SUMMARY

• Experience in Web Security Administration using Ping Federate, CA Siteminder, CA Identity Manager, IBM Security Identity Manager (ISIM), IBM Security Directory Server, IBM Security Access Manager, IBM Security Federated Identity Manager.
• Experience with Integration/development of web applications.
• Experience in analysis, design, installation support and maintenance of Identity and access management solutions.
• Workedwith business IT managers to understand business requirements, enterprise IT standards and other considerations that influence how IAM solutions and services should perform and operate.
• Expertise in architecting solutions across the enterprise using CA Single Sign On CA SiteMinder, CA Identity Manager, IBM Security Directory Server.
• Expertise in Installing, configuration, deployment and maintenance of the CA SiteMinder components the Policy Server, Web Agent, Policy Store and Key Store.
• Experience working with LDAP based directories - IBM Security Directory Server formerly known as IBM Tivoli Directory Server, CA Directory.
• Experience in installing, administering IBM Security Identity Manager(ISIM).
• Involved in SiteMinder policy server upgrades from SiteMinder r12.0sp3 to 12.52sp2.
• Expertise with Load Balancing, high availability (HA), disaster recovery planning.
• Experience with using IDP initiated and SP initiated SAML profiles with different binding methods like POST, Artifact, and Redirect to deliver a custom SSO environment as per the requirement.
• Working knowledge in PKI Public Key Infrastructure.
• Used SiteMinder tools like smobjexport, smobjimport to export and import Policy Stores.
• Expertise in Ping Identity in implementing Single Sign on solutions as Identity Provider(IDP) and Service Provider(SP).
• Experience in using Unix/Linux utilities for analyzing logs, and troubleshooting the applications with application servers and Security/Identity management servers.

TECHNICAL SKILLS

Security Ping Federate: 6.x/5.x/7.x, IBM Security Federated IdentityManager, CA Siteminder12.50/12.51/12.54, Ping Access, OAUTH2.0,Simple SAML, Shibboleth, OpenID Connect,Kerberos, PKI,SAML1.x/2.0.

Directory Servers: CA Directory Server,IBM Security Directory Server Identity

Management Tools: IBM Security Identity Manager, CA Identity Manager

Application/Web: Servers IBM Websphere Application Server, Weblogic Application Server,Apache, Tomcat, JBoss, MS IIS

Databases: IBM DB2, Oracle8i/9i/10g, MS SQL Server

Operating Systems: Windows 2008/2003, Redhat Linux, Solaris 8/9.

Programming Languages/Others: Java 1.6, JAX-WS Web Services, XML, C, C, Unix Shell Script, Python, HTML/DHTML, Java Script, J2EE JSP/Servlet/JDBC/EJB, Spring, JMS, Struts

PROFESSIONAL EXPERIENCE

Confidential CA

Identity & Access Management Senior Consultant

Responsibilities:

• Installed, configured and maintained IBM WebSphere Application server.
• Created clustered environment for ISAM in IBM WebSphere Application server.
• Administration of ISAM 7, ITDS 6.3 with components and prerequisites (production, UAT, and development environments).
• Installation, configuration and management of ITAM components (policy server, authorization server WebSEAL).
• Involved in performance tuning for ISAM servers, LDAP and DB2.
• Apply Patches for upgrade the version of software.
• Generated SSL certificates and coordinated with Network team to implement the signed certificates using IBM global security kit GSKit.
• Modified existing LDAP schema.
• Created users, groups of the ISAM using pdadmin utility.
• Created Access Control Lists (ACLs), and Protected Object Policies (POP) using pdadmin utility.
• Created Junctions to setup the secure access to applications running on back-end servers using pdadmin.
• Configured WebSEAL instances to protect and manage access to back-end resources.
• Installed and configured IBM Tivoli Federated identity Manager6.2.2
• Migrated Federated Single Sign on solution from CA Siteminder12.52sp2 with IBM Tivoli Federated identity Manager6.0
• Created IDP and partner configurations in TFIM.
• Provided SSL support.
• Assisted the Enterprise Network team for load balancing using Cisco F5.
• Involved in developing system configuration and operating procedures.
• Applied patches and Fix packs for ITAM / ISAM, LDAP and WAS.
• Compiled processes design and Knowledge database documentation - run-book.
• Attended weekly meetings with security team and the business entities to discuss the current progress / issues related to project.

