- Over 16+ years of IT experience with 9+ years of progressive experience in Identity and Access Management (IAM) implementation including but not limited to Business engagement, Environment discovery process, User/Identity provisioning and Access Management, Application integration, Upgrade/Migration, Certificate management
- Experience working in diverse enterprise environments like Corporate, Government, Financial, Healthcare, Insurance, Retail and Food entities
- Experience in developing, implementing or architecting information systems.
- Technical Architecture experience integrating identity management, access management and access governance software into clients' infrastructure and applications.
- Experience with installation, integration and deployment of IBM - ISAM, QRadar and HSM's in client environment.
- Strong working experience in design, deployment, administration and troubleshooting of IAM Security products like - IBM Tivoli Access Manager for e-Business (TAMeB), IBM Security Access Manager (ISAM) for Web (ISAM), IBM Tivoli/Security Access Manager Enterprise Single Sign-On (TAM/ISAM ESSO), IBM Tivoli/Security Identity Manager (ITIM/ISIM), IBM Tivoli/Security Directory Server (ITDS/ISDS), IBM Tivoli Federated Identity Manger (TFIM), Tivoli Directory Integrator (TDI), IBM WAS & IBM HTTP servers
- Technologies: IT Security Practices, Identity Access Management, SOC SIEM, System/Network Administration, Firewall LDAP, OpenDj, AD, IDS, ITDI, IAM Security solution design, implementation and management (TIM & TAM/ISAM).
- Presently working Confidential &T - Texas as a Security Consultant.
- Good Understanding and end to deployment of Sailpoint.
- Good understanding of Incident, Configuration and Change management processes
- Has the ability to manage projects and work within tight deadlines
- Strong team player and self-motivator with an ability to adapt to new technologies quickly
- Excellent customer service orientation and a professional approach; including ability to interact with all levels across the organization
Technologies: IT Security Practices, System Administration, Firewall, LDAP, IDS, ITDI, IAM Security solution design, implementation and management (TIM & TAM/ISAM).
Operating System: AIX, Red hat Linux, Windows Server 2000/2003/2008 , Solaris
IT Security Services: Tivoli Access Manager e-business 5.1/6.0/6.1/6.2 (TAM), IBM Security Access Manager Web 7/8/9.X Appliance (ISAM), ForgeRock OpenAM, OpenDj and OpenIDM. Tivoli Access Manager E-SSO 8.0/8.1/8.2.2 (TAM ESSO), Tivoli Identity Manager 4.6/5.0 (ITIM), WebSphere Application Server 5.1/6.0/7.0/8.5 , Tivoli Directory Integrator 5.1/6.0/7.0/7.1 , Tivoli Federated Identity Manager 5 (TFIM), ISAM Federation.
Database: IBM DB2 8.1/8.2, Oracle 8/9, MS SQL 2005/2008
Web: HTML, Java Script, XML
Directory Servers: Implementation and Administration of Windows 2000/2003 Active Directory, IBM Tivoli Directory Server v5.2/6.1/6.3
Active Components: Cisco 2500, 2600, 3600 Series Routers, Cisco Catalyst Switches 6000, 3000 and 2900
Information Security Analyst
Environment: IBM Security Access Manager (ISAM v 7.0, 8.0 and 9.0.x), IBM Tivoli Directory integrator (ITDI v 7.1.1) IBM security directory server (ISDS). Tivoli Federated Identity Manager (TFIM v6.1), IBM Web Sphere, ForgeRock openDj, OpenAM and OpenIDM IBM Directory Server IDS LDAP, ADFS (Active Directory Federation Server), Planet LDAP, SSIS, TSM, Lotus Notes.
- Implemented 100% new development on a next-gen, industry leading enterprise portal application
- Customized and configured the ISAM v. 9.0 application within the Confidential &T environment
- Daily responsibilities include writing plugins/connectors in JAVA to customize, designing, solutioning, and implementing the ISAM application.
- Designed solutions for problem solving and how to best configure ISAM to work within the Confidential &T environment.
- Configuration of Authentication stacks like Open ID Connect, OAuth, SAML along with Reverse Proxy and content stack.
- Setting up the replication between the servers in multiple data centers.
- Implemented JWT Profiles for Open ID Connect OAuth 2.0 Client Authentication & Authorization
- Configured Security Assertion Markup Language SAML 2.0 to a third-party external application with Secure Auth.
- Developed JWT token generation and validation, Custom mapping module, Ansible scripts (playbooks) for configure deployment in appliances.
- Developed Hybrid flow for Native, SDK, Device auth and Web flow
- Involved into Rapid response team for production trouble shoot calls.
- Involved into On-Boarding third party client discussion for implementing SSO
- Providing authentication and authorization framework solution to the existing and new application
- Experience in building Identity and Access Management and Privileged Access Management Architecture (logical, physical, etc.) using multi-vendor tools that are deployed globally for large customers.
- Configuring ISAM Appliance with Thales Hardware Security Modules (HSM 6000) for Hardware certs.
