TECHNICAL SKILLS:

Platforms: Windows/ AD (Active Directory), Novell, UNIX (AIX, Linux, Solaris), Mainframe(RACF, z/OS, AS/400), RedHAT

Front End Tools: Visual Basic (VB), Developer 2000, PL/SQL Developer

Databases: Sybase, Oracle (10g, 11g), UDB, DB2

Database Application: Oracle Financials, PeopleSoft Financials (GL, AP, AR), PeopleSoft HRMS (Time & Labor, Payroll, Benefits), and JD Edwards

Programming Language: C++, C, Java, SQL, PL/SQL, XML, ASP, HTML, Korn, Shell, Bash.

Software: Oracle Financials 10.0, Visio 2003, SQL*Loader, Lotus Notes 6.5, SUN IDM, RBACx, Rational Clear Case, Rational Clear Quest, BMC Remedy, Office 2010 suite, Tivoli Access Manager (TAM), Oracle Identity manager (OIM), SailPoint, CA User Activity Report Module 12.5.02, ARX Co - Sign (E-Signature), CRM MS Dynamics 2011,Oracle VM VirtualBox, CA Governance Minder 12.6, ISAM 9.0, DataPower xi52 - 7.6, IBM WebSphere, IBM ISAM 9.0, IBM TFIM.

PROFESSIONAL EXPERIENCE:

Confidential

Senior System Engineer

• Experience with IBM WebSphere DataPower Service Oriented Architecture (SOA) policy configuration, application integration, deployment, and Troubleshooting for application domains.
• Experience with IBM WebSphere DataPower SOA AAA (Authentication, authorization, and Auditing), setting up the server certificates within the XML file.
• Experience with SSL DataPower troubleshooting, services instrumentation, monitoring, logging, enabling probes and capturing logs
• Experience with managing and supporting IBM Tivoli Federated Identity Manager (TFIM) and IBM Security Access Manager (ISAM)
• Experience with Tivoli Federated Identity Manager/IBM Security Access Manager configuration, integration, deployment, updating, administration, and Troubleshooting.
• Troubleshooting and looking for the root cause within the trace logs & SystemOut logs within TFIM servers running on Unix boxes.
• Configuring IBM Security Access Manager junctions & Tivoli Federated Identity Manager federations for partner applications.
• Update and configure root and intermediary certificates for IBM DataPower, IBM ISAM and IBM TFIM for SHA256 Encryption Algorithms.
• Work with NSOC, Networking Support team to check the ports are open and configured correctly in F5 Load Balancers during triage.

Confidential

AD GreenField Project - Lead

• Serving as a Subject Matter Expert (SME) for Role-based Access Controls (RBAC) project to create Role Lifecycle Management across each department within QT Enterprise.
• Integrated Risk strategies into Identity Access Management (RSA Via Identity Lifecycle and Governance) control tools
• Collaborated with Technology and Business teams to implement risk strategies
• Manage and support role-based controls to ensure appropriate access
• Tested for Segregation of Duties (SOD) violation within roles and user entitlements.
• Responsible to create a pre-approved role and eradicate user cloning.
• Analyzed and take action to maintain application compliance
• Supported Risk Management and Support Teams with timely data analysis and out of the box reports from reporting server.
• Reviewed Windows Active Directory requests for risk compliance
• Translate roles from business capabilities into technical roles sustainable in the Windows active directory repository.
• Established policies and compliance guidelines to enable maintenance (evergreen) of RBAC as business/technologies change.
• Define request and approval workflows within RSA Via Identity and Access Management and Governance tool.
• Created certification campaigns for Application Owners and Users Managers to perform periodic reviews and validated the closed-loop remediation.

Confidential

Oracle Identity Governance

• Create, manage and provide oversight of the access control policies and corresponding roles and responsibilities for business application owners and provisioning parties. Provide guidance on compliance with access policies while staying informed of client efforts.
• Work with the business and IT in application and enterprise role definition for low, medium or high risk applications/user entitlements incorporating security best practices such as Individual Accountability, Least Privilege and Segregation of Duties (SOD).
• Participated in the identification of SOD violations within and across low, medium, or high risk applications as well as assist with the subsequent analysis and resolution of identified violations.
• Participated in reviewing and approving changes to application and enterprise roles as part of the Role Governance Working Group.
• Assisted with the integration of high risk applications with the role and access management solution by driving requirements gathering and documentation of interface agreements for integration with the access management solution.
• Coordinate and monitor higher risk access certifications such as privileged accounts or ad hoc certifications for high risk applications. Assist in coordinating the completion of role and access certifications under access governance and monitor overall completion of access certifications.
• Assisted with the development of training for end users related to access control principles and policies.
• Assisted with ongoing enhancements to the user life cycle management process.
• Created User Access reviews (UAR) for managers and role owners.

