We provide IT Staff Augmentation Services!

Senior Security Architect Resume

SUMMARY:

  • Over 21 years of IT experience and 13 years of Identity & Access Management experience.
  • Over 10 years of extensive experience in Software Development including architecture, analysis, design, development, deployment and testing experience in B2C, B2B, Web Portal environments. Over 12 years’ experience in architecting and deploying Identity Management, Access Management, LDAP Directories, Single Sign - On (SSO), Provisioning & Approval Workflows, RBAC (Role-Based Access Control), Compliance and Auditing Technologies, Identity Federation, Enterprise System Architecture, Security Infrastructure Design, Authentication and
  • Authorization technologies, as well as custom-built security and technology frameworks. Good analytical & technical skills combined with good communication & inter-personal skills.
  • Skilled in working as Team Lead as well as Team member.
  • Proven technical leadership skills include the ability to manage teams, earn the respect of its members, led by example, and thrive in an entrepreneurial environment.
  • Fast learner and able to understand unfamiliar areas independently.
  • Very easily adaptable to new systems and tools.
  • Can clearly express technical information and concepts to a non-technical audience and vice versa.
  • Persuasive verbal and written communication skills compliment a proven ability to multi-task, maintain an organized approach, and ensure success - even when faced with high-pressure or high-risk situations.

TECHNICAL SKILL:

Identity Management: Oracle Identity Manager 9x/10g/11g/11gR2, Sun Identity Manager, Novell Identity Manager 2.x/3.x, Novell DirXML 1.1a, Thor Xellerate 8.7.x

Access Management: CA SiteMinder, Oracle Access Manager 10g/11gR1/11gR2, Sun OpenSSO Enterprise 8.0, Sun Access Manager, RSA Access Manager (Cleartrust), Web Agents, Policy Servers

Identity Federation: RSA Federated Identity Manager 2.5/3.1, Netegrity SiteMinder Option Pack, CA Federation Manager R12, Oracle Identity Federation (OIF) 11g, PingFederate 5.3/6.0, Sun Federation Manager 7.0, Sun OpenSSO Enterprise 8.0

Directory Services: Novell eDirectory, Sun ONE Directory Server 5.2, Microsoft Active Directory, Oracle Internet Directory 10g/11g (OID), Oracle Virtual Directory 10g/11g (OVD)

Security Technologies: SAML 1.1/2.0, WS-Fed, OAuth, OpenID, WS-Security, Kerberos, PKI, LDAPGeneral Cryptography, and Federated Identity Management

Security Testing Tools: Tenable Nessus, IBM AppScan, nmap, snort, snoop, tcpdump Web/Internet

Technologies: ASP, ASP.NET, ADO.NET, J2EE (JSP, Servlets, JDBC), XML, XSL, XSLT, XL-FO, SAX/DOM, HTML/ XHTML/DHTML, CSS, JavaScript, VBScript, C#, Perl CGI.

Web Servers: IIS4.0/5.0/6.0, Apache, Tomcat, SunOne WebServer

App Servers: Weblogic Server 5.0/6.0/8.1/9.2 , Oracle Application Server, Sun Glassfish Server, IBM Websphere, JBoss, Apache Tomcat

Programming Lang.: Visual Basic 5.0/6.0, Java 1.4.2/1.5,1.6, PL/SQL, Unix Shell Scripts.

APIs: J2EE, J2SE, JDBC, JNDI, ODBC, Perl CLI for Netegrity SiteMinder, Java SDK for Netegrity SiteMinder, Novell NDK for eDirectory, Oracle Identity Manager API

Standards: HTML, CSS, XML, SOAP, XSLT, XPath, LDAP, DOM, HTTP, PDF, UML

Dev Tools/IDE: Eclipse 3.2, Microsoft Visio, Microsoft Project, Oracle JDeveloper, Microsoft Visual Studio 6.0, Microsoft Visual Studio .NET, SQL Navigator, Quest TOAD, Allaire Homesite, Macromedia Dreamweaver, Microsoft Frontpage,, Softerra LDAP Browser, Microsoft ADSI Edit

Databases: Oracle 10g/9i/8i, MS SQL Server 6.5/7.0/2000 , MS Access. Source Code

Control Sys: Visual SourceSafe, Rational ClearCase, Stellent ECM, SVN

O/S: Windows XP/Vista/2000/2003, Linux, Sun Solaris

Oracle Access Management Suite Plus 11g: Implementation Specialist

Oracle Identity Manager: Develop Identity Provisioning

EXPERIENCE:

Confidential

Environment: Oracle Managed Cloud Services, Oracle Access Manager 11gR2PS3, Oracle Internet Directory 11GR1, Oracle HTTP Server 11GR1, OAM WebGate 11gR2PS3, EBS AccessGate, EBS 12.1.3, LifeRay Portal, Shibboleth, Apache

Senior Security Architect

Responsibilities:

  • Architect/Build a new SSO DEV infrastructure for on Oracle Managed Cloud (OMCS).
  • Worked on a POC for multi-factor integration with DUO plugin for OTP.
  • Set up federation scheme to authenticate to Liferay with OAM as an IdP. The federation scheme was set up as a 2FA authentication scheme with Forms authentication + DUO OTP
  • Worked together with Confidential ’s to implement & test uses cases for SSO, TFA, R12, Liferay.
  • Integrate a sample mobile app for native authentication with Oracle Access Manager using OAuth API.
  • Integrate a sample mobile app for Social authentication with Oracle Access Manager using OAuth API
  • Provided detailed documents for all integrations that were deployed on OMCS

Confidential

Environment: Oracle Access Manager 11gR2PS3, Oracle Internet Directory 11GR1, Oracle HTTP Server 11GR1, OAM WebGate 11gR2PS3, EBS AccessGate, EBS 12.1.3, Oracle Webcenter Imaging, Oracle Discoverer

Senior Security Architect

Responsibilities:

  • Architect/Build a new SSO infrastructure for high availability based on Oracle recommendations.
  • Built an identical clone datacenter environment for failover using Oracle’s Multi Data Center (MDC) approach.
  • Set up federation scheme to authenticate with R12, WCI & Discoverer with Confidential ’s Ping Federate instance
  • Assisted the PingOne team to expose these applications on the Cloud Desktop
  • Worked together Confidential ’s NetOps team to implement & test uses cases for failover & switchback between datacenters. Put together a DR runbook for failover/switchback operations.
  • Design/Implement SSO integration for R12, WCI & Discoverer
  • Worked with the InfoSec to remediate security vulnerabilities reported for the SSO components as well as server related vulnerabilities
  • Worked on a POC for multi-factor integration with DUO plugin for OTP.
  • Provided detailed documents for all integrations that were deployed on TeamForge
  • Played a key role in resolving issues with the SSO integration during QA which included Confidential users globally
  • Provided training & mentoring to Confidential support team members

Confidential

Environment: Oracle Access Manager 11gR2PS3, ODSEE, Oracle Internet Directory 11GR1, Oracle HTTP Server 11Gr1/12c, OAM WebGate 10g/11gR2PS3, EBS AccessGate, EBS 12.1.3, SharePoint

Senior Security Architect

Responsibilities:

  • Architect/Build a new SSO infrastructure for high availability based on Oracle recommendations. This architecture was reviewed by Oracle and certified
  • Built an identical clone datacenter environment for failover using Oracle’s Multi Data Center (MDC) approach.
  • Helped resolve firewall/clustering issues after the stack was migrated over to a private VLAN with restricted access
  • Worked together with JPL’s Network engineer to implement & test uses cases for failover & switchback between datacenters. Typical failover/switchback times were under 5 minutes
  • Design/Implement SSO integration for about 9 DEA ADF apps that were hosted in a mix of 11g & 12c ADF/WebLogic environments
  • Worked on multiple POCs for SSO integration with SharePoint, consuming OAM OAuth tokens for authorization, Federation SSO for Django applications using pySAML, integration with JEMS (ColdFusion) application.
  • Provided detailed documents for all integrations that were deployed on the JPL wiki site
  • Played a key role in resolving issues with the EBS integration
  • Provided training & mentoring to DEA support team members

Confidential

Environment: Oracle Access Manager 10g/11gR2PS2, Oracle Identity Manager 11gR1/11GR2PS2, SOA 11gR1, Oracle Internet Directory 10g/11GR1, Oracle HTTP Server 11Gr1, OAM WebGate, EBS AccessGate, EBS 12.2.3

Senior Security Architect

Responsibilities:

  • Architect/Build a new SSO infrastructure with stable releases for the following IDM components OAM, OID, OIM, SOA, OHS
  • Draft detailed requirements specifications for SSO and Provisioning use cases based on discussions with key business stakeholders at Activision
  • Migrate existing SSO infrastructure to OAM 11gR2PS2 and the provisioning system to OIM 11gR2PS2
  • Provide seamless (zero signon) for EBS R12 and SalesForce (ServiceDesk) for users in the Activision/Blizzard network
  • Configure DIP Sync between Activision/Blizzard AD domains to populate users in OID for SSO
  • Implement SSO for EBS R12 with OAM as SP and ADFS as IdP
  • Implement SSO for ServiceDesk with OAM/ADFS as IdP and SalesForce as SP
  • Implement a HA architecture for the entire stack with no single-point-of-failure.
  • Provide DR guidelines and document the process.
  • Provide support for Cut-over and Post GoLive activities

Confidential

Environment: Oracle Access Manager 11gR2PS2, Oracle Internet Directory 11GR1, Oracle HTTP Server 11Gr1, OAM WebGate, EBS AccessGate, EBS 12.1.3, Oracle WebCenter Portal

Solutions Architect

Responsibilities:

  • Provide a security assessment of the existing infrastructure and provide recommendations with regards to architecture, design, performance and high availability
  • Design, architect, implement a new infrastructure for SSO and Provisioning with the following products OAM, OIM, SOA, OVD, OID on Linux
  • Provide SSO integration for the Agency & Policy Holders portal with OAM.
  • Provide SSO integration with OAM for OIM user identity console
  • Design/Develop provisioning workflows for target systems like AD, MS Exchange, OID

Confidential

Environment: Oracle Access Manager 11gR2, Oracle Internet Directory 11GR1, Oracle HTTP Server 11Gr1, OAM WebGate, EBS AccessGate, EBS 12.1.3

Solutions Architect

Responsibilities:

  • Install/Configure IDM suite 11.1.1.6 and IAM suite 11GR2 on Test and Prod Environments
  • Configure Federation SSO between the preferred authentication provider (eAuth which uses SiteMinder) and OAM
  • Integrate EBS R12 for SSO with OAM using AccessGate
  • Configure high-availability for IDM components & AccessGate
  • Devised a detailed DR migration plan for Production

Confidential

Solutions Architect

Environment: Oracle Access Manager 11g, Oracle Internet Directory 11g, EBS R12.1.3

Responsibilities:

  • Architect & Design an SSO infrastructure OAM, OID
  • SSO enable users by synching their AD accounts in OID using DipSync
  • Develop custom login page for SSO based on Confidential templates
  • Provide SSO integration for EBS R12 using AccessGate with OAM
  • Implement SSO for OBIEE
  • Implement SSO for other home grown applications (DevNet, LOCUpdate & OPUS) at Confidential by using webgate/mod wl plugins
  • Design Highly Availability for SSO infrastructure

Confidential

Environment: Oracle Access Manager 10g, Oracle Identity Federation 10g, Oracle Internet Directory 10g, EBS 11i, Oracle WebCenter Portal 11g

Solutions Architect

Responsibilities:

  • Architect an SSO solution using OAM/OVD/OID
  • Integration WebCenter Portal with OAM 10g for SSO
  • Implementaed federation SSO for SalesForce as SP with OIF 10g/OSSO IdP

Confidential

Environment: Oracle Access Manager 10g, Oracle WebCenter Portal

Solutions Architect

Responsibilities:

  • Provided a detailed security assessment report on the existing implementation.
  • The report mainly focused on addressing performance issues as well as common security vulnerabilities
  • Integrated WebCenter Portal for SSO with OAM 10g

Confidential

Environment: RHEL 5, Windows 2003/2008 Server, Oracle Access Manager 11g, Oracle Virtual Directory (OVD) 11g, Oracle Internet Directory (OID) 11g, Oracle Identity Manager 11g (OIM), Oracle Webcenter Suite 11g, Oracle SOA Suite 11g, Oracle eBusiness Applications R12

Solutions Architect

Responsibilities:

  • Architected, designed and led the implementation for SSO for Oracle E-Business Suite, Oracle Webcenter, Oracle UCM, Oracle SOA & OBIEE.
  • Architected, designed & implemented OVD to act as an Identity store for all SSO applications. OVD was integrated with the corporate AD as well as OID. Application roles were provisioned using OID
  • Architected, designed & implemented a secure solution so that external customers can access their invoices in UCM content manager.
  • Conducted a POC on mobile device fingerprinting/provisioning using Oracle Adaptive Access Manager (OAAM)

Hire Now