SUMMARY

• Over 6 + years’ professional experience in Identity and Privileged Access Management (IAM/PAM).
• Experienced in implementing the market's leading Privileged Access Management (PAM) solutions for enterprises.
• Successfully implemented CyberArk and Okta (Provisioning/SSO/MFA) at Confidential .
• Performed CyberArk DNA scan to identify privileged unmanaged users across organization.
• Experienced in installation and implementation of Cyber Ark 7.0 and most recent implementation of CyberArk 8.1.0. And CyberArk 9.5 and CyberArk 10.8.
• Successfully upgraded CyberArk Environment from 9.5 to 10.1 and from 10.1 to 10.8.
• Experience in Privileged Access Management solutions particularly CyberArk, CA Control Minder, network security and administration.
• Installation and configuration of CyberArk Vault, Password Vault Web Access (PVWA), Central Password Manager (CPM) and Privileged Session Manager (PSM) and Privileged Session Manager proxy (PSMP) and Application Identity Manager (AIM) in Prod and DR.
• Troubleshooting and maintenance of the Password Vault, Central Password Manager (CPM), Privileged Session Manager (PSM), Application Identity Manager (AIM), DR Vault in DR Server.
• Installation, configuration and troubleshooting of AIM clients for various teams.
• Onboarded Privileged accounts into Password Vault using Bulk upload utility.
• Configurations including AD integration and Management of Cyber Ark Enterprise Password vault.
• Managed Safes and Server/ host addresses in EPV. Resolved issues with CyberArk CPM to communicate with hosts to reconcile credentials.
• Implemented and configured AIM (Application identity Manager) on RPA Blue prim servers by using Credential provider.
• Administration experience of CyberArk vault with Safe creation, integration with LDAP and other authentication methods.
• Experienced at commissioning and decommissioning computer objects and creating and maintaining service accounts.
• Experience in controlling and configuring privileged user access with CA Privileged Identity Manager 12.8, 12.9.
• Experience in configuring and providing granular access using CA Access Control.
• Performed operational support in Active Directory such as creating security groups, creating users, assigning policies, maintaining password complexity rules. Commissioning and decommissioning computer objects, creating and maintaining service accounts.
• Translated complex business requirements, regulatory and compliance requirements into technical requirements to apply right policies, overall access, authentication and authorization (AAA) solutions and NIST guidelines.
• Migrated all SSO Apps configured currently in CA Site Minder to Okta Platform to leverage the combination of SSO and Contextual MFA.
• Migrated Vistra User Lifecycle Management policies from CA Identity Manager to Okta Provisioning by integrating Okta with Workday.
• Installed Okta Active Directory Agent and configured 7 Active Directory Domains to import users and groups into Okta and Enable Profile Mastering.
• Configured different MFA Rules based on On - Network and Off-Network and prompt MFA based on Risk Profile of Users coming from IPs based on Network.
• Configured Deny Rules to stop traffic coming from blacklisted countries.
• Protected applications by integrating them to Okta through Modern Authentication Protocols like SAML, OpenID Connect.
• Experienced in System Administration working on RedHat Linux, Solaris, SUSE Linux.
• Integrated CyberArk with Okta Platform for SSO & MFA.
• Adept at working with many different software programming languages and development tools.
• Hands-on experience implementing Single Sign On (SSO).
• Excellent trouble shooting skill set includes verifying various web agent and SiteMinder logs and monitoring the health of the environment using One View Monitor.
• Gathered and analyzed IAM, PAM security requirements, identified gaps in security architecture and recommended best practice processes and solutions in large and complex enterprises.

TECHNICAL SKILLS

Tools: CyberArk, Okta, CA Privileged Identity Manager 12.8, 12.9, CA Single sign on 6.x, 12.0, 12.52, Putty, WinSCP, Service Now, HP Service Manager, Jira, Hyena Active Directory, AD Tool Kit.

Application Servers: IBM WebSphere Application Server, JBOSS

Directory Servers: Sun ONE Directory Server (5.1, 5.2), Microsoft Active Directory, Apache Directory Studio

Scripting: Shell, JavaScript, XML and PHP

Microsoft Office Tools: Word, Excel, PowerPoint, Access, Project

Operating Systems: Microsoft Windows Family, Solaris (8x, 9x, 10x), Red-Hat Linux

AREAS OF EXPERTISE

• Analytical Thinking
• Methodical Problem Solving
• Troubleshooting
• Debugging
• Research
• Planning
• Technical Documentation
• Excellent Verbal and Written Communication
• Resourceful
• Teamwork
• Leadership
• Integrity
• Strong Work Ethic
• Positive Attitude

PROFESSIONAL EXPERIENCE

Confidential, Irving, Texas

CyberArk / Okta Consultant

Responsibilities:

