SUMMARY:

• More than 12 years of experience in in analyzing, designing and implementing single sign-on, Web services security, Federation services, internet security, authentication, to enterprise web applications using CA Siteminder , Federation services and CA IdentityManager technologies.

• Expert in analysis, design, deployment /implementation and administration of Internet/Intranet, Web applications on UNIX Solaris and Windows NT environments.
• Good experience in CA SiteMinder R12.x,6.x,5.x,4,x , IdentityMinder 5.6 sp2 , IdentityManager 8.1 Netscape Directory Server 4.11 LDAP , iPlanet Directory Server 5.1 , Novell Directory Server 8.7.3
• Experience of working with key architecture and development teams to implement new security standards and best practices
• Expert in SiteMinder IdentityMinder/IdentityManager administration.
• Good administrative skills for iPlanet web server, iPlanet application server, IIS 4.0/5.0

TECHNICAL SKILLS:

• Hardware and OS: Windows 2008,Win 2003,Solaris 8,Solaris 10
• Softwares: CA Siteminder R12.5X ,5.5,6.x , Federation services,SAML2.0 ,Secure Proxy server 5.5, Cognos Suite, Sunone, i-Planet, MicroSoft ISA 2006,SunOne directory server 5.x,Novell e-Directory 8.7.3,Novell IdentityManager 8.1,Oracle Standalone server OHS 2.0 , Oracle Application server, IBM DataPower X150 10.1.2,IBM WebSphere 5.x,6.x
• Programming Languages: VB, C / C , Perl
• Databases: ORACLE 6/7/8.x, MS Access-97, SQL Server
• Testing Tools: Loadrunner, Manual testing
• Servers: Apache 2.x,Internet Information Server IIS 6.0 , i-Planet 6.1 sp9, Sunone7

PROFESSIONAL EXPERIENCE

Confidential

• Veterans Information Protal VIP and integrated applications provide the architecture through which veterans, lenders, appraisers, inspectors and property managers can access integrated applications. Portal is positioned to serve relevant content to internal employees , veterans and public visitors.
• Working as Siteminder architect managing authentication and authorization services VIP Portal and integrated applications.

Role :

• Working as a Siteminder architect to design/maintain Siteminder single sign on systems for the VA.
• Plan Siteminder system upgrades to the latest versions.
• Installing and configuring IBM DataPower X150 device as a application firewall to act as a PDP Policy Decision point for XACML requests.
• Working on installation of IAM infrastructure for Veterans Affairs that includes CA SiteMinder R12 , CA Federation services , CA IdentityManager R12 , CA Report server , IBM Datapower X150 , ARX Co-Sign devices.

.

Environment: CA Siteminder 6.x,CA Siteminder R12.51 R12.52, Solaris 8, Solaris 10,IIS 5.0,IIS 6.0, Apache 2.x,WebLogic application server 10.3 , IBM DataPower X150 , XACML profile , XSPA profile.

Confidential

Working as a member of SSO engineering team managing and supporting Ceridian SSO development environment. Managing federated applications using HP Select Federation using both SAML 1.x SAML2.0. Ceridian is both Identity Provider IDP Service Provider SP .

Role :

• Working on Proof Of Concepts for different application integrations in the Ceridian SSO environment.
• Installing configuring HP Select Access Select Federation components Validators, Enforcers, Identity Provider, Service Provider in Development and QA environment.
• Supporting Production support team.
• Working with the Development team in supporting user provisioning from Identity source MS SQL 2005 to ADAM.
• Working with Business Analysts test engineering team in creating new use cases for user provisioning from MSSQL server 2005 to ADAM directory and SSO process workflows.
• Worked on a project of migrating users in ADAM from a single organizational unit to client specific organizational units.
• Creating users groups and dynamic groups in ADAM for application authentication/authorization.
• Environment: HP Select Access 6.2, Micro Soft ADAM sp1, HP Select Federation 6.2 , Micro Soft ILM2007 fp1,Windows 2003 , Windows 2003

Confidential

Policy Server Upgrade

Upgraded existing Siteminder policy servers from 6.0 sp4 to 6.0 sp5 CR11 and moved the servers to new platform. Effort involved migrating all web applications from the current servers to the new policy servers. Leading the effort to coordinate with the application teams to migrate the applications according to schedule.

