SUMMARY

• Six years of IT experience in which Five and Half years as an Identity and Access Management Consultant, has full - fledged knowledge and hands on experience in exploring Computer Associate’s Identity and Access Management (IAM) and Security and Information Management(SIM), Threat/Vulnerability Management Suite of Products. Worked in System Analysis, Design, Implementation, Testing and Maintenance of the above suite of products.
• Certified in Computer Associates Identity and Access Management Certification for Foundation and Advance Levels which includes CA Siteminder, CA Single Sign On (SSO), CA Access Control (SeOS), eTrust Directory, CA Admin.
• Involved in multiple implementations on IDM/SIM Products.

TECHNICAL SKILLS

Security Concepts: Authentication, Authorization, Accounting and Auditing of Security policies, LDAP, Intrusion Detection System (IDS),Spam Control and Filtering, Anti-Virus, Firewall, Host Intrusion Detection/Prevention (HID/HIP), PKI, SSL, Security Management, Compliance, Monitoring, Reporting

Databases: Sql Server 2000, Oracle 9i,10g

Directory: Sun One Directory 6.0, Microsoft Active Directory, Novell eDirectory 8.0, Radiant Logic VDS

Languages: C,C++, Core Java, SQL,Java Script, TCL Script, Shell Script, HTML, XHTML

Web Server: IIS, Sun One Web Server 6.0

Application Server: JBoss-3.2.2, Tomcat 5.0, IBM Web Sphere 6.0

Security Management Tools: CA Identity Manager, Netegrity/CA SiteMinder, Covalent Apache Reverse Proxy, CA Single Sign On (SSO), CA Access Control, e-Trust Admin, IBM Tivoli e-SSO (Pass-logix V-GO), e-Trust Antivirus, CA Threat Management, e-Trust Directory, e-Trust Audit, Secure Content Manager (SCM), e-Trust Policy Compliance Manager, RSA SecurID

PROFESSIONAL EXPERIENCE

Confidential

IDM Lead Engineer

Environment: Windows 2003 Server & Solaris 8

Responsibilities:

• Installed Host Intrusion Protection (HIP) client on all SAH Windows 2003 Servers and configured the HIP policies as per the GSK standard procedure.
• Prepared the test cases for the HIP policies and Migrated the same to the remaining servers in SAH.
• Identified the list of Port Numbers which needs to be open for proper communication of Identity Management components in Secure App Hosting (SAH) infrastructure and Intranet.
• Prepared the Perimeter Change Request (PCR) and Change Control Procedure (CCP) for all needed SAH and Intranet servers. Submitted the PCRs to Security Team for approval. Created the test cases and verified the Ports.
• Configured Covalent Reverse Proxy Server 3.1 in Solaris 9.0 and defined proxy rules to forward the request to the back-end Identity Manager Server.
• Deployed the CA Identity Manager r8.1 SP2 Premium Edition on JBoss Application Server 3.2.2 .IIS Web Server is co-hosted on Identity Manager Jboss Application Server and is configured with ISAPI plugin to act as a proxy for Jboss Application server.
• Upgraded existing Siteminder to Version 6 SP5 CR22 on Solaris 9 and configured Identity Manager resource to protect using Siteminder Policy Server with Sun One Directory Server 5.2 acting as the corporate store for Identity Manager and Oracle 10g RAC database as the Policy Store, Audit, Task persistence, Workflow and IDFocus.
• Deployed eTrust Admin r8.1 SP2 cr22 (Provisioning Server),Identity Manager server extensions (eta-callback) and eTrust Directory (Provisioning Repository) on Windows 2003 Server.
• Imported the Custom Workflow Process for multiple approval steps (0,1,2,3) using WorkFlow Designer and modified the process properties accordingly.
• Defined the eMail templates in Identity Manager to send pending approval emails to approvers, self registration verification email to users, password change notification, modify profile notifications and alerting users when subscription request is approved or denied.
• Installed Covalent Apache/Tomcat Server 5.0 and deployed Custom Self Service application and defined application contexts to it.
• Configured Oracle 10g JDBC Drivers for Identity Manager Workflow to get the approver list from Oracle database and to maintain it using Workflow Participant Resolver.
• Created the Role-definitions, IME, Directory, BLTH, LAH settings as per the client requirements.
• Configured the Provisioning roles and policies in Identity Manager and Admin Server.
• Deployed the program exit in eTrust Admin to add the user to the appropriate group (AD group), once all the approval process is completed.
• Generated SSL Certificates (Server Certificate) using “Self Sign Certificate Authority” tool in the Active Directory Domain Controller and imported 1024 bit Root Certificate into MMC Console.
• Exported the Root Certificate from the DC and imported to eTrust Admin Server MMC Console.
• Defined the Siteminder Rules, Realms, Response and Policies to protect the self service application and defined Multiple User Directories to allow users to authenticate using their UID, External ID and eMail.
• Worked with CA Global Service Engineers (GSE) in integrating the custom self service applications with Out-Of-The-Box(OOTB) identity manager applications.
• Performed the Fine-Tuning of the Identity Manager, JBoss, Custom Application configurations accordingly.
• Prepared the Test Case scenario for Self Registration and Application Subscription Process to check whether the user is created and added to the application group as per the application subscription request.
• Prepared the Technical Installation Procedure (TIP) for the deployment and submitted to the IQMS team for approval.
• Completed the Use-Case Document and submitted to the service team for additional testing.