Environment: IBM TFIM6.0, Softerra LDAP Browser2.6, Gskit 8.0.20.0, TDS 6.4, ISAM 7, IBM WAS 8.5, DB2 9.7, Windows 2008.

Confidential, Brooklyn, NY

Identity & Access Management Senior Consultant

Responsibilities:

• Involved in requirements from various business entities who needed their applications to participate in Single Sign On.
• Created the execution plan for implementing Single Sign On using PingIdentity
• Installation of PingFederate in a clustered environment for Development/QA/UAT/Production.
• Installed CA Directory Server.
• Created LDAP store for users in CA Directory Server.
• Configured Identity Provider adaptor to setup SSO for SP partners.
• Configured the HTML Form IDP Adapter
• Created Identity Provider role with SAML2.0 protocol support
• Created Service Provider role with SAML 2.0 protocol support
• Managed the IDP certificate in PindFederate and exported the public IDP certificate and assisted the Service Providers in importing them.
• Configured OAUTH2.0 Authorization role for Social Sign-On.
• Configured SP Adapters.
• Imported federation partner’s CA certificate into PingFederate’s global trust list.
• Production Support of SSO integration with all the Service Provider’s.
• Trouble shoot the production issues and provided solution as per the SLA.
• Responsible for Performance tuning Ping Federate.
• Provided the Load balancing of the clustered PingFederate servers using Cisco F5.
• Responsible for Debugging any errors that are traced in the log files
• Managed the IAM team to support federations and Single Sign on for partner business entities.

Environment: PingFederate6.10,CA Directory Server, DB2, Cisco F5,Redhatlinux, Putty, Cygwin.

Confidential, Brooklyn, NY

Identity & Access Management Consultant

Responsibilities:

• Capture business requirements and define functional specifications for implementing Identity access management / Single Sign on (SSO).
• Responsible for Architecture design of Single Sign on (SSO) integration for Development, Staging and Production Environments.
• Install and configure Policy servers and Web Agents.
• Responsible for configuring Single Sign on (SSO) federation between Identity Provider and Service Providers.
• Created LDAP schemas in IBM Tivoli Directory Server for Siteminder Policy Store and user store.
• Using CA Siteminder Policy server FSS administrative UI created Federation Security Services Administrative User (fssuiagent).
• Created User directories, Agents, Agent config objects.
• Configured affiliate domain using the Federation Security Services Administrative User Interface.
• Clustered the Policy Servers for high availability.
• Configured Social Sign-On using OAuth google authorization server.
• Load balanced the SSO environment using f5 which acted as reverse proxy.
• Applied Option Packs, Hot Fixes for Web Agents.
• Using Policy Server Management Console configured the Policy/Key store and tested the connectivity with it.
• Configured the Log parameters to provide detailed description of the log trace to troubleshoot if any errors.
• Create System Objects, Policy Domain Objects and Global Objects on SiteMinder Policy Servers to protect the applications by validating the user against the user stores on Directory Servers.
• Responsible for providing Single Logout Out(SLO) configuration
• Created the SQL server schema for implementing SLO
• Responsible for monitoring production logs to make sure there are no errors and if any errors analyze and fix the errors.

