- I specialize in Identity and Access Management Security Domain Space having 6 Years of experience. I am an IAM Security Consultant working on privileged Identity management (PIM) & Access Management, Access Governance Security space.
- Having hands on experience on tools like CA IAM Suite, Access Management, ForgeRock suite, etc. Utilized configuration & automation tools such as Chef and Puppet.
- I’m passionate about what I do. A well versed team player and I have ability to work well under pressure and deliver no matter what it takes.
- I have a GO - GET attitude and always strive to achieve excellence.
Operating Systems: Windows (2003/2008/2012 ), RHEL 5/6/7, Solaris, AIX 5.x/6.x/7.1
Identity and Access Management: CA Siteminder, ForgeRock OpenAM, AccessMC
Access Control: CA PIM, CA Control Minder 12.8
Automation and Build Tools: Jenkins, Maven
Configuration Management Tools: Chef, Puppet
Ldap Directory services: CA Directory Server, Active Directory, Open LDAP
Confidential, O’Fallon, MO
Identity Access Management & RSA Authentication Consultant
- Provisioned and De-Provisioned access for Active Directory, Oracle, Postgres, Unix and Epic System Applications.
- Collaborated with multiple customer teams to ensure on-boarding new users were provisioned with and granted correct access and complied with HIPPA Standards.
- Generated request for any users needing various applications or experiencing issues with their access based on their job description.
- Processed daily termination reports and removed access accordingly.
- Assisted with the design, coding, debugging, benchmark testing, and documentation of various programs.
- Proficient with tools used to administer security on the mainframe
- Created templates and manuals for Training new analyst to our department that maintained document consistency and streamlined process to save time and reduce stress.
- Worked with the individual applications on specific project assignments. Worded with Senior Software Systems Engineers in complex problem areas to avoid delays, expenses or disruption in process.
- Understanding of LDAP groups and user accounts and tools used to administer security in this environment .
- Understanding of UNIX/Linux security and tools used to administer security in these environments .
- SecurID Token management duties performed at levels 2 and 3 Troubleshooting performed for RSA Two Factor Authentication clients involving analyzing system health checks, RSA token manipulation and system management for multiple clients in leveraged environment .
- Assisted VPN end-users with resynching tokens, resetting passwords via RSA/ACE Authentication Manager including but not limited to supporting VPN issues with connectivity issues.
- Managing RSA Secure Tokens by 'resynchronizing", "disabling" "enabling" "unassigning and assigning" tokens via the RSA SecurID Management to get emergency access pass-codes. Duties include: loading RSA tokens to system.
- Troubleshooting client issues with token authentication (both hard and soft tokens) Performing RSA versions 6-8.1 Authentication Manager system upgrades, patching duties, multiple weekly health checks to ensure efficient system performance.
- Perform level 3 supports for 5 Safenet Two Factor authentication clients. Duties include adding users to system, managing Safenet Mobile Pass and Etoken distribution and troubleshooting.
- Troubleshooting / manipulating RSA/ PCI - SDN Secure tokens. Responsible for shipping,
- Troubleshooting / manipulating Sabre Secure tokens.
- Documented in detail all reported issues through resolution for troubleshoots to utilize and correct future issues of like kind and avoid unnecessary repeated research or duplicate issues.
- This involves logging calls into the problem tracking system (Remedy, Service Center, and Siebel) and resolving all solutions in a timely fashion.
- Prepare project plan and submit weekly progress reports, throughout the project duration.
- Provided rollback plans to all application teams when any issue.
- Supported endurance and regression testing in pre-production environment.
- Involved in daily Site minder updates for Production, UAT and Development environment.
- Assisted multiple applications during any production outage.
- Handled multiple alerts related to servers in various environments.
- Assisted Infrastructure Team during any changes.
- Led the AccessMC team and handled multiple AccessMC implementations at Confidential to include both AccessMC 6.9 to AccessMC 7.1.
- Built a lot of custom connectors on Tivoli Directory Integrator tool to connect IAM application to diverse third-party applications.
- Provided technical support for maintenance and enhancement of IAM solutions.
- Worked on different modules of ITIM like Operational workflows, Provisioning Policies, Groups, ACIs etc.
- Provided ITIM trainings to the Tivoli support team at Confidential and mentors the ITIM developers working at Confidential and antigrowth.
- Worked on TFIM to federate Confidential application with different SAML applications.
