SUMMARY:

• Experience in Identity and Access Management, Privileged Access Management using Microsoft Identity Manager, Exchange Online, Azure Active Directory, Visual Studio .Net, SSIS as a FIM Consultant/Lead Developer, Forge Rock Consultant, CA IDM, Confidential PAM and Confidential .
• Advance level with SQL Server Database concepts, designs, and project implementations
• Involved in designing and developing Web Based applications using technologies like .net, Visual Basic, ADO, HTML, JavaScript, DHTML, CSS.
• Involved in designing SSIS package for transferring data from excel to SQL database
• Advance experience in project scope definition based on gathered Business Requirements including documentation of constraints, assumptions, business impacts, project risks and scope exclusions
• Worked on Confidential Password Manager to implement Self Service Password Management Tool across the Organization
• Developed PowerShell scripts to automate Group Management activities using FIM/MIM
• Developed distributed applications using .Net and Web Services.
• Worked with Product Managers to evolve understanding of product needs and translate into product specifications, and then translating specifications into working systems components
• Designed and Developed n - tier (including business and data tier) applications. Well versed with Back end, Middle tier, Front end and GUI.
• Advance knowledge of FIM, Office 365, Azure Active Directory, Exchange Online and databases like SQL Server
• Advanced knowledge in CSS3, HTML5 technologies
• Interacting with Architects, Developers, Project managers and reports to Director for Identity and access management.
• Working on different products from CA, IBM, Microsoft, SecureAuth, Okta, Onelogin, Amazon PingFederate, Confidential, Centrify, CyberArk and Confidential Trust.
• Implementing SailPoint Identity IQ solutions for RBAC, Role composition, performed business role mining and IT role mining for entitlements.
• Recent experience in using Confidential access manager and identity manager for IDM provisioning through drivers and access manager for SAML/OAuth/OpenID integrations.
• Used Access Gateways for identity injection for traditional apps.
• Recent implementation of complete Ping Suite including PingOne, Pingfederate, PingAccess, PingID for apps that are dependent on OIDC/OAuth model. Built a central hub for Apigee and Ping for using PingAccess as a gateway model and protected apps that are rest api's layered behind pingaccess. Automation process for application promotion using Rest API and documented API's using swagger for publishing documentation to API for both public and internal user.
• Ping Infrastructure automation process in AWS using Ansible for continuos delivery model and continuous integration model.
• Implemented SCIM for user provisioning for Rest API end points reducing the dependency on use of connectors for simple apps that are migrated from SOAP based architecture to REST API based architecture.
• Implemented strong session management for tight scalable access to the applications for both API and web applications-based model.
• Experience in setting up CyberArk for multiple client bases using cold/hot topology models.
• Experience in using Password Vault, PVWA,PSM, CPM, conjur, DNA tool, on boarding and managing different applications.
• Experience in setting up Confidential trust platform use of Powerbroker for windows/unix/Mac, Confidential insight, retina scanner, DART tool, use of smart rules and on boarding different application portfolios.
• Excellent Communication skills, hardworking, highly enthusiastic and good problem-solving abilities Ability to learn and implement different languages and complete projects in the given timeframe with quality
• Proficient in developing and executing Test cases, test plans, performing functional, usability, stress testing and UAT
• Worked on integration of applications with Ping Federation for implementing SSO and Federated identities
• Worked with the Onsite and Offshore leads to establish a collaborative environment between technology and the other disciplines
• Responsible for mentorship and guidance to (offshore) technical team members
• Identification of new opportunities and ideas for the project - as a proposal to client for future enhancements
• Assisting Business Development and project teams in scoping and estimating project work for medium to small sized projects

PROFESSIONAL EXPERIENCE:

Confidential

IDAM/PAM Lead Engineer

Responsibilities:

• Create multiple MA's for data flow between source and destinations.
• Implement multiple Rules Extensions to in corporate custom login in data flows.
• Customize Group Management Portal for the ease of access and to in corporate client requirements.
• Create Sets, Workflows and MPRs to implement critical business logic.
• Customize and created new Search Scopes for ease of user access.
• Create/Upgrade PowerShell MA's for interaction with Exchange Online for creation of mailboxes in the cloud.
• Create SSIS package to transfer data from excel to SQL tables.
• Create Web Service to update Groups in Group Manager Portal from an external application
• Track the lifecycle (creation, update, inactive status and deletion) of Group and User resources across the directories.
• Administer the Group and User Management portal.
• Identify priorities within ongoing projects in consultation with the client and modify project delivery schedules accordingly.
• Identify, plan and report value additions in different areas of the project.
• Interact with the Business Teams to define/validate requirements, ensure that the requirements are documented and the corresponding development tasks are assigned to the team for fulfillment of the requirements.
• Analyze the various risks associated with the project, conduct an impact analysis of the risks on the project in terms of cost, budget and timelines and develop mitigation strategies for the same.
• Conduct weekly meetings with IT leads and re-define priorities of various activities as per the current needs of the project. Proactively communicate status of key project activities, risks, and issues to IT leadership
• Experience in installing, configuring and maintaining CA IDM r12.6 SP4, CA Siteminder Policy Server R12.51sp1, Web agents, Transaction Minder, Active Directory server, Oracle Directory Server (LDAP) and various Web servers (plug-in files), Application servers on environments like Web sphere 8.5, JBOSS 6.4EAP and various platforms.
• Work on implementing and supporting SAML-based Federation technologies like OAUTH 2.0, Active Directory Federated and governance minder 12.6.1
• Installed, configured and administered CA IDM, CA SiteMinder Policy Server, Web agents, CA Directory and Oracle Directory Server (LDAP) on various platforms for a clustered and HA environment on WebSphere 8.5, JBOSS and various Platform
• Integrated IDM with CA SSO, Providing Authentication and Authorization to IDM
• Used CA Wily Introscope monitoring tool to generate performance reports of SiteMinder policy servers and other LDAP servers
• Configured System objects like Agents, Agent Conf Objects, Host Conf Objects, User Directories, Domains, Administrators and Schemas
• Work on implementing and supporting SAML-based Federation technologies and Active Directory Federated
• Experience in implementing CA Siteminder policy server, framing Rules and Policies, Policy Server maintenance, SSO call clearance, Web Agent & Application agent installations, troubleshooting production problems
• Migrated of data from CA IDM from R .6 SP4
• Responsible for provisioning users across endpoints like Active Directory, LDAP, Unix, and RACF/Mainframe along with explore and correlating users from various endpoint.
• Installing and configuring Policy servers from 12 to 12.52.105.2112
• Worked on different types of integration projects like SPS integration (Secure Proxy Server), MS ID integration for all various types of applications.
• Meeting the application team's and explaining them about how Siteminder helping their applications with Single Sign On and working on all the environments in their application.
• Pulling the data from OneView Monitor to get the server list details such as: Host name, Version info, IP address and many others based on requirement.
• Working with CA Support for various issues in the applications caused by CA to fix the issue.
• Worked completely on Reporting Server Config, this application from CA helps us to get most of the information from the servers related to Siteminder based on our search.
• Created Domains, Realms, Rules, Responses, Agents, Agent Configuration Objects, Auth Schemes.
• Installed Siteminder webagents and configured for new webservers.
• Created new used and gave them administrators access to single environment or all the required environments.

Confidential

Cyberark Consultant

Responsibilities:

• Security and ID Management team L2/L3 working with LDAP, Confidential eDirectory and IDM, Active Directory, Oracle Access Manager, Aveksa, and SecureAuth (SSO/SAML) to manage users and groups across enterprise resources.
• Debug Identity driver issues. Managed Aveksa workflows for IAM self service requests. Consulted with customers to determine best paths to achieve desired business goals for group management.
• Debug issues with IDM drivers.
• Cyberark used to manage shared and privileged accounts.
• Represent Security/IAM tower in critical and major incidents: perform run book checks to establish health of IAM systems; Security systems checks as needed and escalation if necessary.
• ITIL best practices for Incident, Problem and Change Management using Service Now.
• Worked with Service Now team to develop new request templates for the customer base. Documentation and Work Level Instruction.

Confidential

Responsibilities:

• Working on customer IAM project using ForgeRock openAM, openIDM and openDJ, build up customer authentication REST services layer for a client of 27 million users.
• Used Java, Postman, ForgeRock customer authentication module, OTP, Post Authentication Module, openDJ password plugin module.
• Use ForgeRock OpenAM, OpenDJ to do SSO for internal and external applications (SAML, OAuth/OpenID Connect, Kerberos etc).
• Use OpenIDM to develop user accounts lifecycle management (provisioning, deprovisioning etc)
• Customize UI REST API developing & testing IAM system architect (F5 load balancer, SSL, 2 factors, MySQL RDS..etc)
• Use Splunk create panels/dashboard to monitor Authentication and LDAP
• Create internal documentation in Confluence and manage tickets in JIRA.
• Integrate application in SailPoint IIQ IAM using different types of connectors.
• Develop build map rule, customization rule, and exclusion rule using Java Beanshell.
• Perform IIQ application upgrade and testing.
• Create application access s review for managers and application team certified users.
• Run report internally in SailPoint IdentityIQ and externally using Crystal Report.
• Perform application data aggregation in to SailPoint IdentityIQ identity cube.
• Gather requirements from customers to integrate new application data in to SailPoint IIQ.
• Worked with software vendor (SailPoint) to resolve application errors.
• Use SVN repository to applications, rules and s from Dev to Test and to Production environments.
• Troubleshoot and debug application servers.
• Designed and implemented request forms/workflows.
• Modified log4j properties and logger info.
• Evaluate customer requirements for onboarding of new applications and access review built in IIQ.
• Oversaw and performed upgrade of 5.5 - 6.0 - 6.1 - 6.2 p2.
• Oversaw and performed IIQ upgrade of 6.2p2 - 6.3 - 6.4 and to final version IIQ 7.0.