Role:

• Installation configuration of ,Policy servers 6.0 sp5.
• Creating a new Policy store instance on e-Directory.
• Exporting and importing Siteminder and Identity Minder Policy store to the new Policy store instance.
• Leading the effort from Information security team to coordinate the project with various application teams, Network team , Server team to complete the project on schedule.
• Installed and configured Application agent TAI module agent on WebSphere application server 5.x 6.x
• Installed and configured Siteminder WebAgents 6.x on IBM HTTP Server , IIS 6.0 webserver and created Policies, Rules, Responses for applications in Siteminder Policy server for application Authentication/Authorisation.
• Installation and configuration of Siteminder connectors , session linkers for PeopleSoft servers.

Reverse Proxy Server Refresh

Upgraded existing Reverse proxy servers from Microsoft ISA 2000 to ISA 2006. Reverse proxy servers were hosted on Windows 2000 servers , upgraded the environment from ISA 2000 to ISA 2006 on Windows 2003 servers.

Role:

• Installation configuration of Microsoft ISA 2006.
• Creating Web Publishing rules on the new ISA 2006 servers.
• Creating Access rules on the new ISA 2006 servers.
• Worked with network team in setting up new URL's for Toyota Supplier portal , setting load balancing for reverse proxy servers using Cisco ACE.
• Working with network tem in creating new Firewall rules for the ISA reverse proxy servers.

IdentityManager Support

IdentityManager is used for administration of Supplier users , assigning privileges to different users by assigning roles, grant application access to users , create user accounts , self service options for users.

Role :

• Managing and supporting IdentityManager 8.1 environment on WebSphere
• Creating Admin roles and tasks for Supplier users , HelpDesk users and Toyota users.
• Creating and modifying access tasks for web application authorization in Siteminder.
• Managing workflow processes to create new users and grant application access to the users.
• Creating new user groups in LDAP based on application access requirements.
• Created protected and public self service tasks like Change password, Reset password and forgotten password.
• Designed and created workflow processes to create new users and grant application access to the users.

Environment: CA Siteminder 6.x, Solaris 8, AIX 5.3, Novell e-Directory 8.7.3, Microsoft ISA2000 , Microsoft ISA 2006, IdentityMinder5.6 , 6.0 Sp2, WebSphere Application server agent TAI module ,

Confidential IdentityManager

• Novell e-Directory is used as a LDAP user store for Authentication/Authorization to web applications. Involved in managing e-Directory servers which included managing multimaster replication, user creation/deletion , user group creation , bulk user addition.
• Installed and configured Dir XML remote loader for password synchronization between Identity vault e-Directory and Active directory.

Role :

• Installation and configuration of Dir XML remote loader.
• Managing self signed SSL for encrypted data transfer between e-Directory and Active directory.
• Managing replication between e-Directory servers.
• Managing users in e-Directory.
• Application Vulnerability Assesment
• Involved in scanning web based applications for security vulnerabilities using IBM Rational AppScan 7.7.
• It is used to track down and find potential security holes in the web applications.
• Role:
• Define scope of the scan.
• Classifying and prioritizing the applications needed to be scanned.
• Working with application team to schedule and run scans for the applications.
• Analyze findings of the scan medium,high and report the findings of the scan to the application teams
• Work with application teams to remediate the findings.

