PROFESSIONAL SUMMARY:

• Total 7+ years of experience in Information Technology, which includes demonstrated work experience in design, development, testing and implementation of enterprise wide security applications using CA SiteMinder, Pingfederate, PingAccess, Involved in the upgrade of PingFederate 6.0 to 8.0 and 8.0 to 9.0/10, PingAccess 4.0 to 5.0 and 6.0.
• Expertise in Installation, configuration, deployment and maintenance of the PingFederate, PingOne and PingAccess. Experienced in installing, configuring SiteMinder policy servers, Web agents, Web Agent Option Packs, Secure Proxy servers, Pingfederate, PingAccess, ODSEE 11g server (LDAP) and various Web & Application servers on Multiple platforms like windows, Unix(solaris), RHEL.
• Hands on experience with IIS, IBM IHS, Apache, Sun One Web servers and WebLogic and WebSphere Application servers in Identity and access management environment. Experienced in SAML based authentication 1.1 and 2.0 using PingFederate, SiteMinder Federation and integrate with SiteMinder authentication and another adapter.
• Demonstrate a working knowledge of identity and access standards and technology including SAML 2.0, OAuth, OpenID Connect. Implemented Federation Solution using SAML 2.0 PingFederate 6/ 7.0/8.0/9.0/10 .
• Developed custom Ping Federate adapters and Ping Federate custom data source drivers using Ping Federate Java SDK (IdpAuthenticationAdapterV2 / Custom Data Source Driver /Password Credential Validator).
• Worked on apache web server to make the application URL work with both http and https and protected both secure and non - secure URL’s using PingAccess. Client interaction and facility maintenance engagement in Web Authentication and implemented Web Access Management Solutions using Azure/AWS or any Identity Access Management tools.
• Experienced in installing Pingfederate on both Linux and Windows Platform.
• Experienced in writing OGNL expression to meet the vendor requirement for SAML Assertion and experienced in restricting the access for certain users by writing OGNL expression in the Issuance criteria
• Supporting overall Company IAM Infrastructure which includes various IAM technologies
• Full Ping Identity Stack (PingFederate, PingAccess, PingID, Ping Directory), Active Directory, Active Directory Federation Server, Azure AD, Azure AD Connect.
• Worked on all the Pingfederate OAUTH grant types to get the access token to access the protected API. Supported development with integration of Mobile Apps using OAuth/SAML 2.0 in PingFederate.
• Experienced in configuring SSO with PingAccess using out of the box and custom developed authentication schemes.
• Experienced in implementing OAuth & OpenID Connect Solutions using PingFederate. Worked on PingFederate to allow users to perform single sign - on with other third-party applications.
• Experienced in installation and Configuration of PingAccess to Authenticate and Authorize the users using PingFederate Session. Deployed PingFederate as both Engine and Console servers. Experience with Ping Federate, SecureAuth, Multi-Factor Authentication (MFA), and OAM Federation with SAML 2.0, Experienced in creating SP/IdP connections using PingFederate with external partners.
• Experienced in performance testing the Ping Engine servers depending on the min and max threads, depending on that we used to scale the number of engine servers per cluster.
• Experience in Active Directory assist in design and changes to Group Policy. Also familiar with Active Directory Federation Services (ADFS).
• Experience in Solid understanding of Identity Access Management architecture and exposure to entire features of CA SiteMinder (Policy Servers & Web Agents), PingFederate 7.1.2, 8.4, 9.1.3,10 and later versions, Azure AD, AD, ADFS. ADDS, ADCS. Azure Active Directory (AAD) configuration and management, policies and provisioning, Azure AD Connect, Azure AD, Multi-Factor Authentication (MFA), ADFS, AD DS, AD CS.
• Implemented OAuth to access the protected API with Access Token by using Different OAuth Grant types. Experienced in installation and configuration of PingAccess Policy Servers and PingAccess Agents.
• Experienced on application configuration with PingAccess and defining PingAccess Sites, Site Authenticators, Virtual hosts, Policies and Rules. Experienced in PingAccess Integration with PingFederate to protect the applications using PingAccess Tokens.
• Experienced in configuration of PingAccess both as Proxy Gateway to decode the JWT tokens, and also by installing the agent on application server to communicate with PingFederate server. Hands on experience in designing, deployment, implementation and architecture with PingAccess.