• Integrated CyberArk with Okta Platform for SSO & MFA.
• Migrated all Privileged accounts from CA Privileged Identity Manager to CyberArk.
• Performed DNA scan to identify privileged unmanaged users across organization.
• Provided support on existing CyberArk operational issues.
• Successfully upgraded CyberArk Environment from9.5 to 10.1 and from 10.1 to 10.8.
• Responsible for the troubleshooting and maintenance of the Password Vault, CPM, PSM, AIM, DR Vault.
• Onboarded Privileged accounts into Password Vault using Bulk password upload utility.
• Created safes and added users and groups to them for privileged access in CyberArk.
• Worked on EPV servers using Private Ark to administer the Acceptance and Production Vaults.
• Monitored CyberArk reports and responded to failed password verification alerts and worked with system account owners to resolve failure alerts.
• Ensured that all CyberArk accounts communicated with servers and corrected any discrepancies or errors that were found.
• Integration of systems such as Active Directory, Syslog, Splunk, Remedy, etc.
• Developed best practices defined by Vendor, Regulatory, Compliance and Corporate policies.
• On-boarded and troubleshoot, managed tens of thousands privileged accounts for platforms such as Linux, AIX, Windows, SSH, Solaris v10, Solaris v11.
• Performed PAM operational tasks, defining access control, user entitlements, management of Applications Credentials and User Access Policy.
• Implemented and configured AIM (Application identity Manager) on RPA Blue prim servers by using Credential provider.
• Reviewed and analyzed privileged accounts across the organization by involving stakeholders.
• Developed operational documents, user training, DR plan and IR procedures.
• Worked on Privileged Access Reviews, Compliance Reporting, Access Control Processes and other associated tasks with Privileged User Management.
• Performed administration of user accounts, group memberships, and Organizational Units using Active Directory.
• Created, modified and managed privileged user accounts through Active Directory for both unclassified and classified networks.
• Documented the use cases, solution approaches to communicate with various teams.
• Integrated and configured Workday Application (Provisioning as well as Real Time Sync Options) with Okta as Profile Masters to drive provisioning and deprovisioning processes as per business requirements thereby replacing the functionality of CA Identity Manager with Okta Identity Cloud Platform.
• Configured Single Sign On (SSO) for SAML Enabled Apps at Confidential like Amazon Web Services, BOX, Zoom, ADP, Adobe Sign, Alert Media, Dome9, Salesforce, Deem, FIS, GEMS, Gitlab, ClearPass, Zendesk, IS Network World, Host Analytics, JIRA, Maximo, Spotlight XL, New Relic, NexPose, Redlock, Service Now, SkillPort, Splunk, Teem, Veracode, Workplace ZScaler etc. thereby migrating functionality from CA Single Sign On to Okta.
• Managing user and group management using Active Directory and providing access to various resources like NAS shares, servers, Network & Security Devices, Mailboxes, Applications etc.
• Writing scripts in PowerShell to generate Application Health reports, log monitoring etc.
• Installing and Upgrading Okta Agents (Active Directory, Radius, IWA Agent and LDAP Agent) on a regular basis.
• Identifying various new releases from Okta and testing in lower environment to understand functionality and moving to production.
• Defining MFA rules to sensitive user groups to enhance security.
• Generating reports for various monthly, quarterly and yearly SOX audit controls from AD as well as IAM Suite on provisioning/de-provisioning users, NAS share reports using Hyena Active Directory, User Access Reviews for IAM applications, Legal Hold Reporting etc.

Confidential, The Woodlands, Texas

CA Privileged Identity Manager Administrator

Responsibilities:

• Successfully upgraded the Enterprise Management servers from CA Privileged Identity minder 12.8 to 12.9.
• Integrated Endpoints with UNAB, PUPM, AC with centralized administration server.
• Installed agents on UNIX endpoints, upgraded UNAB to the latest version 12.8 SP1 to fix the issues in the current release. Upgraded PIM agents to 12.8 SP1.
• Gathered and installed latest agent packages to install agents on RHEL 7.
• Installed PIM patches on endpoints to fix the issues related to sesudo access.
• Involved in generating various reports using the Business Objects Info view as per the client requirement.
• Successfully resolved the issues with the queue size.
• Experience in rebuilding the corrupted seosdb, corrupt DH.
• Involved in placing the scripts on the endpoints to get the email alerts for agent restart failures.
• Worked closely with UNIX team for log gathering in case of troubleshooting the issues in the environment.
• Experience in using selang commands for policy deployment and troubleshooting.
• Experience in analyzing both the Access Control support file and UNAB support file from the endpoints.
• Implemented Single Sign On (SSO) for various applications in the environment.
• Implemented different vendors SSO using SAML 2.0.
• Involved in 24X7 on-call support support to resolve any issues.

Confidential

Systems Engineer

Responsibilities:

• Provided 24/7 L2 support for ARTS banking application and during migration and/or application upgrade.
• Managing user and group management using Active Directory & Sun One Directory and providing access to various resources like NAS shares, servers, Network & Security Devices, Mailboxes, Applications etc.
• Generating reports for various monthly, quarterly and yearly SOX audit controls from AD as well as IAM Suite on provisioning/de-provisioning users, NAS share reports using Hyena, User Access Reviews for IAM applications, Legal Hold Reporting etc.
• Writing scripts in Python/PowerShell to generate Application Health reports, log monitoring etc.
• Responsible for maintaining Production environment on Solaris servers located across 5 client locations.
• Monitored system, database and application performance.
• Monitored Scheduled jobs and ensured their successful completion and reported on their status.
• Responded to the ad-hoc requests to execute jobs and adhere to SLA in providing resolutions.
• Brought the system back up in case of failure by following defined process in SOP.
• Created tickets and monitored the ticketing system for alerts.
• Maintained appropriate incident and resolution log files, analyzed log files and shell scripts.
• Provided quick and accurate RCA to the client.
• Part of Production support team involved in troubleshooting and resolving problems, incident management, identifying and providing quick and accurate RCA following ITIL process.