SUMMARY

• He has been an Identity Management expert for over 20 years, with focus on Oracle Identity Governance (OIG), Oracle Identity Management (OIM), Active Directory Network Engineer and Advanced Oracle OAM, OID, OVD, IM, SOA DBA.
• During that period Andre Tchoukouaha has migrated OIAM from on - premise to AWS and Azure Cloud, installed, managed and upgraded multiples instances of OIM and OAM from 10g to 11g and from 11g to 12c.
• During that period Confidential managed Oracle software ranging from E-Business Suite, Oracle Weblogic, MS Azure Cloud, SailPoint, PowerShell, AD Directory Services, OBIEE, GoldenGate, Hyperion Planning, Exadata, Essbase, Financial Management, Financial Reports, Oracle Internet Directory Infrastructure, Oracle Applications 11 i, 12c, Oracle SOA Fusion Middleware, data warehouses and RAC databases. Andre has performed migrations of MS AD/OAM/IM/OID Weblogic environments as well databases and applications from 7 to 12c.
• Nelon Crawford is also a seasoned DBA and administrator with Oracle Weblogic, MS AD Directory Services, OBIEE, GoldenGate, Hyperion Planning, Exadata, Essbase, Financial Management, Financial Reports, Oracle Internet Directory Infrastructure, Oracle Applications 11 i, 12c, Oracle SOA Fusion Middleware, data warehouses and RAC databases. Andre has performed migrations of MS AD/OAM/IM/OID Weblogic environments as well databases and applications from 7 to 12c.

TECHNICAL SKILLS

Software and Languages: OIM Oracle Identity Management and Governance, Microsoft Active Directory DS, SAML, OVM, VMWare, Java, Rest API, Oracle Products ( Oracle Access Manager, Identity Manager, Identity Management Cloud Services, OVD, OUD, OBIEE 12c, OBIEE 11g and 10g, GoldenGate, Exadata, Hyperion EPM 11.1.2, 11.1.1.3, Essbase, Weblogic, CA SiteMinder, CA SSO Federation. Okta, Forgerock, Workspace, BPEL, 9 iAS, 10 gAS, OCS, Portal, SSO, Forms and Reports, J2EE, OVD Oracle Virtual Directory, OUD Oracle Unified Directory, OID Oracle Internet Directory, Web Cache Clustering, RAC, OWB, DataGuard Disaster Recovery, Discoverer, Designer, 9iDS, Oacle 8i, 9i, 10g, Oracle Applications (e-Procurement, HRMS, Financials (10.7, 11.0.3, 11 i) ), Oracle WebDB, PL/SQL ); ASP.Net, Erwin, XML, Veritas DBE/AC, HP Service Guard and Service Guard Extension, Informix, Micro-Strategy, Siebel, Banner, SAP, Java, Business Objects.

Operating Systems: Linux (RedHat, SuSe), AIX, HP-UX (9.04, 10.10, 10.20. 11i), SOLARIS (2.7, 2.8, 5.9, 10), Windows NT, 2000, XP, Windows Servers

Hardware: Exadata, Load-Balancer Routers F5 Big IP, Cisco, Nortel Alteon ACEDirector .

Servers: IBM RISC 6000, IBM z/OS Parallel Sysplex, IBM pSeries 690, HP 9000, HP AlphaServer SC45, T500, HP Superdome, SPARC 2000, E6500, SunF12K, SunF15K, EMC San, Fujitsu, NetApp NAS.