Confidential

CA Identity and Access Management Pilot Project - CA Governance Minder Architect

• Application integration in CA Governance Minder 12.6 & 14.1
• Creating configurations for each application and integrating them together for certification campaign
• Access certification campaigns: Role certification, User Privileges, Resource Links
• Role discovery (RBAC) within the CA Governance Minder Client tool.
• Created Business Process Rules (BPR’s) for Segregation of Duties(SOD) violation.
• Updated the solution design and run books with the updated configuration as applicable.
• Import application raw data through CSV file connectors.
• Import Mainframe data through TSSCFILE connector to perform deep integration.
• Used Pentaho Data Integration (kettle) tool to transform and load the data in excel file to import through CSV connector.
• Defined business unit roles for departments using Aveksa Business Role Manager module.
• Created iterative and quarterly access certification campaigns using CA Governance Minder.
• Imported CA IdentityMinder data to CA GovernanceMinder, in both the Master and Model configurations in CA GovernanceMinder and populates for a specific universe.

Confidential

CRM Pilot Project - IT Consultant

• Participated in creation of user stories as a part of development effort.
• Part of Agile Software development team to Customize/Develop forms, views, and web resources for CRM2011 in .Net environment.
• Installation and Configuration of hardware expansion in VirtualBox as a part of development effort.
• Solutions created in Oracle Virtual Box and migrated to Dev and Prod environments.
• Version control performed in team Foundation Server (TFS) as developers are spread across the zone.
• Managed Identities in Active Directory for user authentication to Dynamics CRM 2011.
• Developed and managed MS Dynamics CRM 2011 user Security Roles (RBAC).
• Establishing ODBC connection to Database to retrieve data.
• Created CRM 2011 Custom Reports using Microsoft SQL Server Reporting Services (SSRS).
• Customize Ribbons using Ribbon Editor and Ribbon Workbench.
• Assisted in configuring Contact/ Call Center Desktop (CCD) Agent's hosted control, action calls, routing rules, toolbars, etc.
• Configured Sitemap xml file to display the correct entity for CRM Web application.
• Installed and updated CRM development servers.
• Managed IIS and Plugin Deployment for development servers.
• Provided documentation and assistance in all points of development to development lead, architect, and the project manager.

Confidential

Oracle 11g (OIAM) - Identity & Access Management - IT Consultant

• Part of Oracle IdM Implementation based on Barclays Capital IDM code.
• Analyzed the functionality of the legacy provisioning solution SUN IDM 6.x in order to inventory the features and capabilities that will need to be migrated to the new solution Oracle IDM Suite 11g.
• Involved in Data store configuration for Access Manager.
• Configuring PeopleSoft HRMS 9.0 as an authoritative (trusted) source of identity information for Oracle Identity Manager (OIM).
• Requirements gathering for Oracle Entitlements Server (OES) for a real time fine-grained authorization.
• Defined Service Oriented Architecture (SOA) workflows for approvals and manual provisioning using Oracle BPEL Process Manager.
• Validating centralized RBAC roles with Oracle Identity Analytics (OIA) module for Oracle Identity Governance 11g.
• Reviewed Out of the box connectors for different platforms (Unix, AD) for configuration.
• Work with developers on requirements for enhancement using struts framework based on Model View Controller (MVC) architecture.
• Performed logical data modeling, analysis and cleanup
• Documented workflow processes
• Documented resource request template and Barclays Capital User Interface (UI) screen requirements and layouts
• Establishing JDBC connection to Database to retrieve data using SQL queries for reports.
• Created users/groups and manage their permissions within the web catalog.
• Assisted in Quarterly recertification for Privileged and Non-Privileged users using Sailpoint.

