.
• Designed, deployed and supported highly available and scalable Ping Federate infrastructure in AWS and On-premise that provides single-sign-on (SSO) and federation solutions for internal accesses.
• Ping Federate Performance tuning for supporting support heavy traffic.
• Build and Configure Sail Point tasks like aggregation, ID refresh, schedule tasks, correlation, etc.
• Responsible for preparing documentation for each application and providing the Run Book to the Operations team to troubleshoot issues.
• Experience in implementing CA Siteminder policy server, framing Rules and Policies, Policy Server maintenance, SSO call clearance, Web Agent & Application agent installations, troubleshooting production problems.
• Responsible for provisioning users across endpoints like Active Directory, LDAP, Unix, and RACF/Mainframe along with explore and correlating users from various endpoint.
• Configured Affiliate agents, RADIUS agents to provide federation of web services in the SSO environment providing authentication & authorization to IDM.
• Good knowledge with PIV-Personal Identity Verification.
• Configured custom alerts and e-mail notifications based on the business needs.
• Created and updated the provisioning policies as per the change in the business environment using Policy Xpress.
• Developed multiple Policy Xpress to trigger on various tasks and to generate standard company requirements like generation of unique ID's, passwords, emails, record entries etc.
• Responsible to handle complex JobCode logics which involved multivalued attributes and multiple PX's to tie groups, provisioning roles and endpoints to respective JobCode.
• Worked on setting up remote task to CA IDM through Web services calls from EFI front-end applications via Task Execution Web Service (TEWS).
• Good experience in setting up Bulk Load Clients and automating different IDM tasks.
• Migrated passwords from legacy application to CA IDM capturing the last password change date.

Environment: Ping Federate 7.1, Ping Federate 7.3, Ping Federate 8.2, SAML 2.0, OAuth2.0, AD, Java, PowerShell, Oracle ODSEE 11g, Sail Point IIQ, Web Agents, Policy Servers Oracle LDAP Directory Server 11.0g, IBM WebSphere, SQL Server, HTML, SQL, MS Visual.

Confidential, San Francisco, CA

LDAP Engineer

Responsibilities:

• Involved with the team in installing & configuring Oracle Directory server 11g
• Involved in upgrading sun directory server 6.x to oracle directory server 11g in various environments.
• Involved in Directory architecture and design.
• Writing and modifying Shell scripts to perform automated LDAP administration tasks.
• Create ACI, Roles and Groups for application integrations.
• Configured SSO for internal applications with Active directory as user directory
• Designed and implemented the Oracle Directory server 11g which involves the schema modifications & migrate authorization groups and external users.
• Worked on troubleshooting for LDAP and SiteMinder issues with Support Teams for newer initiatives at organization level.
• Installed & configured Directory Server Console Center (DSCC) on various platforms in various environments.
• Involved in writing the scripts like backup, replication monitoring and configuration statistics for Oracle Directory server 11g.
• Day to day work included closing the Incidents, gathering details for developing projects and supporting testing.
• Performed technical review of all changes in conjunction with Change Management Team
• Documented all Tasks Plans, Conclusions, Findings, Configuration Settings, Recommendations, Logical Flow Diagrams of SiteMinder environment and provided Tier 3 support in Production issues
• Provided 24x7 production support for SiteMinder and LDAP infrastructure.
• Assisted in discussions of redesigning LDAP architecture for older environments.
• Assisted in migrating LDAP from one data center to another data center.
• Assisted in deleting large chunk of data in LDAP to accommodate for licensing purpose.
• Performed hands on tasks such as planning installs, patch upgrades, and Sun LDAP tuning, maintenance, patches and other daily administrative tasks on the various environments.
• Developed documentations for the upgrades, installation and management of the directory server.

Environment: Solaris 9/10, Oracle Directory Server 11g, Sun Web Server 6.x/7.x Red Hat Linux 4.x/5.x./6.0, Windows 2000/2003, SiteMinder 5.5/6.0/R12

Confidential, Florence, KY

Site-Minder / Identity Minder Engineer

Responsibilities:

• Provided solutions for complex application using SiteMinder and Ping Federate.
• Hands on experience on Ping Federate, CA Single Sign-ON, CA Advance Authentication, CA Secure Proxy Server, Ping Access, and Ping Cloud.
• Experience in SAML based authentication 1.1 and 2.0 using Ping Federation, SiteMinder Federation and integrate with SiteMinder authentication and adapter.
• Migrated SAML Based SSO partners from CA Single Sign-On federation to Ping Federate.
• Used Ping API to deploy and create SAML changes.
• Setup and maintain distributed IT systems including computational resources, servers, storage and networking.
• Configured both Ping Access Proxy Gateway to decode the JWT tokens and installed the agent on application server to communicate with Ping Federate server.
• Worked on OpenID Connect for the user Authentication using Ping Access.
• Involved in knowledge sharing sessions for SailPoint Compliance Manager component and involved in creation of design documents, code reviews.
• Configured and supported SAML based Identity & Service Provider connections.
• Written custom active responses to extend the capabilities of SiteMinder and to support the client requirement.
• Configured application agents on PeopleSoft, WebSphere, WebLogic and OBIEE.
• Worked on internal application like Splunk, Service-now, Wily to customize to our team and management requirements.
• Created scripts to monitor Apps, dashboards, backup LDIF and generated reports.
• Supported production environment without missing any SLA's and supported TIAA-CREF environment 24 X 7.

Environment: Windows Server 2003/2008, Unix, SiteMinder R6 SP1/SP5/SP6, R12 SP2/SP3, Ping Federate 6, CA Directory 11, Oracle Directory Service 11g, Splunk, CA Wily Enterprise Monitor, Web Logic 8/10, JBoss 5, Apache 2.x, IIS 6.

Confidential

IDAM Consultant

Responsibilities:

• Installed and configured connectors for provisioning and reconciliation.
• Developed custom Schedulers.
• Developed and configured the Approval Workflows.
• Developed the Event-Handler for business needs.
• Created different tasks for internal and external users.
• Configured custom tasks for reporting.
• Developed user login plugins.
• Integrated Active Directory with CA IDM via interceptor.
• Installed and configured Password Synchronization Agent.
• Configured and developed centralized Single Sign-On (SSO) login page.
• Implemented TEWS to execute IDM's tasks from different client applications.
• Implemented Strong Authentication for multi factor authentication.
• Implemented requested based access control using Admin tasks, Admin screens, Admin Roles, Provisioning Roles.
• Implemented notifications for scripts to monitor failures.
• Implemented all the requirements as per the plan.
• Developed supporting documentation - System Design, Requirements, Strategy, Troubleshooting, User/Support Personnel training, Deployment Plans, Project Schedules and other project actifacts.
• Participated in all Identity Management deployment activities - connector configuration, custom rule development, workflow configuration and development, third party system integration.
• Design, Implemented a solution which manage the Identity lifecycle of almost all applications with the enterprise, without directly controlling the identity store within the application.

Environment: CA Identity Manager R12.6, SUN Identity Manager, CA Identity Portal, CA Directory Server, Oracle Enterprise Directory Server, JBoss, SQL Server, CA BI.