TECHNICAL SKILLS:

Single SignOn: Ping Access 3.0/4.0, PingFederate 7.0/8.0/9.0/10 , PingAccess 4/5/6.0, OAuth, OpenID connect, SecureAuth, SAML 2.0, MFA, SiteMinder R12 SP2, SP3 / R6 SP1, SP2, SP4, SP5, SP6 /5.5 Webagent 4.x,5.x,6.x,12.x, APS 4.0, SAP Agents 5.6/12 and Session Linker r12

Operating System: Solaris 8/9/10, Unix, RedHat Enterprise Linux AS 2.1/3.0, SUSE Linux 10, Windows Server 2000/2003/2008

Languages: C/C++, Java, shell, Perl.

Directory Server: Netscape Directory Servers 4.x, SunOne/iPlanet server 5.x,6.x MS Active Directory, Azure AD, AD, Oracle Directory Server 11g, OUD 11g and iPlanet meta Directory Server 5.x.

Databases: Oracle 8/9i/10g/11g, MySQL and MS SQL Server 2005,2008.

PROFESSIONAL EXPERIENCE:

Confidential, OH

IAM Ping Engineer

Responsibilities:

• Upgraded Ping Federate solution from legacy (6.x) version to new (8.x), 9.x and (10.x) versions. Performed POC for PingAccess Authentication Solutions.
• Experience in analyzing IAM logs, IAM application server logs, provisioning server logs to troubleshoot various authentication/endpoint related issues. Co-ordination with Server hosting team if any hardware related issues.
• Assisted multiple applications during any production outage. Handled multiple alerts related to servers in various environments. Assisted Infrastructure Team during any changes. Experienced in Installation and configuration of web agents on Apache, IIS, IHS, WebLogic, Web Sphere and SunOne Webservers.
• Developed custom Ping Federate adapters and Ping Federate custom data source drivers using Ping Federate.
• Worked on moving around 50 applications from OAM to PingAccess 5/6. Implemented lot of other custom features with SecureAuth and MFA like Post authentication for custom attributes and also implementing geo-location.
• Experience with Ping Federate, SecureAuth, MFA and OAM Federation with SAML 2.0, Sp-Initiated, IdP initiated connections setup for SSO in Pingfederate and SecureAuth. Worked on resolving tickets using ServiceNow implementation. Involved in Application development by using connector configurations like Oracle unified directory, delimited, DB, SAP and Active Directory etc.
• Perform SSO connections in Azure AD technology standards with SAML 2.0 (SAML spring framework -backend coding). Execute with programming languages PowerShell scripting to pull data and force sync with Azure AD.
• Upgraded PingFederate from version 6 to 7 and from version 7 to 8, 9.0/10. Developed custom Ping Agent using Ping SDK and Implemented SAML Protection with Digital Signature.
• Implementation on Access control, MFA, creating Active directory (cloud) for app services in azure management portal using RBAC other protocols. Implemented Ping Federate solution with Services like AWS, Service-Now, Salesforce, and Oracle Fusion.
• Worked on OAuth and OpenID Connect solutions using Ping Federate and writing different OGNL expressions to meet the SAML assertion requirement for the vendor’s and also restricted the user groups by writing OGNL in the issuance criteria.
• Hands on experience in IAM requirement analysis, implementation of Access Gateways and SAML, Oauth, WSFed and OpenID Connect based integrations using Ping Federate. Implemented OAuth to access the protected API with Access Token by using Different Oauth Grant types.
• Experience in Azure Active Directory (AAD) configuration and management, policies a provisioning, Azure AD Connect, Azure AD, Multi-Factor Authentication (MFA), ADFS, AD DS, AD CS.
• Responsible for provisioning users across endpoints like Active Directory, LDAP, Unix, and RACF/Mainframe along with explore and correlating users from various endpoint. Responsible for Salesforce SSO integration. Managing development and production environment, Salesforce (SP) to Pingfederate (IDP) authentication, JIT provisioning, provision AD federation ID’s, and add/delete salesforce users.
• Worked on Custom Authentication Schemes in PingAccess based on Business needs. Worked on applications which needed compliance requirements in relation to HIPAA, PHI, SOX.
• Involved in discussions with the various business owners and vendors to implement the change on each application without impacting the end user.
• Designed, deployed, and supported highly available and scalable Pingfederate infrastructure in on premise that provides single-sign-on (SSO) and federation solutions for internal/external access.
• Created federation trust between Pingfederate and Siteminder for seamless SSO for applications during migration strategy for utilizing SMSESSION using coreblox token service adapter.
• Experience in deploying SaaS based connectors like AWS, Slack, Box and Salesforce many more depending on the new integration patterns. Implemented clients and generated client's secret in Oath. Configured Oauth clients to authenticate users for backend sites using PingAccess.
• Deployed several Pingfederate integration kits for Apache, Coreblox, Atlassian, Java, PHP, Symantec VIP, Agentless, IWA etc., to establish the "first- and last-mile" implementation of a federated-identity.
• Internally and the Forms based authentication externally using PingFederate 8.x. Executed platform upgrades for Pingfederate and Installation and configuration of PingAccess
• Integrated Ping Access with PingFederate servers to Authenticate using custom Adapters and OAuth with PingFederate to protect RESTful API's.
• Troubleshooting the issues occurred during the development of test environments. Involved extensively in the production support calls to resolve the issues occurred in production to avoid the downtime for the end users.