PROFESSIONAL EXPERIENCE

Sr. Oracle OIM/OAM/OIG Admin/Azure Cloud Infrastructure Architect

Confidential

Responsibilities:

• Migrated Identity and Access Managements components over to IDCS Identity Management Cloud Services.
• Supported a hybrid OIM/OAM configuration with both on-premise and Cloud components.
• Upgraded Oracle Identity Management and Access management infrastructure from 10g to 11g and from 11g to 12c.
• Migrated OIM/OAM LDAP directory stores from OVD/OID to OUD.
• Designed and implemented enterprise-wide access management and single sign-on infrastructure for both internal and external applications using Microsoft Active Directory Federation Services.
• Served as the Manager/Technical Lead for Oracle practice, supervising a team of 11 DBAs, Oracle Fusion Middleware Admins.
• Managed practice budget, organized team activities, delegated tasks and conducted performance review on team members.
• Resolved conflicts among team members, lead daily standup meetings and reported to higher management about team progress, issues, vision and projects.
• Identified team members weaknesses and strengths and created a cross-training environment where success and failure are considered team responsibilities and not individual achievements.
• Coached junior DBA and made a point to teach Oracle Access Management and Oracle Identity Management to all DBAs in the team.
• Conducted team member interviews, hiring and exit interviews as well.
• Approved timesheets and status reports for my 11 team members.
• Used MSAD to set up roles, policies, provision and restrict groups access to domain resources, including servers, printers, workstations, network shares.
• Configured the Azure disk and virtual network layout to set up Oracle Disaster Recovery on Azure Cloud. Configured ASM on Linux VMs running on Azure Cloud Infrastructure.
• Installed, maintained and optimized multi-tier Oracle Golden Gate replication and Data Guard Solutions for backup and DR recovery on Oracle running on both Windows and Linux on Azure Cloud.
• Participated in all SailPoint deployment activities - connector configuration, custom rule development, workflow configuration and development, Oracle IDM and third party system integration.
• Led migration of Virtual Machines to Azure Virtual Machines for multiple global business units.
• Prepared capacity and architecture plan to create the Azure Cloud environment to host migrated IaaS VMs and PaaS role instances for refactored applications and databases.
• Installed and configured Access management software on a web logic platform to enable Single-Sign On solution protecting OBIEE, Concur, EBS, Linux Servers.
• Configured EBS Authorization schemes, protected resources policy resources, public and excluded policy resources within the OAM console for authentication and authorization purposes.
• Configured User identity stores within the OAM console including LDAP sync for OIM integration with OUD.
• Extensive OAM and OIM cloning and patching of the fusion middleware products involved in single-sign on and identity solutions.
• Registered web gates in the OAM server using the remote registration tool (RREG).
• Installed and configured multiple web gates to protect multiple applications resources, including PeopleSoft, Unix Servers and EBS instances.
• Used LDAP development tools to provide a custom solution to client s data requirements in password management.
• Installed and configured multiple versions of OAM and OIM from 10g to 11gPS3. Upgraded OAM and OIM instances from 11.2.3 to 12c 10.2.3.1.
• Applied patches to the OAM, OIM, and SOA stack.
• Configured the built in workflow capabilities of OIM to match the client requirements, like a manager would receive a notification with the username and password of a new hire.
• Created recommendations on how to duplicate a subset of on-premise machines to the Azure Infrastructure as a Service (IAAS) offering which will be used for disaster recovery. This analysis included the specifics to synchronize on premise data with SQL Server and SharePoint instances hosted in VMs.
• Performed client acceptance and prototyping using Azure Compute and SQL Azure instances.
• Worked on Data Factory Editor, to create linked services, tables, data sets, and pipelines by specifying JSON definitions for these artifacts.
• Built a solution using Azure managed services StorSimple and Blob storage to archive on-premises data to cloud.
• Maintained the implementation and Administration of SailPoint for large population of users.
• Configured VMs in availability sets using Azure portal to provide resiliency for IaaS based solution and scale sets using Azure Resource Manager to manage network traffic
• Designed and configured Azure Virtual Networks (VNets), subnets, Azure network settings, DHCP address blocks, DNS settings, security policies and routing.
• Deployed Azure IaaS virtual machines (VMs) and Cloud services (PaaS role instances) into secure VNets and subnets.
• Exposed Virtual machines and cloud services in the VNets to the Internet using Azure External Load Balancer.
• Provided high availability for IaaS VMs and PaaS role instances for access from other services in the VNet with Azure Internal Load Balancer.
• Implemented high availability with Azure Resource Manager deployment models.
• Designed Network Security Groups (NSGs) to control inbound and outbound access to network interfaces (NICs), VMs and subnets.
• Setup Azure Virtual Appliances (VMs) to meet security requirements as software based appliance functions (firewall, WAN optimization and intrusion detections).
• Leveraged VNET system routes and underlying route table that holds Local VNet Rules, On-premise Rules, Internet Rules and IP Forwarding as design basis.
• Designed User Defined Routes with custom route tables for specific cases to force tunneling to the Internet via on premise network and control use of virtual appliances in the customer’s Azure environment.
• Associated routes with VNets via the route table per relationship constraints.
• Managed IP Forwarding for VMs and role instances acting as virtual appliances. Installed, configured, administered, monitored Azure, IAAS and PAAS, Azure AD.
