TECHNICAL SKILLS:

Platforms: Windows/ AD (Active Directory), Novell, UNIX (AIX, Linux, Solaris), Mainframe(RACF, z/OS, AS/400), RedHAT

Front End Tools: Visual Basic (VB), Developer 2000, PL/SQL Developer

Databases: Sybase, Oracle (10g, 11g), UDB, DB2

Database Application: Oracle Financials, PeopleSoft Financials (GL, AP, AR), PeopleSoft HRMS (Time & Labor, Payroll, Benefits), and JD Edwards

Programming Language: C++, C, Java, SQL, PL/SQL, XML, ASP, HTML, Korn, Shell, Bash.

Software: Oracle Financials 10.0, Visio 2003, SQL*Loader, Lotus Notes 6.5, SUN IDM, RBACx, Rational Clear Case, Rational Clear Quest, BMC Remedy, Office 2010 suite, Tivoli Access Manager (TAM), Oracle Identity manager (OIM), SailPoint, CA User Activity Report Module 12.5.02, ARX Co - Sign (E-Signature), CRM MS Dynamics 2011,Oracle VM VirtualBox, CA Governance Minder 12.6, ISAM 9.0, DataPower xi52 - 7.6, IBM WebSphere

PROFESSIONAL EXPERIENCE:

Confidential

Senior System Administrator

Responsibilities:

• Experience with IBM DataPower policy configuration, application integration, deployment, and Troubleshooting for application domains.
• Experience with DataPower AAA (Authentication, authorization, and Auditing)
• Experience with SSL DataPower troubleshooting, services instrumentation, monitoring, logging, enabling probes and capturing logs
• Experience with managing and supporting IBM Tivoli Federated Identity Manager (TFIM) and Security Access Manager (ISAM)
• Experience with Tivoli TFIM/ISAM configuration, integration, deployment, updating, administration, and Troubleshooting

Confidential

Lead RBAC Engineer

Responsibilities:

• Serving as a Subject Matter Expert (SME) for Role-based Access Controls (RBAC) project to create Role Lifecycle Management across each department within QT Enterprise.
• Integrated Risk strategies into Confidential (RSA Via) control tools
• Collaborated with Technology and Business teams to implement risk strategies
• Manage and support role-based controls to ensure appropriate access
• Tested for Segregation of Duties (SOD) violation within roles and user entitlements.
• Responsible to create a pre-approved role and eradicate user cloning.
• Analyzed and take action to maintain application compliance
• Supported Risk Management and Support Teams with timely data analysis and out of the box reports from reporting server.
• Reviewed Windows Active Directory requests for risk compliance
• Translate roles from business capabilities into technical roles sustainable in the Windows active directory repository.
• Established policies and compliance guidelines to enable maintenance (evergreen) of RBAC as business/technologies change.
• Define request and approval workflows within RSA IDM tool.
• Created campaigns for Application Owners and Users Managers to perform periodic reviews and validated the closed-loop remediation.

Confidential

Oracle Identity Governance

Responsibilities:

• Create, manage and provide oversight of the access control policies and corresponding roles and responsibilities for business application owners and provisioning parties. Provide guidance on compliance with access policies while staying informed of client efforts.
• Work with the business and IT in application and enterprise role definition for low, medium or high risk applications/user entitlements incorporating security best practices such as Individual Accountability, Least Privilege and Segregation of Duties (SOD).
• Participated in the identification of SOD violations within and across low, medium, or high risk applications as well as assist with the subsequent analysis and resolution of identified violations.
• Participated in reviewing and approving changes to application and enterprise roles as part of the Role Governance Working Group.
• Assisted with the integration of high risk applications with the role and access management solution by driving requirements gathering and documentation of interface agreements for integration with the access management solution.
• Coordinate and monitor higher risk access s such as privileged accounts or ad hoc s for high risk applications. Assist in coordinating the completion of role and access s under access governance and monitor overall completion of access s.
• Assisted with the development of for end users related to access control principles and policies.
• Assisted with ongoing enhancements to the user life cycle management process.
• Created User Access reviews (UAR) for managers and role owners.

Confidential

CA IDM Pilot Project - IT Consultant

Responsibilities:

• Application integration in CA Governance Minder 12.6
• Creating configurations for each application and integrating them together for campaign
• Access campaigns: Role, User Privileges, Resource Links
• Role discovery (RBAC) within the CA Governance Minder Client tool.
• Created Business Process Rules (BPR’s) for Segregation of Duties(SOD) violation.
• Updated the solution design and run books with the updated configuration as applicable.
• Import application raw data through CSV file connectors.
• Import Mainframe data through TSSCFILE connector to perform deep integration.
• Used Pentaho Data Integration (kettle) tool to transform and load the data in excel file to import through CSV connector.
• Defined business unit roles for departments using Aveksa Business Role Manager module.
• Created iterative and quarterly access campaigns using CA Governance Minder.

