- Identity and Access Management Architect, Engineer, Consultant with 17 years of total IT experience including 15 years with Identity and access management implementations, architecting, design. Implementation experiences including are IBM Security IAM Suite, ForgerockIdM, Sailpoint, Sun Identity and Access Manager, Ping Federate, CyberArk.
- Recently finished working as Security Solution Architect and Advisor in Confidential.
- Integrate Confidential IAM Solution with the Confidential IAM Solution hosted on AWS Cloud to manage Ohio Internal and External Workforce and their resources.
- This is multi - tenant based IAM Solution of IBM Security Solution including IBM Security Identity Manager (ISIM), IBM Security Access Manager (ISAM), IBM Security Directory Server (ISDS) and IBM Security Directory Integrator (ISDI) deployed on AWS cloud. Solution Design of migration of directory server. Completed role mining exercise for Confidential for all the business units to implement RBAC.
- Proven track record of providing the best solution to drive down costs while increasing quality and efficiency throughout the companies by process improvements and has excellent knowledge of Identity and Access Management and problem-solving abilities to achieve aggressive goals within specific deadlines to meet customer satisfaction.
- Learning Python for Data Analytics and Machine Learning.
IAM Products: IBM Security Identity Manager 7.0.1/6.0/5. X, IBM Security Access Manager 9.0.2/8.X/6.X, IBM Security Directory Integrator 6.1.1/7.X, IBM Security Federated Identity Manager 6.2.2, ForgerockOpenAM, OpenIDM and OpenDJ, CyberArk, ActivIdentity Secure Login (ESSO) 6.0, Passlogix (ESSO), Sun Identity Manager 4.6, 5.X, 6.0, Sun Access Manager 7.X.
Directory servers: Tivoli Directory Server 6.X (MMR),Novell e-Directory Server, Sun One Directory Server 5.X, 6.X (MMR), MS Active Directory, Open DJ.
Application/Web/ Web-proxy servers: Web Sphere Application Server 6.X, 7.0, Sun One Web Server, Sun One Application Server, Sun One Web Proxy Server, Messaging Server, Calendar Server, Portal Server, Communication Express, Tomcat, Oracle9iAS, Apache1.3, JBoss, WebLogic 5.1Databases/Applications/
Languages: IBM DB2 9.5, Oracle 8i, Mysql, JAVA, Servlet, JSP, JDBC, JavaMail, JNDI, ANT1.5, Java Web Services PL/SQL, WML, XML, DOM and SAX Parsers, CDO, ASP, XPRESS, SPML, WSDL
Tools: JDK1.4, JDK1.5, TOAD, Fiddler 2.0, 4.0, Wireshark, JIRA, Confluence, X-mind, MobaX etc.
Other Technology: LDAP, SAML 2.0, OAuth 2.0 with OpenIDConnect.
- Responsible for growing Security Practice, Partner Management and Presales for various domains including but not limited to Oil and Gas, Healthcare etc.
- Design, Architect, Identity governance and Intelligence projects with available industry IGI products including but not limited to IBM ISIGI, Sailpoint et c
- Design, Architect and Implementation of single sign on solution using the most current industry SSO products e.g. Forgerock OpenAM, IBM Security Access Manager etc.
- Design and Architect IAM migration strategy to and from available Identity and access Management Solutions in the market.
- Design and Architect Directory migration to and from e.g. IBM Security Directory Server, Microfocus e-Directory, Forgerock OpenDJ, Sun Directory Server etc.
- Building strategy and road map for Identity lifecycle implementations and integrations with the business applications.
- Create Business Requirement Design, Functional requirement design and Technical design document for IAM implementations.
- Expertise in currently availab le security Standards and protocols but not limited to SAML 2.0, OAuth 2.0, OpenId Connect, SPML etc.
Security Solution Architect and Advisor
Environment: Server OS: RHEL Linux 6.5, ISAM 126.96.36.199, Windows 2012 R2, Office 365, VMWare Airwatch
Software: ISIM 188.8.131.52, ISDS 6.4, ISAM 184.108.40.206, ISDI 7.1
- Advisor of Confidential chief information security Officer for IAM implementation and migration.
- Responsible for end to end Solution to migrate from legacy Novell NetIQ environment to the new multi-tenant IBM security Solution.
- Review SOW from the vendor and suggest required changes as per client requirement.
- Review IAM Business Requirement, Functional Requirement, Architecture and Design Document.
- Confidential consists of 6 employee types having complex implementation of workflows.
- Attribute mapping and workflows for Active Directory, Novell e-Directory, Office 365.
- Building the road map for the future implementation including Role Based Access Control (RBAC) and Single Sign-on for Confidential and Agency based applications.
- Solution and Design of Role Based Access Control (RBAC) implementation in Confidential Agency using IBM Security Products.
- Completed Role Mining exercise for Confidential for all the business units.
- Solution and Design of Novell e-Directory migration to IBM Security Directory Server (ISDS).
Environment: Server OS: Win 2012 R2 and Win Server 2012 R2
Software: ForgerockOpen AM v13.5, Sailpoint v7.0, OpenDJ v3.1MySQL 5.6.45
Protocol/Framework: SAML 2.0, LDAP etc.
- Provided Identity Federated solution for the multiple Identity Providers (IdP) and multiple Service Providers (SP).
