SUMMARY:

• Around 8 Years of Identity Management and Web Security Administration in CA Identity Manager, SSO/ SiteMinder, Agents for SharePoint, Secure Proxy Servers, Sun ONE Confidential Directory Server, Active Directory Server, WebLogic, WebSphere application server, Integrated Windows Authentication (WinDDas), Authentication Flow Manger & AuthMinder /Risk Minder
• Experience in designing, development, deployment, migration and implementing Security and Infrastructure solutions using CA Identity Manager r12.5 SP8 CR1, CA SSO/SiteMinder r12.52 SP2 CR1, Sun ONE Directory Server ( Confidential ) and earlier
• Experience in analyzing the logs (agent trace logs, sever logs, access logs, IDM Application Server logs, ETA Logs etc.) and Trouble Shooting issues in Integration of other applications using CA SiteMinder (Access Management) and Identity Management tools along with Confidential and Web - server agents and SiteMinder federation service s.
• Experience in implementing Identity management system using CA Suite (CA IDM) to Provisioning users (create, modify, update delete) along with self-service portals like password reset, request for access, manage Job Code, out of office assistance across endpoints like AD, RACF, Linux etc.
• Strong knowledge of implementing RSA token Authentication with Good exposure in implementing the oAuth, SAML based Single Sign-on (SSO) and Single Log-Out involving service with Multi factor authentication (MFA)
• Good experience in using all the IDM components like Connector Xpress to build custom connectors. Provisioning Manager to create Roles, account templates, endpoints and test endpoint provisioning and troubleshoot endpoint related issues. Installed and configured bulk load client on various platforms to automate tasks in IDM.
• Working experience in the development of CA SiteMinder Single Sign-On Services with SiteMinder configurations (setting up policies, realms, rules and responses).
• Experience with Multi Master Confidential configuration in distributed environment and performance tuning for high availability and optimized response time.
• Experience in integrating WebLogic Portal Application Server driven Portal with CA SiteMinder as Identity Provider and External Third-Party services as Service Providers.
• Experience in administering Confidential based directory servers like iPlanet/Sun ONE Directory Server and Microsoft Active Directory.
• Proficient in tools like JXplorer and Softerra, as Confidential browsers also Fiddler and WireShark to analyze user flows and TCP dump for network related troubleshooting.
• Experience with using IDP initiated and SP initiated SAML profiles with different binding methods like POST, Artifact, and Redirect to deliver a custom SSO environment as per the requirement.
• Experience in using Kettle (PDI/Pentaho) data-manipulation tool for data migration and also to generate reports, feeds and extracts
• Configured CA SiteMinder System objects like Agents, Agent Conf Objects, Host Conf Objects, User Directories, Domains, Administrators and Schemas.
• Configured Domain objects like Realms, Rules, Responses and Policies.
• Configured User Authentication Stores, Policy Stores and Key Stores on Confidential and maintained replicated environment for load balancing and failover.
• Experience with Directory server administration, Confidential programming and various databases like Oracle, SQL, MYSQL, DB2.
• Installed, configured and integrated Web servers (plug-in file), SiteMinder agents and Confidential user directory with WLS.
• Automated identity management tasks such as user provisioning, role based access control, delegated administration; attribute-based auditing and reporting using CA Identity Manager.
• Hands on experience with IIS, IBM IHS, Apache, Sun One Web servers and WebLogic and WebSphere Application servers in Identity and access management environment.
• Experience in Analysis, Design, Securing and Support of Multi-Tier Web Applications using J2EE, Server-side Technologies using XML, Java Server Pages (JSP), WebSphere 5.X/6x/7.0, WebLogic Server
• Worked with RSA Authentication Manager V6.0, V7.1.
• Experience in using Unix/Linux utilities for analyzing logs, and trouble-shooting the applications with Application servers and Security/Identity management servers.
• Experience in using Networking Protocols for client server applications like TLS, TCP/IP socket programming.
• Excellent communication and interpersonal skills. Highly motivated, detail oriented and organized with the ability to multi-task projects, maintaining a high degree of proficiency.
• On call 24x7 for Production support.

WORK EXPERIENCE:

CA Identity Manager/SiteMinder Consultant

Confidential, North Carolina

Responsibilities:

• The project Confidential Modernization did the migration from SailPoint and implemented a solution using CA Suit to feature SSO, Self-Services like registration, password resets System Access Certification, request for access etc.
• Designed the architecture based on technical requirements and implemented the solution with CA Identity Manager r12.6.8, SiteMinder 12.6, Governance Minder 12.6.1 with my primary focus on Identity Manager and SiteMinder
• Installed, configured and administered CA IDM, CA SiteMinder Policy Server, Web agents, CA Directory and Oracle Directory Server ( Confidential ) on various platforms for a clustered and HA environment on WebSphere 8.5, JBOSS and various Platform
• OAuth 2.0 SSO Implementation with Microsoft Azure as IDM.
• Experience in SAML based authentication 1.1 and 2.0 using SiteMinder Federation and integrate with SiteMinder authentication and other adapter.
• Installed and configured multiple TAI agents on WebSphere, WebLogic servers to implement SSO.
• Worked on Fine tuning of Web agent and policy servers for optimized performance.
• Configured SiteMinder web agents, Affiliate agents and RADIUS agents to provide federation of webservices in the SSO environment.
• Configured Apache HTTP web server for WebLogic 8.1. Installed Application Server Agents (ASA) for SiteMinder on all Weblogic Servers and Webservers.
• Worked on Open ID Connect for the user Authentication using ping Access.
• Developed Web Services to communicate to other modules using XML based SOAP and WSDL
• Integrated IDM with CA SSO, Providing Authentication and Authorization to IDM
• Used CA Wily Introscope monitoring tool to generate performance reports of SiteMinder policy servers and other Confidential servers
• Configured System objects like Agents, Agent Conf Objects, Host Conf Objects, User Directories, Domains, Administrators and Schemas
• Work on implementing and supporting SAML-based Federation technologies and Active Directory Federated
• Developed multiple Policy Xpress to trigger on various tasks and also to generate standard company requirements like generation of unique ID's, passwords, emails, record entries etc.
• Responsible to handle complex JobCode logics which involved multivalued attributes and multiple PX's to tie groups, provisioning roles and endpoints to respective JobCode
• Built various custom tasks in IDM API for administrators to facilitate ease of access and troubleshooting tickets
• Responsible for provisioning users across endpoints like Active Directory, Confidential, Unix, and RACF/Mainframe.
• Responsible for exploring and correlating users from various endpoints
• Developed and deployed JDBC and JNDI custom connectors using Connector Xpress as per the requirements for Confidential endpoint and used role definition generators to deploy to IDM
• Worked or various OOB and custom Workflows that involved complex logics to handle assignment of approvers
• Worked on setting up remote task to IDM through Web services calls from EFI front-end applications via Task Execution Web Service (TEWS).
• Improvised Logical Attribute Handlers, BLTH modules using CA identity manager API's
• Migrated passwords from legacy application to IDM capturing the last password change date.
• Good experience in setting up Bulk Load Clients and automating different IDM tasks
• Good hands on experience on Kettle (Pentaho/PDI) for data manipulation during data migration from legacy to IDM
• Good experience in analyzing SiteMinder logs, IDM application server logs, provisioning server logs to troubleshoot various authentication/endpoint related issues
• Used windows task scheduler to execute Kettle/Pentaho scripts for automated generation of Reports, Extracts and Feeds from various data sources like CATS (HR Database), Corporate Store, Oracle database etc.
• Created and maintained attribute mapping document from IDM to all the managed endpoints

Environment: CA IDM r12.6 SP8 CR1, CA SSO r12.6, CA Governance Minder 12.6.1, CA Directory r12.x, WebSphere, ApplicationServer, JXplorer, Softerra, MobaXtermProfessional, Java, Javascript, Powershell,Oracle, SqlDeveloper, SNMP, UNIX, LINUX, Solaris, IBM AIX, Windows, Kettle (Pentaho/PDI)

CA IDM/ SiteMinder administrator

Confidential, CA

Responsibilities:

• Designed the new parallel Environment for SiteMinder R12.52 Policy Servers, which allows the Single Sign-On between the old and new environments with the agents talking to new Policy Servers.
• Upgraded agents from R12sp3 to R12.52sp1 and registered them to talk to R12.52 Policy Servers.
• Designed, architecture and implementation CA IDM(Identity portal, Identity suit)
• Integrated Applications with CA Identity Manager r12.5
• Worked on CA Secure Proxy Server to intercept the request and redirect to policy server.
• Developed a custom code to decode the SMSession of Policy Server using SiteMinder API's.
• Used CA Wily Introscope monitoring tool to generate performance reports of SiteMinder policy servers and other Confidential servers
• Configuring User Authentication Stores and Policy Authorization Stores on Confidential .
• Migrated passwords from legacy application to IDM capturing the last password change date
• Provide support for Oracle Confidential (Multi-master, supplier-consumer) in Solaris environment.
• Installed, configured proxy servers with Confidential as the primary backend and provide transparent seamless authentication to users.
• Wrote custom BLTH modules for bulk importing and custom application provisioning.
• Worked with TEWS (CA's web services core) for implementing a custom web interface for new user registration and self-maintenance packages.
• Responsible for exploring and correlating users from various endpoints
• Developed and deployed JDBC and JNDI custom connectors using Connector Xpress as per the requirements for Confidential endpoint and used role definition generators to deploy to IDM
• Responsible to handle complex JobCode logics which involved multivalued attributes and multiple PX's to tie groups, provisioning roles and endpoints to respective JobCode
• Improvised Logical Attribute Handlers, BLTH modules using CA identity manager API's
• Involved in integration testing for third party API integration.
• Installed and configured Web Agents on IIS Web Server which is using IIS7, IIS7.5 and Linux server with Apache 2.2. Executing Backups and Recovery strategies for directory data (DIF), resolving backup and recovery issues in a High availability environment.