Confidential

CRM Pilot Project - IT Consultant

Responsibilities:

• Participated in creation of user stories as a part of development effort.
• Part of Agile Software development team to Customize/Develop forms, views, and web resources for CRM2011 in .Net environment.
• Installation and Configuration of hardware expansion in VirtualBox as a part of development effort.
• Solutions created in Oracle Virtual Box and migrated to Dev and Prod environments.
• Version control performed in team Foundation Server (TFS) as developers are spread across the zone.
• Managed Identities in Active Directory for user authentication to Dynamics CRM 2011.
• Developed and managed MS Dynamics CRM 2011 user Security Roles (RBAC).
• Establishing ODBC connection to Database to retrieve data.
• Created CRM 2011 Custom Reports using Microsoft SQL Server Reporting Services (SSRS).
• Customize Ribbons using Ribbon Editor and Ribbon Workbench.
• Assisted in configuring Contact/ Call Center Desktop (CCD) Agent's hosted control, action calls, routing rules, toolbars, etc.
• Configured Sitemap xml file to display the correct entity for CRM Web application.
• Installed and updated CRM development servers.
• Managed IIS and Plugin Deployment for development servers.
• Provided documentation and assistance in all points of development to development lead, architect, and the project manager.

Confidential

IT Consultant

Responsibilities:

• Part of CA IDM implementation team for all the IAM services for a federal client.
• Installed and Configured CA IDM - ELM 12.5x
• Validating users’ authentication and authorization details from LDAP back to CA IDM Application.
• Tested Policy Enforcement Point (PEP) and Policy Decision Point (PDP) for authentication and authorization of a user access.
• Monitoring of CA IAM/IDM services: CA Site Minder, CA Directory & CA SSO Server for Single Sign On (SSOi), CA IDM for Provisioning, CA SiteMinder for Credential Service Provider (CSP), Identity Proofing (IP), IBM Datapower X150 for Specialized Access Control (SAC), ARX Co-Sign device for E-Signature (E-Sig) and CA UARM For CAR to produce reports and generate alerts triggered by events or breach of predetermined thresholds.
• Experience on Integration and administration experience with DataPower XI50.
• Experience with SAML 2.0 web service and understanding of SAML tokens between VA and other service providers which hosts other application services for VA customer.
• Performed testing of the CA UARM COTS Application based on the business requirements.
• Preformed testing of E-Signature on Level of Assurance (LOA) 1 and LOA 2 users.
• Created Identity & Access Management reports using SAP Business Objects XI R3.1 SP3 for the logs stored in Oracle RAC Databases.
• Set up alerts and triggers within CA Enterprise Log Manager SIEM tool (ELM) for crossing the threshold limits.
• Establishing JDBC connection to Database to retrieve data using SQL queries.
• Drafted role based Test Scripts and User Acceptance Test Plan for Compliance Audit & Reporting (CAR) and its integrated IAM Services: Single Sign On (SSOi), Provisioning, Credential Service Provider (CSP), Identity Proofing (IP), Specialized Access Control (SAC), E-Signature (E-Sig).
• Drafted Installation guide for CA IDM - ELM 12.5.x
• Mapped the reporting requirements to FISMA, NIST and Veteran Affairs (VA) 6500 by validating Out of the box reports generated from Reporting server.
• Drafted Help desk and Operations Manual for CA IDM Compliance and Audit Reporting (CAR) CA User Activity Report Module 12.5.02 COT’s Application.
• Drafted Installation and configuration guide for Identity & Access Management suite of applications: Single Sing On (SSO), Provisioning, Digital Signatures, etc.
• Participated in UAT with VA stakeholders while testing the release 1 of the CAR application.
• Preformed testing of ARX Co-Sign E-Signature (PKI) on Level of Assurance (LOA) 1 and LOA 2 users.
• Test the fine grained user entitlement level details generated with IBM datapower.
• Created IAM reports using SAP Business Objects XI R3.1 SP3.

Confidential

IT Consultant

Responsibilities:

• Part of Oracle IdM Implementation based on Barclays Capital IDM code.
• Analyzed the functionality of the legacy provisioning solution SUN IDM 6.x in order to inventory the features and capabilities that will need to be migrated to the new solution Oracle IDM Suite 11g.
• Involved in Data store configuration for Access Manager.
• Configuring PeopleSoft HRMS 9.0 as an authoritative (trusted) source of identity information for Oracle Identity Manager (OIM).
• Requirements gathering for Oracle Entitlements Server (OES) for a real time fine-grained authorization.
• Defined SOA workflows for approvals and manual provisioning using Oracle BPEL Process Manager.
• Validating centralized RBAC roles with Oracle Identity Analytics (OIA) module for Oracle Identity Governance 11g.
• Reviewed Out of the box connectors for different platforms (Unix, AD) for configuration.
• Work with developers on requirements for enhancement using struts framework based on Model View Controller (MVC) architecture.
• Performed logical data modeling, analysis and cleanup
• Documented workflow processes
• Documented resource request template and Barclays Capital User Interface (UI) screen requirements and layouts
• Establishing JDBC connection to Database to retrieve data using SQL queries for reports.
• Created users/groups and manage their permissions within the web catalog.
• Assisted in Quarterly re for Privileged and Non-Privileged users using Sailpoint.

