SUMMARY

• Extensive experience with maintaining and enhancing Sailpoint IdentityIQ installation in large company. Created and modified many applications and rules within the system. Played major roles in more than one version upgrade.
• Experienced in IAM (Identity and Access Management) and responsible to install, integrate and deploy the IdentityIQ OR Identity Now product in client environments.
• Extensive experience in financial and access management projects.
• SailPoint Identity Now Implementation strategized and implemented Identity and Access Management solutions for the client to strengthen the security posture and increase usability
• Worked with Active Directory, LDAP/UNIX groups, Networks, Human Resource systems for Identity and Access Management.
• Experienced Identity Access Management professional in the implementation of Access Review and Provisioning solution
• Managed projects for design, configuration and implementation of SailPoint IIQ, including coordinating with vendor leadership, technical services leadership, and end user customers.
• Developed Custom java classes in IIQ.
• Performed Integration with multiple applications such as AD, Exchange, RDBMS, Flat File & LDAP. Upgraded SailPoint from 5.5 to 6.X.
• Integrated feature flags application within SailPoint's SaaS product Identity Now. The app selectively enables and disables features at a very fine grain as well as enabling features for a percentage of users for operational
• Work with key business leaders, stakeholder and project teams to integrate their applications into IAM solution
• Experienced in installing Ping federateon both Linux and Windows Platform.
• Worked on all the Pingfederate OAUTH grant types to get the access token to access the protected API. Supported development with integration of Mobile Apps using OAuth/SAML in Pingfederate.
• Experienced in implementing the Siteminder solution to support Tokenized ID’s.
• Experienced in configuring SSO with Ping Access using out of the box and custom developed authentication schemes.
• Experienced in implementing SAML Protection with Digital Signature.
• Experienced in implementing OAuth & Open ID Solutions using Ping federate.
• Worked on Pingfederate to allow users to performsingle sign - onwith other third-party applications.
• Created vision and reference architecture for internal single sign-on infrastructure. Developed relationships with key business partners to bring the vision to fruition.
• Initiated and managed federation and single-sign-on projects utilizing PingFederate and CA SiteMinder. Project scope: 1.5 million budget for hardware and software purchases, management of 12 resources. 12 cloud applications were fully integrated within first 6 months.
• Deployed SiteMinder, Identity Manager, and Secure proxy server supporting 3.0 million external customers. Customers benefited from increased security, usability, and profile management. Produced additional savings through reduction of call center staff as a result of user's self-service functions being online.
• Architected SAML federation solution enabling legacy applications to letverage industry best practices. TIAA-CREF achieved a competitive advantage by providing modern service offerings to new business as well as over 15,000 existing relationships.
• Advisor to senior management on corrective actions required after a failed portal implementation. As a result, J2EE profilers were deployed with every new application to allow support teams adequate testing and monitoring facilities. Additional risk mitigation was achieved by replacing legacy front-end load balancers with modern devices which allowed a staggered release schedule for new applications.

PROFESSIONAL EXPERIENCE

IAM Consultant

Confidential, Los Angeles, CA

Responsibilities:

• Installation and configuration of SailPoint IIQ as required by design solution.
• Created various reports like Role composition report, Identity Reports and Application attribute reports for IIQ.
• Evaluated SailPoint-IIQ by Life Cycle Management, Access Review/Certifications, Policy Management, Role-Based Access Control and Connector modules.
• Analyzed the application before on boarding to get extract of application with the user unique ID, access levels and permission and do deep dive sessions.
• Implemented Self-service feature, Password feature, Provisioning feature and policies in SailPoint.
• Maintained user account workflows using form Joiner, Mover and Leaver.
• Involved with existing Provisioning Team for the application in order to make it fit in to IIQ and to get the existing User Access Management (UAM) model.
• On-boarded applications using Provisioning application’s requests in IIQ.
• Functioned as the primary liaison between the business client, operations, and technical areas throughout the project life cycle.
• Facilitated meetings with stakeholders to elicit business and functional requirements and perform business process analysis.
• Interacted with internal stakeholders to share findings from deep dive analyses.
• Building and Configuring SailPoint IIQ tasks like Group Aggregation, Identity Refresh, Roles, System Maintenance, Populations, Check Active Policies, Certification Refresh, Run Rule, etc.
• Translated massive data sets into actionable business results.
• Gathered and analyzed application data provided by application owner.
• Translated business requirements into technical requirements and assist other team members in implementing the solution.
• Provided direct technical evaluation of third-party products for inclusion in IAM solutions and define software development processes.
• Set up an automated application user certification campaign for approval of the access and privileges for certification.
• Generated reports for each application for audit purpose.
• Worked on installation and configuration of PingAccess Policy Servers and PingAccess Agents.
• Integrated PingAccess with Pingfederate System to authenticate the user using Pingfederate and Authorize by using PingAccess Servers.
• Integrate the custom developed independent application with PingAccess to track the owner of the application which is being protected by PingAccess and Pingfederate.
• Worked on apache web server to make the application URL work with both http and https and protected both secure and non-secure URL’s using PingAccess.
• Worked on application configuration with PingAccess and defining PingAccess Sites, rules, Virtual hosts, Policies and Rules.
• Experienced with multiple Ping Federate adapters like HTTP adapter, Open Token adapter and Composite adapters.
• In creating functional/design/technical specs and user stories incorporated various artifacts including multivariate or A/B test scenarios and web prototypes from Sketch and Invision.
• Collaborated in AGILE environment via JIRA & SharePoint; Created story tickets and performed routine Backlog grooming; Created/updated team documentation pages within Confluence.