Environment: Siteminder12.0sp3, IBM Tivoli directory Server, IIS, Servlet Exec, SAML, Windows2008

Confidential VA

IAM Specialist

Responsibilities:

• Involved in requirements from various business entities who wanted their applications to participate in Single Sign On.
• Discussed / assisted with stake holders participating in Single Sign On using PingFederate to support SAML.
• Installation of PingFederate5.0 in a clustered environment for QA/UAT/Production.
• Installed IBM Tivoli Directory Server.
• Created LDAP store for users in IBM Tivoli Directory Server.
• Configured Identity Provider adaptor to setup SSO for SP partners.
• Configured the Custom HTML Form IDP Adapter.
• Created Identity Provider role.
• Created Service Provider role.
• Managed the IDP certificate in PindFederate and exported the public IDP certificate and assisted the Service Providers in importing the IDP certificate and integration of SSO.
• Configured SP Adapters for all the Service Providers participating in Single Sign On.
• Production Support of SSO integration with all the Service Provider’s.
• Trouble shoot the production issues and provided solution as per the SLA.
• Provided the Load balancing of the clustered PingFederate servers.
• Responsible for Debugging any errors that are traced in the log files as part of Production Support.
• Used Remedy to track the production support tickets.

Environment: Pingfederate5.0, IBM Tivoli Directory Server, DB2, Remedy, Linux, Putty, Cygwin.

Confidential NJ

Senior Integration Specialist

Responsibilities:

• Responsible for the analysis of project requirements and the development of technical specifications.
• Provided Level of Effort for development tasks per the requirements.
• Developed dynamic email content using Velocity template engine.
• Designed the SMS and Email generation for Remittance Receipt.
• Used Eclipse as IDE for executing programs and building the application.
• Developed Restful webservices.
• Authored Maven build scripts.
• Developed Web services to interact with multiple data stores.
• Created JUnit test cases for unit testing the components.
• Performing Integration testing of the application with all modules.

Environment: JDK, SQL, PL/SQL,, Oracle 10g, Jboss Application Server, TOAD, Eclipse, SVN, Restful Webservices, Apache Velocity Template Engine, XML Spy, Cygwin, PuTTY, Maven, JUnit, XML, XSLT.

Confidential, Reston, VA

Sr. Java developer

Responsibilities:

• Involved in Requirement analysis and use case design.
• Authored SCR functional documents.
• Designed UI for ASA Module.
• Conducted SCR peer reviews.
• Created generic functionality in UI per the prototype and services to be used by all modules.
• Provided Level of Effort (LOE)/ estimations and time lines for the user requirements.
• Created Spring beans as dependency Injection (DI).
• Developed Restful webservices.
• Created UI templates using JSF - Richfaces and provided AJAX calls to interact asynchronously with business logic.
• Used Eclipse as IDE for executing programs and building the application.
• Used Ajax in JSF UI for asynchronous calls.
• Created spring dependency injection to communicate with each layer.
• Developed Enterprise Java Beans - Session Beans.
• Created Hibernate mappings using annotations for DAO.
• Used Dozer for providing recursive mapping of Objects while communicating with different layers in the application.
• Created JUnit test cases for unit testing.
• Developed shell scripts to automate the build process.
• Delivering the system using Agile Programming Methodology/SCRUM.
• Provided Storyboards while adhering to Agile SCRUM.
• Performed installation tests before the release of the application.
• Designed the Error Handling process in JSF for generic use across the application.
• Responsible for providing monitoring production logs.
• Responsible to interact and answer the business users questions pertaining to the post production issues.
• Assigned the issues to the team and mentored the team in providing the solution.
• Involved in code review and peer review.
• Performing Integration testing of the application with all modules.

Environment: J2EE, JDK, EJB, Richfaces, XHTML, HTML, CSS, Hibernate, JDBC, JNDI, Spring, Linux, Oracle, Websphere Application Server, TOAD, Eclipse, AJAX, CSS, Rational Clear Quest, SVN, Webservices, SOAP, Dozer, JUnit, XML, XSLT.

Confidential

Java Developer

Responsibilities:

• Requirement Analysis.
• Design the architecture of the Application using UML.
• Developing the Architecture.
• Developing JSP, Action Class, DAO.
• Coordinating with the team to ensure deliverables.
• Delivering the system using Agile Programming.
• Project Tracking.
• Provided Role based access to the application users using Oracle Internet Directory.
• Deployment of application in WebSphere application server

Environment: Struts 1.2, JSP, Oracle10g Application Server, Oracle Apps.CRM, XML, HTML, CSS, Tomcat.