• Used Windows Azure portal to manage Virtual Network and Traffic Manager
• Created, managed, monitored VM using Windows Azure portal admin. Created, managed, monitored Web site using Windows Azure portal admin
• Used Azure BLOB to access required files and Azure Storage Queues to communicate between related processes.
• Designed and developed standalone data migration applications to retrieve and populate data from Azure Table / BLOB storage to on premise SQL Server instances.
• Smoothly created pre-production environments and manage the portion of traffic going to them. Debug in the cloud when needed and roll back if issues are found.
• Azure Network Configuration - Created resource groups using resource manager which allow to see cost/billing and monitoring information for resources within a resource group and manage access to those resources as a set for individual customer.
• Attend ongoing client meetings to introduce and answer Azure PAAS and IAAS questions as they arise, covering important application migration considerations and options.
• Served as process owner under an Agile Scrum project implementation, leading session for sprint planning, sprint review and sprint retrospective meetings.
• Performed no-outage migration of Oracle Databases from in premise physical servers to Azure Cloud infrastructure as well as from Exadata Engineering systems over to Azure Cloud Infrastructure leveraging optimized Golden Gate parallel replication.
• Configured Active Directory Directory Services in a replicated and distributed topology to enable load balancing and fail over.
• Used LDAP distribution and clustering topology to distribute over 800 000 of users across multiple MS AD servers.
• Configured MS AD to authenticate Linux and Solaris users with Kerberos and Samba.
• Designed Active Directory disaster recovery architecture and performed all tasks required for setup and backups.
• Configured Oracle Identity Management and Oracle Access Manager identity manager and its connectors.
• Migrated Identity and Access Managements components over to IDCS Identity Management Cloud Services.
• Supported a hybrid OIM/OAM configuration with both on-premise and Cloud components.
• Architected and customized the integration of multiple LDAP and various enterprise applications, including AD, OID, Novell.
• Configure Identity Management Federation and cross domain SSO using SAML 2.0
• Secured E-Business Suite applications on the Cloud.
• Configured Role-Based Security by customizing Role inheritance and role types (data roles, abstract roles, job roles and duty roles).
• Configure Segregation of Duties Security and Data Access security for Oracle Fusion Financials.
• Responsible for architecting, implementing, configuring, customizing and defining the process flow for Identity and Access.
• Provided strategy recommendations on the overall conception, design and implementation of the Identity Management, ID Governance, LDAP integration, custom connectors, Workflow designs.
• Installed, configured and managed OIM 10g and it connectors (HRMS, Cloud SalesForce, SAP, AD, Hyperion, OBIEE) including Password Sync.
• Configured OKTA Identity Management and migrate some artifacts.
• Installed and configured Oracle Unified Directory (OUD) and Oracle Virtual Directory (OVD) to pull user information from AD, OID, Databases, Web services on Exadata.
• Configured Oracle Unified Directory Access and Audit logs. Configured OUD cn=monitor for automating maintenance.
• Migrated OIM 10g to 11g R2 and integrated with Microsoft AD.
• Troubleshot and resolved connectivity issues for external and internal customers using OIM/OAM. Troubleshot issues during customizations of OIM connectors.
• Created SaaS connectors to integrate protected applications sitting on AWS cloud.
• Installed and configured OIM and IAM clusters on VMware.
• Built OAM custom connectors and different type of adapters for various applications.
• Served as the DBA Lead for all Oracle Fusion Middleware engineering, configuring SOA, OBIEE, Hyperion, Golden Gate and integration with OAM/OIM.
• Architected the Oracle Unified Directory implementation.
• Integrated OIM/OIF with various webservices.
• Deployed an Identity Manager (OIM) and Oracle Identity Analytics which included the automated provisioning for hundreds of connected systems and also configured the provisioning for an Identity Management system supporting over a million active users.
• Build Access Policies for auto provisioning resources to users based on defined criteria. Customized the web console to fulfilled different needs of the clients which includes customized attestation process, request for resource and other web UI changes. Also developed custom reports for the client.
• Also worked on Exchange connector and developed the scripts for remote manager.
• Installed, configured and upgraded Oracle Identity manager on development, QA and Production servers.
• Installed and configured CA SSO to allow access to multiple external web applications.
• Upgraded CA SiteMinder and integrated with EPM Hyperion for SSO purposes.
• Coded SAML integration procedures to enable SSO among heterogenous application codes, including ASP and Java applications.
• Designed the architecture of Oracle OBIEE clusters implementation and administered the Weblogic domains configured to support both OBIEE and Hyperion EPM.
• Designed and configured WebLogic disaster recovery, created backup scripts and recovery procedures for the Weblogic domains.
• Monitored thread usage, connection pool usage, CPU usage, Memory usage and preparing reports for the performance tests, dry run tests and load tests conducted on the Application Servers
• Configuring digital certificates, using java key tool for secured applications.
• Create methodologies for easy usage tracking and memory leaks detection for Weblogic managed servers.
• Configured SSL on all levels of the Hyperion EPM systems (web server, Foundation, RDBMS, HFM, FR, Essbase and LDAP)
• Configured Hyperion Shared Services with Corporate MS AD LDAP directory in SSL mode on Exadata.