Confidential

Identity Management Services

• Worked as a Security auditor for the Identity management services team. Reviewed , optimized and corrected Siteminder Policies for Cargill web applications. Integrated new web applications to the Single Sign On environment.
• Role:
• Wrote Perl scripts using Siteminder API's to get policy data required for policy store cleanup.
• Worked with several business units to fix a schedule for removing unprotected data from Siteminder policy store.
• Installed Application Server agants and Webagents on different webservers/application servers.
• Configured applications on the Apache Reverse proxy servers to be integrated to the Siteminder environment.
• Managing URL rewriting and redirects using Apache reverse proxy.
• Creating change requests to move applications from Stage/Test environments to Production environments.

Environment: CA Siteminder 6.x, Solaris 8, AIX 5.3, Application server agents, WebAgent 6.x,Apache Reverse Proxy.

Confidential

Access Management Services

• Access Management team is involved in integrating web applications with Netegrity Siteminder in GSK Extranet Intranet environment. Using federation web services SAML 1.x to provide single sign on SSO to the Outsourced Business Applications OBA's maintaining internal GSK applications.
• Role:
• Installation configuration of WebAgents,Policy servers 5.5 6.x.
• Using SAML1.x Post Profile to configure OBA's for Single Sign On.
• Managing Secure proxy servers 5.5 .Creation of Proxyrules service redirects.
• Troubleshooting dev, stage production environment.
• Improved Siteminder Availability through build standardization and monitoring of the environment
• Work with several business units to rollout Single Sign On applications that affect a large number of constituencies of business
• Implemented Logging and Auditing system for Siteminder to track and identify user activity as well as acquire intrusion reports of unauthorized attempts at access
• Managing IDM environment including User Self registration Change Password,Forgot Password modules using remote task execution TEWS IDM service.
• Installation configuration of IdentityMinder 5.6.
• Installation configuration of Netegrity Secure Proxy Server 5.5
• Installation of InterSite Transfer server for Federation Web services.
• Administering SunOne directory server including multimaster replication,chaining.

Environment: CA Siteminder 5.x, 6.x, Solaris 8, i-Planet 6.0sp4, Secure ProxyServer5.5,SAML 1.x Post Profile , IdentityMinder5.6 , SunOne directory server 5.1

Confidential

E-Operations Single Sign On

• Creation of Polices in the SiteMinder Policy Server for SSO enabling.
• Level 3 Support to Application Owners to enable the applications for SSO.
• Import and export the policy stores and key stores
• Implemented new policies for already protected sites
• Administered policy server by creating realms and rules for different applications
• Configured the iPlanets' directory server for LDAP
• Administered iPlanet Directory Server on Solaris
• Installed and configured SiteMinder web agents 5.5
• Role:
• 80 web applications have been hosted by GE Insurance Solutions. These applications use a host of tools and technologies. The range of E-Operation support activities include infrastructure set up and maintenance, providing version control, support to e production environment and troubleshooting.
• Troubleshooting development, stage production issues.
• Worked on call 24 X 7 Production support

Environment: CA Siteminder, Solaris 8, Oracle 91, I-Planet6.0 sp4, Sunone7.0.

Project: WebAgent Upgrade

80 web applications have been hosted by GE Insurance Solutions. These applications use a host of tools and technologies. The range of E-Operation support activities include infrastructure set up and maintenance, providing version control, support to the production environment and troubleshooting.

Role:

• Involved in upgrading the Webagents in development, staging production environments from version 4.x to 5.x
• Installed and configured SiteMinder web agents 5.5
• Installed Site minder Web Agent on iPlanet Web server and IIS Web server on Windows NT
• Created realms and rules for implementing policy-based security to various applications
• Administered policy server by creating realms and rules for different applications

Environment: CA Siteminder, Solaris 8, Oracle 91, I-Planet6.0 sp4, Sunone7.0

Confidential

ERC Cognos Support

The project involves managing the entire Cognos operations for ERC across different environments like Development, Staging and Production involving various Cognos components like IWR, Power Play, Cognos Query, Cognos Visualizer and Notice Cast.