- Installing, configure and deploying the tool, instrumentation, migrate code and data, integration with other systems for automation, data mgmt. bug fixes, assist and support testing, production releases
- Handle system changes for signature updates, patches and upgrades
- Identification of root cause analysis and permanent fix on Defects
- Single Sign On
- Identity Federation
- Enterprise Directory Architecture and Design including directory schema, namespace and replication topology experience
- Resource Provisioning
- Identity & Access Governance including Role based access control, access request and certification
Confidential, O'Fallon, MO
Information Security Analyst
- Extensive work with IBM’s Tivoli product suite including Tivoli Access Manager (TAM), Tivoli Directory Server (TDS/LDAP), and Tivoli Federated Identity Manager (TFIM) IBM Security Access Manager (ISAM), OpenAM, OpenDj, OpenIDM and AD.
- Installation and configuration of TAM 6.1
- Installation of TDS 6.3, ISDS 6.4 and configuration of LDAP with Policy Director.
- Migration of TAM 6.2 to ISAM 9.0.1 and ISAM 9.0.2
- Migration of LDAP form TDS 6.3 (AIX) to ISDS 6.4 (LYNX)
- Cluster configuration of Policy Director and WebSeal appliances
- Upgrade of TFIM 220.127.116.11 to 18.104.22.168
- Upgrading fixpacks for TDS, SDS, TAM and ISAM.
- Migration of FSSO and STS to ISAM and setting up configurations.
- Building new data centers for Confidential (Pune, Belgium)
- Design and maintain ACL and object hierarchy with in TAM and TDS
- Setup End-to-End Federated SSO concept and new partner on-boarding and customizing and integrated their requirements.
- Developed automation framework using Python for deploying components in SIT/UAT/PROD
- Installation, configuration, and Daily operation of RSA’s Adaptive Authentication (Risk Based Authentication) application.
- Lead, develop, and maintain application’s disaster recovery and business continuity efforts.
- Peer review custom data manipulation programs for structure and secure elements
- Involved in automation Framework development using Python and automation setup in Jenkins build for lower environment
- Design interactive security maintenance tools for TAM, TDS, TFIM, and RBA
- Working with SME Confidential Dev Ops using shell script and Python script, developed automation frame work for deployment releases and monitoring tools and backup process
- Support Operations teams’ Crypto vault storage implementation.
- SSL Certificate Replacement and design strategy.
- Reviewed, coordinated, and implemented TAM, TDS, GSKIT, DB2 fix pack Strategy to support stabilization and department standards and ensure all TAM/TDS environments were up-to-date and versions were in sync across all environments.
- Created, lead, and implemented TAM/TDS System Monitor Validation Effort to ensure all system monitors and system jobs are working as designed.
- Coordinated Tripwire software configuration with other teams to provide content monitoring of system and custom application files for unauthorized changes.
- Created and modified custom UNIX shell scripts to automate daily activities
- Created custom Monitoring Solutions for TAM Policy Director Authorization server.
- Worked With internal departments to troubleshoot and define solutions for FSSO login problems for global Confidential users
- Point of contact for our team’s Change management process.
- Monitor and review change tickets for correct content and technical aspects are met.
- OpenAM Administration, managing Realm, OpenAM Realms Privilege Management, data store to the realm
- Strong experience of working on Linux, Unix, Windows Enterprise Server OS, with mixed skills around administration and troubleshooting.
- Worked extensively on Support procedures effectively in large, heterogeneous enterprise networks
- Conversant with quality procedures and adaptive to new environments
- Experience as System, Network and Security Analyst
- Knowledge on Design, development and implementation of highly scalable Identity and Access Management solutions using ForgeRock's Open Identity Suite
- Installation and configuration of CyberArk and ForgeRock Identity Platform in POC environment Confidential .
ConfidentialInformation Security Analyst
- Administration of Sun Solaris 8, 9 & 10, IBM-AIX and HP-UX servers running on Middleware architecture.
- Analysis, Configuring, Troubleshooting of Sun Servers (i.e. Sun Fire E15K, E25K, V880, v440, E240, E6900, Ultra 5/10 servers and T series servers)
- Expert in VERITAS Cluster System, VERITAS Volume Manager, SVM, and Solaris Cluster System
- Having extensive knowledge on LDOMS, ZONES and Virtualization concepts
- Handling Server Alerts, tickets & Change Requests (Vantive - CRM/Remedy)
- Patch, Packages Installation, Disk and File system Management and firmware up gradation (includes SC firmware).
- Handling decommission project for BellSouth.
- Hands On experience on Oracle database, SQL queries/scripts and XML
- Experience with any one of the Java application servers (Websphere/WebLogic/JBoss/Tomcat)
- Understanding of Identity and Access Management principles
- Experience with Active Directory/LDAP directories and software development tools
- Familiarity with various IT systems (Unix and Windows servers, Databases, Active Directory etc.)
- Knowledge on SAN and EMC (Symmetric/Clarion), Power path and Net app shared storage technologies
- Server Upgrade with any scenario (Live upgrade /Jump start/Flash)
- File system, Device & Services Management (NFS, Mail Server etc.)
- Having knowledge on BMC petrol TNG and HP suite monitoring for applications
- Involved in the implementation of SAN using SUN Servers, Fiber Channel switches, Fiber Channel host adapters, Storage devices
- Working knowledge on Entrust and Sudo to use and control the user access
- Responsible for creation and Implementation of CMWO (Change Management Work Order) which includes changes done On Production, Test, Development and Pre-Production servers as per Confidential &T norms.
- Having knowledge on SAP securities and Basis user control
- Making the documentation for Disaster recovery working with DR Team