Sr. Oracle Hyperion Middleware Admin

Confidential

Responsibilities:

• Contracted for Oracle Consulting Services to support and maintain Oracle Hyperion and Oracle Middleware services at Google.
• Performed FMW environment reviews, created best practice documents for Weblogic, Hyperion, OBIEE and LDAP integration.
• Performed cross platform audits of Active Directory (AD) objects and user permissions.
• Managed User Accounts on WindowsNT and UNIX Platform (Creation, Deletion, Permissions, and VPN Access).
• Developed organizational units in Active Directory (AD) and managed user security with group policies.
• Created and maintained email addresses and distribution lists in MS Exchange.
• Compiled data to assist technical writers with IT new hire manuals and prepared data to report to testers for system enhancements.
• Administered DNS, DHCP and WINS.
• Configured Group Policy Objects to create a secure Windows Infrastructure.
• Provided third level help desk support for problems relating to Active Directory.
• Created user ID's, roles, groups OU's etc.
• Integrated Active Directory clusters with Oracle OVD Proxy LDAP.
• Automated provisioning through Oracle Identity Management Access Policies.
• Administered and supported CA SiteMinder infrastructure applications, including creation of provisioning flows, adapters and development of policy rules for Access Managements Federations.
• Developed project plan, served as primary task resource, implemented and migrated domains to Windows 2008 R2
• Configured trusted reconciliation using Generic Technology connectors and Database Application Table connectors.
• Installed and configured dozens of OAM artifacts and dependent components.
• The solution I deployed SSO to portal, SOA, PeopleSoft, OBIEE. I installed OAM, created application domains, defined protected policies, set up webgates and proxy configurations.
• Performed automatic provisioning of user accounts for OIM users in OID, and unmanaged systems through the user groups, access policies, workflows and other connectors (Hyperion, SaaS, HR, PeopleSoft, E-Business, Forgerock and SiteMinder.
• Set up attestation process and delegated administration as well as sync between OIM and AD, MS Exchange, and Oracle DB.
• Created Password policies in AD, OID and OIM. Integrated OIM and OAM applying Single-Sign on.
• Configured authentication and authorization policies for protecting web applications and providing SSO functionality.
• Performed installation, configuration and integration tasks in OIM, OVD, OID, MS AD, Sun one directory, web logic server, OAM, OHS web server in a Global Identity and Access Management environment.
• Performed day to day user support with security responsibilities such as Creating, Adding/Updating resources, Lock/Unlock - Enable/Disable and deletion of user accounts, user provisioning to MS- AD.
• Designed role/rule based provisioning policies as per Role/Access matrix of the Organization and also designed scheduled tasks for user re-conciliation and clean-up exercises.
• Designed and installed the Corporate Weblogic infrastructure to support an array of Fusion Middleware applications ranging from Golden Gate, Hyperion, OBIEE, SOA to OID.
• Developed strong expertise in handling code releases and deploying applications in Weblogic environments
• Configured SSL: 1- way SSL and 2 - way SSL handshakes, created users, groups and roles for different management groups’ through-out the organization.
• Coded Weblogic scripts to handle complex automation/administration tasks using Shell scripting, WLST and WLShell.
• Responsible for OBIEE security design: New Id creation, user profile setup, Account modification of existing users, Password reset and Deletion of accounts.
• Performed OID and Active Directory LDAP configuration with OBIEE for Single Sign-on authentication.
• Designed both Authentication and Authorization architecture for OBIEE users
• Wrote precise and step-by-step cookbooks documents on how to install and deploy MS AD DS/OIM/IM/OUD/OID from building assemblies to checking the sanity of components.