IAM Consultant

Confidential, Long Beach, CA

Responsibilities:

• Involved in Application development by using connector configurations like delimited, JDBC and Active Directory etc.
• Developed the rules like buildmap, correlation and manager correlation rules.
• Developed out-of-the-box reports to track policy violation activities.
• Worked on risk score of a policy to control notifications and corrective actions when a violation is detected.
• Involved in the developing workflows (JML process) with two level approvals.
• Developed Rules like Build Map, Correlation, Exclusion, Policy Violation, Policy Formatting etc., as part of connector development.
• Provided company-wide customer support with Identity and Access Management Systems (SailPoint) by assessment, analysis, and resolution of end-user complications.
• Requirement gathering for password management.
• Created power point presentation for business SME to facilitate requirements gathering.
• Created user flow, UI design and design specifications for client applications.
• Wrote use cases and requirements specification documents for user flow and requirements and technical specifications.
• Worked on design and documentation of Workgroups, roles and policies in Sailpoint.
• Worked on custom and out of box workflows in SailPoint.
• Requirement gathering for Segregation of duties (SoD)
• Provided the best practices for SailPoint functionalities and implementation.
• Participated in and/or User Acceptance Testing and bug-related reengineering efforts
• Primary responsibility for delivering entire requirements set/user stories specific to a wide range of taxonomy and metadata migration scenarios and user journeys; metadata models; gap analysis; end product configuration & customer support documentation; integrating with in house systems; Integrating with Confidential Analytics Cloud platform tools; Agile Backlog grooming.
• Building DAM Portal for Confidential client along with Confidential Managed Service employing numerous tools incl JIRA, Confluence, SharePoint, Jenkins, ServiceNow, Amazon AWS, and AD/SSO/IAM
• Worked on Custom Authentication Schemes in Ping Access based on Business needs.
• Upgraded Ping Federate from 6.0 to 8.0.
• Worked on applications which needed compliance requirements in relation to HIPAA, PHI, SOX.
• Involved in discussions with the various business owners and vendors to implement the change on each application without impacting the end user.
• Designed, deployed, and supported highly available and scalable Pingfederate infrastructure in on-premise that provides single-sign-on (SSO) and federation solutions for internal/external access.
• Migrated around 100 applications to use the new solution which offers the users with Kerberos Authentication internally and the Forms based authentication externally using Ping Federate 8.x.
• Executed platform upgrades for Pingfederate.
• Installation and configuration of PingAccess.

IAM Consultant

Confidential, Jersey City, NJ

Responsibilities:

• Installation and configuration of SailPoint IIQ as required by design solution.
• Created various reports like Role composition report, Identity Reports and Application attribute reports for IIQ.
• Design, implemented a solution which manage the Identity lifecycle of almost all applications with the enterprise, without directly controlling the identity store within the application.
• Development of identity federation connectors from SailPoint to target systems, along with subsequent access control by SecureAuth.
• Ensure requirements gathered, processes defined, and use cases documented follow out of the box configuration vs. customization as much as possible
• Develop SailPoint deployment and solution architectures
• Participate in all SailPoint deployment activities - connector configuration, custom rule development, workflow configuration and development, third party system integration.
• Participate in and/or User Acceptance Testing and bug-related reengineering efforts
• Perform Installation and configuration of SailPoint IdentityIQ
• Develop custom SailPoint BuildMap Rules and Workflows as per the business needs.
• Setup applications Active Directory, LDAP, Oracle and Flat Files.
• Providing solutions for the changing business requirements.
• Implement REST classes using SailPoint Rest Application.
• Using IIQ Console for operations such as checkout, import, connector Debug etc.,
• Used IQ Service as part Identity IQ for Active Directory (AD) provisioning.
• Setup direct connectors for AD, LDAP, MySQL, Oracle, EPIC
• Implemented automated local user provisioning instances created in AWS cloud
• Collaborate with QA team for all testing cycles.
• Configure OKTA on multiple Active Directory Forests, Agent installations and MFA setup.
• Created different artifacts such as BRD, FRD, Questionnaire document, project plan and PPT slides.
• Responsible for installing Jenkins master and slave nodes. Configured Git with Jenkins and schedule jobs using POLL SCM option.
• Frame set up for enterprise level Role mining, Role Based Access Control (RBAC), Single Sign on (SSO), PAM (Privileged Account Management), Entitlement Management and Identity Management, SLA.
• Experience in installing and implementing Web Application servers IIS, Apache, I Planet/Sun/Oracle Web servers, IBM http web server, Apache Tomcat, I Planet App server, web logic, web sphere.
• Installed and configured Ping Access servers, Gateways and Agent to protect the resources. Including in the new infrastructure were the installation of PingFederate and PingAccess
• Worked on Ping Access Integration with Ping federate to Protect the applications using Ping Access Tokens.
• Worked on OAM to Ping Access Migration with session management and authentication management using ping federate.
• Expertise in configuring and troubleshooting Webservers like Apache, IIS, IHS (IBM HTTP Server).
• Worked on OAM installation and configuration to protect the applications and allow users single sign on.
• Experience as a configuration administrator to protect web applications using CA Single Sign On.
• Implemented a secure identity and access management infrastructure design, authentication, authorization and business application integration, custom-built solutions and technology frameworks.
• Involved in Capacity management with hardware and software architecture for middleware integration and management
• Configured Single sign on (SSO) between applications that are integrated and deployed to policy server including different domains as well using Cookie Provider.
• Installed and configured web agents on IIS and Apache web servers and troubleshooting issues associated with these configurations.
• Expertise in enterprise Infrastructure Security, Design & Architecture involving concepts of Access Control Authentication, Authorization and Auditing.
• Experience in configuring Web Agents, Rules, Responses and Policies associated with GROPS and JAAF (Custom Agents) for different application servers (ex: Glassfish).
• Configuring SiteMinder for SAP and Siebel applications using Session Linker.
• Configuring authentication support for X.509 certificates over SSL.

IAM Consultant

Confidential, Austin,TX

Responsibilities:

• Interacted with the SME’s to gather information about project related requirements.
• Requirement gathering for password management.
• Created power point presentation for business SME to facilitate requirements gathering.
• Created user flow, UI design and design specifications for client applications.
• Wrote use cases and requirements specification documents for user flow and requirements and technical specifications.
• Worked on customizing User Onboarding process as per customer requirements.
• Worked on various Certifications, developed custom task and reports.
• Provided production support for existing application.
• Configuration of Roles, Policies and Certifications for governance compliance
• Worked on various Certifications, task and reports
• Design, develop, test, support and deploy the desktop application for Supply Chain Management in J2EE, Oracle web logic.
• Gathered the requirements and create the technical design documents.
• Researched and evaluated software related technologies and products related to J2EE architectural designs.
• Assisted and supported other team members on multiple projects.
• Worked on OAuth Grant types to get Access Token to access Protected API's.
• Integrated OAuth with Ping federate to protect RESTful API's.
• Protected multiple applications both web based, and API based using Ping Access and Ping Federate.
• Worked on OAuth Integration using Ping Federate and Ping Access and implementing Federation SAML services to SSO into third-party vendors.
• Implemented OAuth to access the protected API with Access Token by using Different OAuth Grant types.
• Integrated Ping Access with Ping Federate System to get authenticated by Ping Federate and Authorized by Ping Access Servers using the Access Control Lists.
• Workforce and Client identity management system (Ping Federate and Ping Access).
• Established Definition of Done and formulated Acceptance Criteria between client/product owners and dedicated team of offshore Sitecore developers in relation to production Web Support issues impacting front and back-end digital content development and deployment.
• In coordination with chief Testing Engineer/SCRUM Master, In-house Sitecore developers, Product Owner, UI/UX, and several offshore development and testing teams played a leading role in effort to work through backlog to update and address all open and critical issues for several production multinational WCM implementations.
• Performed Client Reviews and Presentations for new functionality on a weekly basis or as requested by client in coordination with Marketing Department and Brands/OpCOs.