Environment: OpenID Connect, SecureAuth 9.0, PingFederate 9.0/10 PingAccess 4.1 & 5/6, SAML 2.0, OAuth2.0, Oracle Identity Manager 11g R2, Microsoft Active Directory, OIG, OID 11.1.1.6, Weblogic 10.3.6, IIS, Apache Web Server, IBM Http Web Server.

Confidential, Morrisville, NC

IAM Engineer

Responsibilities:

• Provided solutions for complex application using Siteminder and Ping federate. Hands on experience on Ping federate, CA Single Sign-ON, CA Advance Authentication, CA Secure Proxy Server, Ping Access, and Ping Cloud.
• Use of rules for complex authorization scenarios and custom built adapters to handle complex authentication scenarios. Integrated SAAS applications, service now, tableau, KLT with Azure production servers and AWS in Non-production.
• Operated AWS/Azure Identity and Access Management (IAM) web service applications to securely control access to the portal with protected resources and user groups in AD. such as IAM users, applications, or AWS services such as EC2.
• Worked on OAuth Integration using PingFederate and PingAccess and implementing Federation SAML services to SSO into third-party vendors. Integrated PingAccess with PingFederate System to get authenticated by PingFederate and Authorized by PingAccess Servers using the Access Control Lists. Workforce and Client identity management system (PingFederate and PingAccess).
• Experience in SAML based authentication 1.1 and 2.0 using Ping Federation, Siteminder Federation and integrate with Siteminder authentication and adapter.
• Designed ping suite including ping directory for scalable solutions. Creating SP/IdP connections using Ping Federate with external partners.
• Implemented Single sign-on using the Unbound id component to interact with the Customer LDAP.
• Migrated SAML Based SSO partners from CA Single Sign-On federation to Ping Federate. Configured both Ping Access Reverse Proxy, Gateway to decode the JWT tokens and also installed the agent on application server to communicate with Ping federate server.
• Protected multiple applications both web based and API based using Ping Access and Ping Federate.
• Migrated login pages from SiteMinder to ping and involved in building custom adapters for ping to analyze risk based transactions.
• Worked on OAuth Integration using PingFederate and PingAccess and implementing Federation SAML services to SSO into third-party vendors. Used Ping API to deploy and create SAML changes.
• Architecture and implementation of Identity and Access Management (IAM) solution using Ping Federate, Risk-based 2-Factor Authentication (using RSA Adaptive Authentication) and OAuth 2.0.
• Designed common framework for Single Sign-On implementation for partners using Ping Federate. Ping Federate Performance tuning for supporting heavy traffic.

Environment: Ping Federate 8.3/8.4, Ping Access 3.2,4.0/5.0, Novell Access Manager 4.2,4.3, SAML 2.0, SAML1.1, WS-FED, SSO, OpenID connect, OAuth2.0, Active Directory, Java, C#, PowerShell.