Sr. Oracle Identity Management Admin/Architect

Confidential

Responsibilities:

• Performed SSO configuration of OAM with OIM and other integration, access gate and sso agent and integrated OAM with Windows Native Authentication WNA.
• Served as Oracle IDM Security Engineer. Description by setting up a central repository for managing user data for the rapid deployment of new applications and services.
• Installed, configured and maintained multiple instances of Oracle Applications 11i.
• Integrated E-Business suite with Oracle Internet Identity (OID) and Portal SSO.
• Configured, troubleshot and maintained Active Directory-OID synchronization profiles.
• Configured and managed Oracle Internet Directory (10gAS) to synchronize user directories with Microsoft Active Directory and FND User in Oracle E-Business Suite .

Oracle RAC/10gAS OCS Admin

Confidential

Responsibilities:

• Hired by Bearing Point to get an advanced configuration of Oracle Collaboration Suite up and running for the U.S. Marines Corps at the Pentagon. Hired by BP as a last resort after numerous attempts have failed and undermined the relationship between BP and the USMC.
• Helped Bearing Point regain the confidence of the client and save a contract in jeopardy, by providing from day one high level expertise, displaying deep knowledge of the subject matter and delivered a working system quickly.
• Designed and installed layout of Oracle Applications 11i instances in a high-availability environment with Oracle RAC and Data Guard
• Configured Oracle Applications 11i to use Oracle Internet Directory in sync with Active Directory.
• Integrated OID with Microsoft Active Directory and Oracle Applications 11i.
• Installed, maintained and tuned an 8-node RAC database for multi-purpose usage, including Collaboration Suite storage, Data warehousing and OLTP.
• Installed, managed and maintained ASM disk groups. Troubleshot issues related to CRS reboots, ASM presentation and Interconnect latency.
• Developed and implemented a methodology to tune Oracle RAC databases, including parallel queries, bitmap Join indexes and partition strategies, Global cache tuning, memory and I/O performance.
• Set up Windows Native Authentication with Kerberos to allow Synchronized Active Directory Users to log in to Oracle SSO-OID without being prompted for a password.
• Configured Active Directory-OID Synchronization and SSL for all traffic through the 10gAS instances.
• Provided hands-on training to Bearing Point and USMC personnel on 10gAS administration procedures, provided step-by-step documents on how to maintain, tune, backup and cluster 10gAS applications. Customized and deployed backup and restore scripts for the Application Servers. Set up SSL across all components and configure Web Cache in front of the Mid-Tier to distribute browser requests.