Confidential, Chicago, IL
Senior Identity & Access Management
- Worked on Identity and Access Management products like CA Siteminder 6sp5 (Single Sign On) and R12.52, CA privileged Identity manager R12.8(CA Control minder, CA Access Control) and R14.0, CA Governance Minder (Access Governance)
- Design, implement, and support various Identity and Access Management (IAM) solutions.
- Conduct in depth technical IAM research, assessments and performance analysis to support and design technical automated IAM strategies.
- Lead scalability and performance planning for future IAM needs.
- Review and adjust existing IAM processes (provisioning, de-provisioning, re-certifications, etc..) to ensure that they are aligned with industry best practices.
- Provide guidance and support for management of non-human accounts.
- Lead technical project execution to identify and close gaps between proposed and implemented designs.
- Serve as SME on identity & access management within enterprise partnering with all lines of business to identify systems and identify repositories to be managed by identity and access management solutions.
- Lead operational and strategic planning of new authentication tools and systems, and ensure alignment of heavily used and complex applications. Partnering with business technology leads, and working with application developers to integrate commonly used applications into the identity infrastructure.
- Used ADSI services to enumerate and manage the resources in a directory service (add, delete, and modify users, groups and permissions).
- Resolved Ad Initial load problem.
- Resolved duplicate same account names during the provisioning period.
- Created groups for corporate LDAP using ITIM and IDI.
- Created custom adaptor for ACF2 using IDI.
- Configuring and maintaining networking related implementation and system securities using Security Groups, SSL Certificates, subnets, Internet Gateways, SSH keys, AWS Access/Secret Keys, Iptables, Network ACL’s and different protocols such as SSH, HTTP, HTTPS and FTP.
- Managing Automation toolset such as Puppet by writing Manifests and modules.
- Work collaboratively with team members to achieve common goals, while maintaining responsibilities and commitments.
- Enhance and maintain a large-scale Hudson/Jenkins-based build infrastructure.
- Configure Policies and work with application agent deployment.
- Configure LDAP servers and setup replication & schema
- Configure internal SSO, Cross domain single sign on, Federation SSO (SAML)
- Expert in SSO integrations and troubleshooting different issues
- Strong experience with different Web Servers and Application Server Security and Application deployments
- Fine-tuned and set up High availability with LDAP and Siteminder. Tested and implemented back up, recovery.
- Experienced with Failover, Load Balancing and other Administration tasks.
Confidential, Omaha, NH
Senior Security Analyst
- Function as the coordinator / facilitator between IT, internal and external audit teams
- Management of the Identity and Access Management services including password management, SSO, Active Directory and authentication
- Partner and work collaboratively across all Workplace Service functions focused on information protection, messaging hygiene and client server based authentication
- Provide thought leadership in IT Strategy, operations and innovations as related to the Identity and access management service
- Manage the implementation of technologies to enable business value and adoption
- Drive successful delivery and implementation of key enterprise initiatives related to Identity Management technologies
- Interact with key business IT and stakeholders to proactively identify business problems and opportunities that can be addressed with innovative technology solutions
- Conduct research into new technologies, including tools, components, and frameworks
- Train and share knowledge with IAM team.
- Providing the RBAC (Role Based Access Control) to the end users.
- Importing endpoints using feeder tool to integrate with CA PIM (Control minder)
- Configuring the CA PIM (Control minder) to create the users in different Operating Systems locally.
- Troubleshooting access issues of End users and provide required access to the endpoints.
- Configuring Shared Account Management (SAM) for end-users to access endpoints.
- Integrated different type of applications. Liferay, Java, PHP and .net, with Siteminder
- Configuring Single Sign On between applications that are integrated with Siteminder
- Configuring Single logout using iframes for applications which are in Single Sign On
- Installing apache and IIS web servers and configuring reverse proxy for Siteminder integration
- Planning Authentication and authorization approach for application integration with Siteminder
- Generating apache open SSL certificates and configuring SSL connections with user store and Siteminder
- Reporting server up-gradation and configuration with Siteminder.
- Configuration of IDP & SP adapters and enabling the single sign on.
- Provided support to the internal PKI certificate management.
- Issued the PKI certificates for applications after request validation.
- Renewing & installing the new certificates on various key stores.
- Configured the federation solutions with ADFS.
- Importing and exporting the SP and IDP Meta data.
- Troubleshooting Assertion issues.
- Fixing security Vulnerabilities.