Confidential

Senior IDM Consultant

Environment: Windows 2003 Server & Solaris 8

Responsibilities:

• Configured the Novell eDirectory (LDAP) v8.0 as a backend server for Siteminder 6.0 SP5
• Installed the eTrust Siteminder 6.0 policy server on IIS Server residing on windows 2003 server.
• Deployed the Application Server Agent on Web-Logic Server 6.1 in-order to protect the web applications including JSP, J2EE.
• Configured the Agent and registered the Application agent with policy server and created suitable user directory and domain.
• Created suitable Realms, Rules, Response and Policies for the custom applications according to the client requirements.
• Explored the Failover and Load balancing scenario from Policy Server to multiple user directories and tested it accordingly.
• Configured Multiple User Directories to allow users to login to custom applications using different user attribute combinations including e-Mail and UID.
• Enabled SSL configuration between Novell eDirectory and Siteminder by importing the CA Root Certs and Server Certs into the key3 database using Netscape Navigator.
• Explored the Siteminder Testing Tool functionality such as Performance Monitoring using Stress test, Functional testing, Regression testing.
• Configured the One-View Monitor and Profiler for logging activities.
• Provided the Production Support to Siteminder solution as per the client specification.

Confidential

Senior IDM Lead Consultant

Environment: Windows 2003 Server, RedHat Enterprise Linux Server 3

Responsibilities:

• Deployed the eTrust Directory (LDAP) r8 SP1 as a backend server for Identity Manager r8.1 SP2 and Siteminder 6.0
• Installed the Identity Manager Components on JBoss Application server 3.2.2 along with Siteminder 6.0
• Deployed eTrust Admin Server with eTrust Access Control Options and appropriate extension to Identity Manager Server.
• Installed eTrust Access Control on RedHat Linux Server and registered Access Control with Admin and acquired the users using Explore/Correlate options in Admin.
• Created suitable roles and mapped the provisioning roles with users in Identity Manager environment.
• Created suitable realms, rules and policies in siteminder inorder to protect the web resources.
• Configured the Oneview Monitor and Profiler for logging activities
• Prepared the test-case scenario for Identity Manager, Admin, Access Control and tested.

Confidential

Senior Consultant

Environment: Windows 2003 Server

Responsibilities:

• Deployed the Single Sign On Manager on the Windows 2003 Server.
• Imported LDIF File in the Primary TDS which resides in Delhi (Head Office) followed by Failover Tivoli Directory Server which resides in Mumbai and Bangalore.
• Created the application templates for 42 applications which includes the Web based Applications, Citrix based Thick Client Applications.
• Configured the Tivoli Compliance Insight Manager (TCIM) to extract the logs from different target systems for Monitoring purposes.
• Launched the SSO Module and tested it successfully.

Confidential

Senior Consultant

Environment: Windows 2003 Server

Responsibilities:

• Deployed the SSO Policy Server on Windows 2003 Server residing in ISP data center, Confidential (STC), Confidential 
• Installed RSA Ace Server 6.0 and configured RSA Server by creating users, assigning tokens for each users and creating the Agent host.
• Installed the RSA Authentication Agent for SSO and configured SSO Policy Server to send the authentication request to RSA Server.
• Installed SSO Client and configured to send the SSO client request to RSA Authentication Agent.
• Tested the user by launching the SSO client application with RSA authentication method specified the PIN number and Token ID.