Confidential

Information Security Access Management Specialist (Consultant)

• Responsible for gathering and assembling the application and database user data necessary to conduct timely access recertification based on the access remediation calendar.
• Perform Security audit on Mainframe & mainframe applications. (CICS & PPT analysis, OMVS, DB2, IMS, Profile-Acid Analysis)
• Perform application security assessments on Privileged & Non-Privileged groups and accounts associated with applications in O/S (AD, Novell, and UNIX- Linux, IBM AIX) & Relational Databases like (Sybase, Oracle, UDB, MS SQL) platforms.
• SQL knowledge on Oracle stored procedures, functions and triggers.
• Ran Oracle SQL queries to retrieve user authorization details.
• Created and managed tree structure in Oracle Internet Directory(OID).
• Validating centralized RBAC roles with Oracle identity Analytics (OIA).
• Reviewed configuration details, user roles and groups defined within Oracle Weblogic 11g for access recertification.
• Periodic Active Directory security audit was performed to ensure that Active Directory is being properly managed and protected. As a part of audit here are the few things looked at: Policy & architecture, Active Directory Groups & users at Global and local level, AD schema and their associated ACL's (Access control list), and AD Administrators (Domain & Local level) to check for Privileged Users.
• Perform through analysis PeopleSoft Financials and PeopleSoft HRMS applications referring to PSOPRDEFN table
• Performed assessment on User and Role membership on IBM Tivoli Identity Manager(TIM)
• Conducted assessment on IBM TAM (Tivoli Access Manager) for internal and external entitlement level details; TAM Along with Application source code and XML files for embedded groups.
• Participated in Enterprise Change Control Board (ECCB) meetings to review significant System/Software Configuration changes across Technology Infrastructure and business applications for Change Management.
• Tested Sailpoint application for recertification effort on quarterly for Non-privileged user and monthly for Privileged user.
• Assisted on SailPoint workflow as a part of initial set-up for iterative access recertification.
• Configured iterative certification for Privileged users and quarterly recertification campaigns (user and RBAC role certification) for Non-Privileged users using Sailpoint.

Confidential

RBAC (Consultant) - IAM/IDM

• Perform duties as part of a team to streamline on-boarding and provisioning process for Global Wealth Management through the development and implementation of Role Based Access Controls.
• Performing role mining of existing and available data to identify suggested business roles and the develop Role Definitions to be used for efficient provisioning, user entitlement review and de-provisioning for a large percentage of GWM personnel in Single Sign On (SSO) setting.
• Requirements gathering for Oracle Entitlements Server (OES) for a real time fine-grained authorization.
• Validating centralized roles with Oracle identity Analytics (OIA) and migrating to Oracle Identity Manager (OIM).
• Summarization of defined security matrices to compare actual user entitlements to the expected entitlements and provide the summarized role with exceptions to Oracle Entitlement Repository System (EERS) for effective entitlement review and provide the details of a role or profile to the reviewer.
• Role Repository Administration of the corporate tool for the storage and maintenance of role definitions for use in provisioning and user entitlement review interfacing with business end-users and technical staff included in the RBAC project.
• Leveraging notification process to keep ISA Management informed of outstanding issues and potential impact items.
• Extensive use of Oracle Identity Analytics formerly known as SUN IDM RBACx in creating roles under managers, departments for base lining of roles.
• Streamline employee and non-employee on-boarding process through standardized and automated workflow systems.
• Provide the process and capabilities to move primary compliance and security controls from the Entitlement Reporting server and Review component of the IDEM life cycle to the Provisioning component
• Data extracted using Pentaho Data Extraction tool (PDI - Kettle) from different relational databases and flat files and loaded in Access Database for in-depth analysis as a part of data mining. Develop tests strategies, test cases, and tests to be executed against the database and data using SQL and other tools.

Confidential

SOX GRC Analyst (Consultant)

• Involved in Rationalization of General Computing Controls. Testing and evaluation of Test of Design (TOD) and Test of Operating Effectiveness(TOE) for various IT General and application controls
• Business Process redesign and design of controls to ensure the completion of the business process accurately based on COBIT 4.0 framework.
• Inspect the SAS 70 for our outsourcing vendors for compliance as needed by our auditors
• Involved in remediation of role based access control (RBAC).