Confidential

Information Security Access Management Specialist

Responsibilities:

• Responsible for gathering and assembling the application and database user data necessary to conduct timely access re based on the access remediation calendar.
• Perform Security audit on Mainframe & mainframe applications. (CICS & PPT analysis, OMVS, DB2, IMS, Profile-Acid Analysis)
• Perform application security assessments on Privileged & Non-Privileged groups and accounts associated with applications in O/S (AD, Novell, and UNIX- Linux, IBM AIX) & Databases like (Sybase, Oracle, UDB, MS SQL) platforms.
• SQL knowledge on Oracle stored procedures, functions and triggers.
• Ran Oracle SQL queries to retrieve user authorization details.
• Created and managed tree structure in Oracle Internet Directory(OID).
• Validating centralized RBAC roles with Oracle identity Analytics (OIA).
• Reviewed configuration details, user roles and groups defined within Oracle Weblogic 11g for access re.
• Periodic Active Directory security audit was performed to ensure that Active Directory is being properly managed and protected. As a part of audit here are the few things looked at: Policy & architecture, Active Directory Groups & users at Global and local level, AD schema and their associated ACL's (Access control list), and AD Administrators (Domain & Local level) to check for Privileged Users.
• Perform through analysis PeopleSoft Financials and PeopleSoft HRMS applications referring to PSOPRDEFN table
• Performed assessment on User and Role on IBM Tivoli Identity Manager(TIM)
• Conducted assessment on IBM TAM (Tivoli Access Manager) for internal and external entitlement level details; TAM Along with Application source code and XML files for embedded groups.
• Participated in Enterprise Change Control Board (ECCB) meetings to review significant System/Software Configuration changes across Technology Infrastructure and business applications for Change Management.
• Tested Sailpoint application for re effort on quarterly for Non-privileged user and monthly for Privileged user.
• Assisted on SailPoint workflow as a part of initial set-up for iterative access re.
• Configured iterative for Privileged users and quarterly re campaigns (user and RBAC role ) for Non-Privileged users using Sailpoint.

Confidential

Consultant

Responsibilities:

• Perform duties as part of a team to streamline on-boarding and provisioning process for Global Wealth Management through the development and implementation of Role Based Access Controls.
• Performing role mining of existing and available data to identify suggested business roles and the develop Role Definitions to be used for efficient provisioning, user entitlement review and de-provisioning for a large percentage of GWM personnel in Single Sign On (SSO) setting.
• Requirements gathering for Oracle Entitlements Server (OES) for a real time fine-grained authorization.
• Validating centralized roles with Oracle identity Analytics (OIA) and migrating to Oracle Identity Manager (OIM).
• Summarization of defined security matrices to compare actual user entitlements to the expected entitlements and provide the summarized role with exceptions to Oracle Entitlement Repository System (EERS) for effective entitlement review and provide the details of a role or profile to the reviewer.
• Role Repository Administration of the corporate tool for the storage and maintenance of role definitions for use in provisioning and user entitlement review interfacing with business end-users and technical staff included in the RBAC project.
• Leveraging notification process to keep ISA Management informed of outstanding issues and potential impact items.
• Extensive use of Oracle Identity Analytics formerly known as SUN IDM RBACx in creating roles under managers, departments for base lining of roles.
• Streamline employee and non-employee on-boarding process through standardized and automated workflow systems.
• Provide the process and capabilities to move primary compliance and security controls from the Entitlement Reporting server and Review component of the IDEM life cycle to the Provisioning component
• Data extracted using Pentaho Data Extraction tool (PDI - Kettle) from different databases and flat files and loaded in Access Database for in-depth analysis as a part of data mining. Develop tests strategies, test cases, and tests to be executed against the database and data using SQL and other tools.

Confidential

SOX GRC Analyst

Responsibilities:

• Involved in Rationalization of General Computing Controls. Testing and evaluation of Test of Design (TOD) and Test of Operating Effectiveness(TOE) for various IT General and application controls
• Business Process redesign and design of controls to ensure the completion of the business process accurately based on COBIT 4.0 framework.
• Inspect the SAS 70 for our outsourcing vendors for compliance as needed by our auditors
• Involved in remediation of role based access control (RBAC).