Confidential

Senior IDM Consultant

Environment: Windows 2003 Server

Responsibilities:

• Installed eTrust Single Sign On primary component (Policy Server) on Windows 2003 server.
• Deployed the windows authentication agent on Active Directory DC and defined the users and resources using SSO policy manager.
• Installed and configured SSO Client on all end-users machine to communicate with Active Directory DC for authentication and SSO Server for authorization.
• Prepared the Test case scenarios for SSO client and tested it.
• Installed the eTrust Admin Server with SAP, Lotus Notes, Oracle, SSO options and configured the Workflow Web Interface option and Server option accordingly.
• Imported the SAP user information from an XML file to admin server through workflow engine which creates global users with appropriate Approvers, Managers
• Created suitable roles and policies using the command-line tool Batch Utility.
• Registered the SSO Server, OS400, Lotus Notes Server with Admin Server and acquired the users using explore/correlate options for centralized management through eTrust Admin.
• Explored the Failover and Load Balancing scenarios in eTrust Admin.

Confidential

Senior Consultant

Environment: Windows 2003 server

Responsibilities:

• Installed the eTrust Secure Content Manager HTTP Engine Components on Windows 2003 server.
• Created suitable policies for the specific AD-Groups to block all non-productive websites.
• Explored the upstream proxy server configuration in the eTrust SCM HTTP Server.
• Deployed the eTrust Secure Content Manager SMTP Engine Components on Windows 2003 server.
• Created suitable policies for the incoming and outgoing emails for Spam filtering to block all possible spam emails based on the aggressive rules defined by the RBL providers, email scanning functionality.
• Configured the Exchange-Server 2003 to forward all the outgoing emails to eTrust SCM Server for spam filtering.
• Defined the relay server settings in the SCM Server to forward all filtered outgoing emails using MX-Records.
• Configured the CISCO PIX Firewall to forward all incoming emails to eTrust SCM SMTP server instead of Mail-Server for spam filtering.
• Generated the schedule based reports based on the ‘Web Activity by Clients’ and ‘Top 20 clients by Media download’ for HTTP engine.
• Generated the schedule based reports based on the ‘Spam emails Senders’ and ‘Top 20 email recipients by volume’ for SMTP engine.
• Prepared the Test-Scenario for Url Filtering, Spam Filtering and tested it.

Confidential

IDM Consultant

Environment: Windows 2000 Server, Redhat Enterprise Linux 3

Responsibilities:

• Installed and configured e-Trust Audit Server components including the Security Monitor, Policy Manager and Data tools.
• Deployed and configured the Audit Client on Linux Server which routes the events to Security Monitor and to different targets.
• By using Policies made for various Audit node groups desired events were recorded on Viewer as well as Security Monitor of e-Trust Audit Policy Manager.
• Also made use of Policy Filters as required by the Administrator and recorded the desired events.
• Also installed e-Trust Audit Client on a machine having Oracle and recorded events(co-relating events) based on policies using Oracle database.
• Generated Reports of desired recorded events as and when required so that one can get full bureau of events occurred. Referencing these events would help enhance Enterprise Security.

Confidential

IDM Consultant

Environment: Windows 2000 Server

Responsibilities:

• Deployed e-Trust SCC Server components and Auditing tools on Windows 2000 server.
• Installed e-Trust Security Command Center Server side Components (e-Trust SCC Web Based GUI) on the Windows 2000 Server.
• Installed the SCC Agent and Audit client components on the target Server(Oracle) for monitoring the status events of third party products in the SCC server.
• Created suitable rules and policies in the Audit machine and integrated the Third Party Product with the SCC as well as on eTrust Audit.
• Installed and Configured e-Trust Audit Components like data tools and policy manager.
• Generated Reports of desired recorded events(co-related events) as and when required so that one can get full bureau of events occurred. Referencing these events would help enhance Enterprise Security.

Confidential

IDM Consultant

Environment: Solaris 8 and AIX 5

Responsibilities:

• Deployed the eTrust Access Control on AIX, Solaris and two AIX/Solaris Clustering servers.
• Created the pmdb’s accordingly and subscribed the host to its corresponding pmdb.
• Created the suitable policies specific to servers and for pmdb’s and deployed it.
• Explored the Backup and Recovery procedure using the selang command tool.
• Prepared the Test case scenarios for each servers, pmdb’s and tested it.