- Identity management solution for all the members, providers and admin across the multitenant organization.
- Identity Management solution for all the Internal Resources including (Active Directory, Lync, VPN, UCx, Replicon, JIRA, Privilege Access Management (CyberArk) etc.)
- Provided Architecture and Solution of CyberArk Integration with Sailpoint.
- Provided the high Available Architecture for Sailpoint, OpenAM and OpenDJ.
- Prepared Solution Requirement Specification Document for VisiantHealthmultiple tenant environment.
- Prepared the architecture for the internal Visiant Health which includes contractors and employees.
Environment: Server OS:Redhat Linux 6.3
Software: IBM Security Access Manager 8.0.3, IBM Security Identity Manager 6.0, IBM Security directory server 6.3
Protocols: SAML 2.0, WS Security and OAuth 2.0 with OpenID Connect.
- Implementation of Identity and access Management including IBM Security Identity Manager 6.0, IBM Security Access Manager 8.0.3, and IBM Security Directory Server 6.4.
- Configured the standard junctions for applications COMiT, CommonWiki, ITD Clarity, Active Directory and OWA.
- Configuration of third party external applications with ISAM for internal users.
- Working with SAML 2.0 and OAuth 2.0 with open ID Connect for the federation.
Confidential, Dallas, TX
Environment: Server OS: Win 2008 R2 and Win Server 2012 R2, Office 365, AWS Server.
Software: Rapid Identity and Automation Tool, Rapid Connect, Rapid Federation Rapid Portal
- Architecting High-Level and Low-Level design for internal and external users
- Freeze the requirement with the customers for end points or integrated applications.
- SSO integration with cloud applications or SAML supported applications.
Confidential, Chicago, IL
Environment: Server OS: Linux, Sun Solaris, Microsoft Windows 2008 R2 Server
Software: Tivoli Access Manager 6.1, Tivoli Federated Identity Manager 6.2.2, Sailpoint 7.0, Active Directory Server, Websphere Application Server 7.0, SAML 2.0, SPNEGO, Kerberos.
Tools: Fiddler 2.0, 4.0, Wireshark 1.10.14
- Interact with the internal as well as external client for requirement gathering and delivery from the day project kickoff until it signs off.
- Raise Request for the F5 VIP assignment for Mydeskop, Agency and consumer WebSEAL servers including the load balancing features and rules F5 VIP persists.
- Make firewall change request spread sheet and raise it as per the requirement of the application integration with TAM or TFIM.
- Make the DNS change request as per the requirement in DEV, Test, TPT and Production of Mydesktop, Agency and Consumer environment.
- Create and configure standard, Virtual host junctions as per the requirement and feasibility of the solution.
- Configure SPNEGO for internal user’s environment i.e. Mydesktopand agency.
- Configurestandard as well as virtual host junctions for .Net WebForm as well as .Net MVC model and suggested the application team for required configuration at their end.
- Configure junctions for WAS based application, work with the WAS application team for the configuration of ETAI on their end.
- Create ACLs, Pop, objects and apply them on the junctions as per the business requirement.
- Troubleshooting with the TAM junction using Fiddler 2.0, 4.0, snoop and debug traces.
- New third-party application configuration with Tivoli Federated Identity Manager (TFIM)using SAML 2.0 token.
- Mapping of identity attributes as an IdP for the assertion to take place with third party application.
Confidential, Houston, TX
TIM/TAM Consultant and Architect
Environment: Server OS: Linux, Microsoft Windows 2008 R2 Server
Software: Tivoli Identity Manager 5.1, Tivoli Directory Server 6.1, 6.2, 6.3, Tivoli Directory Integrator 7.0, WebSphere Application Server7.0, Tivoli Access Manager 6.1.1, Tivoli Federation Identity Manager 6.2, IBM DB2 9.5
- Lead the project to migrate entire IAM infrastructure of Confidential Inc. from ATOS data center to IBM Datacenter with the help of 4 team members.Entire movement we delivered with the minimal downtime of less than 24 hours.
- Done the migration from ITIM 5.0 to ITIM 5.1, TAM 6.0 to TAM 6.1.1, and TDS 6.1 to TDS 6.3.
- Installed and configured ITIM 5.1, TDI 7.0, TDS 6.3 in clustered environment on high availability on Dev, Test and Prod environment.
- Installed and build TDS environment on 7 locations on high availability to provide the solution to Confidential Beacon business critical applications, SAP Netweaver portal, Confidential Direct and Maximo.
- Installed and configured Tivoli Access Manager Combo adapter.
- Implemented almost real-time provisioning for suppliers into SAP SNC including TAM account provisioning, three instance of enterprise LDAP account provisioning etc.
- Almost real-time implementation of customer/supplier creation from Confidential Direct registration database.
- Change Log connector implementation for real time update of email from Active Directory to ITIM flowing to peoplelink application, enterprise LDAP and SAP HR etc.
- Tivoli Access Manager 6.1.1 new junction creation for SAP SNC for suppliers accessing from external.
- Responsible for growing Security Practice, Partner Management and Presales for various domains including but not limited to Oil and Gas, Healthcare etc. I also guided the off-shore development team. Used his knowledge in identity and access management domain to prepare solution approach for new Client Projects.