Role:

• Managing and updating all the cognos components across different servers for the different environments for the smooth operations.
• Troubleshooting various issues related to cognos functioning.
• Managing the LDAP for Cognos user profiles.

Responsible for mentoring new team members and process enhancements

• Published IWR reports and Powerplay cubes, Powerplay reports, on the portal using Cognos IWR report admin, Powerplay enterprise server.
• Scheduled and distributed reports using schedule function in cognos connection
• Implemented Single Sign-on SSO for intranet.
• Creating Impromptu reports, Transformer Models, Cubes
• Configuration of Access Manager to IWR, PPES, Impromptu, Models Upfront
• Create and Publish IWR Reports, Cubes and PPX reports
• Automation of Reports, Cubes and Models using Batch scripts/Macros
• Creation Maintenance of Architect models, Impromptu Catalogs
• Building Packages, Metadata, Folders
• Create and modify standard filters, calculations, prompts and conditions.
• Exporting Catalogs, Transformer Models and Packages for Cognos Query
• Automating of cubes generating the models and refreshing the cube during off-peak hours
• Monthly backups of all Cognos components.

Environment: Windows2003, PowerPlay Enterprise7.3, PowerPlay Transformer7.3, Cognos Query7.3, Impromptu Web Reports7.3, Notice Cast7.3, Visualiser7.3.

Cognos Upgrade from 7.1 to 7.3

Involved in installing and configuring Cognos components like Cognos Query, Upfront, PPES, PPTS, Visualiser and Notice Cast on version 7.3. Upgraded all these components from version 7.1 to 7.3.

Role:

• Responsible for Installation, Configuration and Administration of Cognos EP Series 7.3 Upfront, IWR, Cognos Query, Power Play, Visualizer, Noticecast 7.3.

• Migrated all Power Play Cubes and Transformer Models. Moved reports, cubes and Cognos Query Models from one server to other using Deployment Manager.
• Published IWR reports and Powerplay cubes, Powerplay reports, on the portal using Cognos IWR report admin, Powerplay enterprise server.
• Upgraded 450 IWR reports ,300 PP cubes , 120 CQ reports 80 visualisations from 7.1 to 7.3

Environment: Windows2003, PowerPlay Enterprise7.3, PowerPlay Transformer7.3, Cognos Query7.3, Impromptu Web Reports7.3, Notice Cast7.3, Visualiser7.3.

Confidential

CPA-CDI

The Central Point Administration aims to reduce the administrative overhead of managing GE worker information. CPA is based on Enterprise Meta Directory architecture. A Meta Directory provides large organization with a way of consolidate disparate worker sources into a unified directory view that will evolve with technology.

Responsibilities:

• Responsible for writing and maintaining Perl scripts used to maintain the user base up to date with latest attributes
• Interacting with the client and users on daily basis solving all production issues.
• Responsible for interacting with the development team in testing the flow of the application related to the flow of user attributes from one directory to another.
• Responsible for making sure that daily jobs for updating worker information run to completion successfully.

Environment: Solaris 2.7, LDAP, Perl

Confidential

Bandwidth Manager

Design, Development and Implementation of Bandwidth Manager . Created a front end for configuration and management of a LINUX based Bandwidth Manager, using IP Route2/TC package including a fully functional Graphical User Interface for users. It is a tool for Network Administrators used to control inflow and outflow of traffic from ISP to customers and works in two different modes- Administrative and Normal.

Role :

• Involved in design development of the tool. Created a front end for configuration management of Bandwidth manager.
• Involved in functional testing.

Environment:Linux, CGI Perl, HTML, Java Script, MySql

Training s

Six Sigma Green Belt training.

Achievements

• Received Client GE Insurance Solutions awards for various process enhancements to the existing setup.
• Received Employee Of the Month award BirlaSoft Inc for my work at GE Insurance Solutions, Overland Park, Kansas.