Environment: Redhat (Linux), SunOne Directory Server, CA IDM r12.6 SP8 CR1, CA Siteminder 5.x and 6.x, Apache, IIS and Tomcat applications servers.

SiteMinder & Single Sign On (SSO) Engineer

Confidential, CA

Responsibilities:

• Install, configure and administer Sun One Confidential Directory server and siteminder policy server on Sun Solaris and implement single sign on across multiple domains using Cookie Provider.
• Involve in the project to implement the Single Sign On starting from development phase till production went live. Work with responsible team to understand the requirements of a new SSO project and then design and implement the same.
• Install and configure various web agents in accordance with the web servers involved.
• Ensure all users have access to the necessary systems, including RSA, Epic, and other external users.
• Create Realms, Rules, Policies and Responses for protecting applications to work under single sign on environment.
• Implement password policies for all the applications using Siteminder.
• Experienced in installing, configuring SiteMinder policy server Web agents, ASA agents, Domino Agents, Active Directory server ( Confidential ) and various Web & Application servers
• Implement Policy Stores to utilize Sun ONE Directory Server ( Confidential ) as the user and policy repository on Linux.
• Work on backup, recovery of userstores in Sunone Confidential Directory Server and configured Load Balancing, Failover mechanisms.
• Configure User Authentication Stores and Policy Authorization Stores on Confidential .
• Upgraded agents from R12sp3 to R12.52sp1 and registered them to talk to R12.52 Policy Servers
• Monitor of SiteMinder server logs for identifying problems with Authentication and authorization of users.
• Created Siteminder Agents for Federated Authentication and Authorization with partner sites.
• Respond to direct questions from IT and business Management on the effects of emerging technologies on product development and business directions.
• Implement password policies for all the applications using Siteminder.
• Work on Identity Manager to Provision the users into IDM and assigning the respective roles.
• Work with a team on the daily problem resolutions and on the escalated issues for user administration.
• Document, design and implement the Wellness Check URLs to verify the application code on Pre-Deployment basis with SSO.
• Enable rollover of encryption keys in key store to maintain integrity of agent and session keys.
• Provide 24/7 on call support for solving Tickets on a rotating basis with other team members.
• Responsible for Siteminder, Web Servers and Application Server Production Support and Trouble Shooting.

Environment: Redhat (Linux), SunOne Directory Server, CA Siteminder 5.0 and 6.0, Apache, IIS and Tomcat applications servers.

Siteminder and Confidential Consultant

Confidential, GA

Responsibilities:

• Hands on experience on Ping federate, CA Single Sign-ON, CA Advance Authentication, CA Secure Proxy Server, Ping Access, and Ping Cloud.
• Experience in SAML based authentication 1.1 and 2.0 using Ping Federation, SiteMinder Federation and integrate with SiteMinder authentication and adapter.
• Migrated SAML Based SSO partners from CA Single Sign-On federation to Ping Federate.
• Used Ping API to deploy and create SAML changes. Setup and maintain distributed IT systems including computational resources, servers, storage and networking.
• Configured both Ping Access Proxy Gateway to decode the JWT tokens and also installed the agent on application server to communicate with Ping federate server.
• Worked on OpenID Connect for the user Authentication using Ping.
• Experience in developing J2EE applications on different IDE's like Eclipse,
• Configured and supported SAML based Identity & Service Provider connections.
• Designed transitioning strategies around Access Management systems and accordingly performed migration of application policies, risk, rules from Siteminder.
• Provided Impersonation, SharePoint, HR Services, Sales Force solution using Ping federate and SiteMinder.
• Hands on Experience on other Single Sign-On products like CA SiteMinder. Implemented and Designed Access Management Solutions.
• Administering and Troubleshooting Tivoli Identity Manager 4.6 and 5.0
• Successfully supported to migrate/Build all the infrastructure to a new environment.
• Upgraded SiteMinder to R6 SP1/SP5/SP6, R12 SP2/SP3.
• Migrated Web Authentication solutions from CA Single Sign-On (SiteMinder) to Ping Access.
• Configured application agents on PeopleSoft, WebSphere, WebLogic and OBIEE.
• Worked on internal application like Splunk, Service-now, Wily to customize to our team and management requirements.
• Created scripts to monitor Apps, dashboards, backup LDIF and generated reports.
• Supported production environment without missing any SLA's and supported TIAA-CREF environment 24 X 7.

Environment: Windows Server 2003/2008, Unix, SiteMinder R6 SP1/SP5/SP6, R12 SP2/SP3, Ping federate 6, CA Directory 11, Oracle Directory Service 11g, Splunk, CA Wily Enterprise Monitor, WebLogic 8/10, JBoss 5, Apache 2.x, IIS 6.