Confidential, CA

IAM Consultant

Responsibilities:

• Worked on Custom Authentication Schemes in Ping Access based on Business needs.
• Installed and Configured Ping Access to authenticate and authorize the users using Ping federation as token provider.
• Hands on experience in designing, deployment, implementation and architecture with Ping Access and PingFederate.
• Experience in configuring SSO with PingFederate using out of the box and custom developed authentication schemes.
• Performed POC for Ping Access Authentication Solutions. Installed PingAccess Admin server and Runtime servers in clustered environment.
• Protected multiple applications both web based and API based using Ping Access and Ping Federate
• Worked on Ping Access Gateway to take the Application traffic directly using Virtual Hosts and redirect back to the backend sites application with Ping Access Token.
• Worked on OAuth Integration using Ping Federate and Ping Access and implementing Federation SAML services to SSO into third-party vendors.
• Configured Oauth clients to authenticate users for backend sites using PingAccess.
• Expertise in implementing SAML as both Identity Provider and Service Provider across multiple platforms Using Ping Federate.

Environment: Ping Federate 8.3, Ping Access 3.0/4, SAML 2.0, SAML1.1, WS-FED, OAuth2.0, Active Directory, PingDirectory, Java, C#, PowerShell, Web Agents, Oracle LDAP Directory Server 11.0g, IBM WebSphere, SQL Server, HTML, SQL, MS Visual.

Confidential, NC

Identity and Access Management Consultant

Responsibilities:

• Worked on installation and configuration of PingAccess Policy Servers and PingAccess Agents.
• Integrated PingAccess with PingFederate System to authenticate the user using PingFederate and Authorize by using PingAccess Servers.
• Integrate the custom developed independent application with PingAccess to track the owner of the application which is being protected by PingAccess and Pingfederate.
• Worked on application configuration with PingAccess and defining PingAccess Sites, rules, Virtual hosts, Policies and Rules.
• Worked on Token Generator and Token Processor to establish a connection between two web services from different Enterprises and PingAccess and JWT tokens to authenticate the user using Ping Federation.
• Worked on Ping Access Gateway to take the Application traffic directly using Virtual Hosts and redirect back to the application with PingAccess Token.
• Worked on configuration of PingAccess as Proxy Gateway to protect the application without exposing the application URL to the end users.
• Involved in daily Scrum meetings to discuss day to day updates on the project.

Environment: Windows 2012 R2, RHEL 7.x, Pingfederate 8.x, 9.x, PingAccess 5.0.

Confidential,

Siteminder Consultant

Responsibilities:

• Create Siteminder Active Expressions as required for the company business logic. Create Siteminder Authorization API (Active policy) to authorize the user with custom business logic.
• Involved in configuring mixed mode replication between directory server 5.x and 6.x. Create Perl Scripts by using Perl Policy Management Api to modify the policy store with the new active expressions developed.
• Installed and configured Siteminder User Context Gateway on policy server and IIS web server to work with pc based applications.
• Configured User Context Gateway to provide Single Sign on with PC based applications like Citrix.
• Worked in setting up synchronization between Sun LDAP and Microsoft Active directory using ISW 6.x. Involved in setting up password policies and ACIS in directory server 5.x according to requirement.
• Deployed and configured Directory Server 5.x as User Store and Policy Store in different environments.
• Involved in designing the directory server architecture according to requirement. Create the Perl scripts to export the policy objects as per the requirement.
• Working on .net pages to route Siteminder target using Custom Authentication. Helped in documenting the procedure for migration and replication of directory server
• Configured the Replication for user directories on Sun One LDAP servers and Troubleshooting login, Authorization problems using Trace Files in 6.0 or (Log files in 4.51/6) and solve them on timely basis.
• Installing the Siteminder web agent on the web server side as per required and verify trusted host is created properly.
• Developed some scripts for checking the performance in directory server 5.x/6.x
• Troubleshooting the directory server replication and high CPU issues in User Store and Siteminder issues and working with CA to resolve the issues.

Environment: Solaris 8/10, Sun Directory Server 5.x, LDAP, Sun One, Single Sign On (SSO), Windows 2000/2003, Netegrity Siteminder 5.5 / 6.0, Sun web server 6.x, Active Directory, Apache web server 1.3.1/2,0 IIS 5.0/6.0 web servers.