SUMMARY

• As a IAM Consultant 6+ years of Experience in development, design, and implementing security using Identity Products.
• Continuously improving and automating in IAM technologies that consist of PingFederate, Ping Access, Ping ID, Forge Rock, Okta, SiteMinder and LDAP directories.
• Configured SSO on Web/Application Servers to use the Sun One Directory Server for user authentication.
• Hands on experience in IAM requirement analysis, implementation of Access Gateways and SAML, Oauth, WS - Fed and OpenID based integrations using Ping Federate
• Hands on experience on PingFederate 7.x,8.x,9.x, and Ping One.
• Perform installation, configuration and maintenance of Access Manager and policy agents.
• Worked on PingFederate in conjunction with CA directory, SiteMinder adapters to implement various flows of authentication to provide single sign on (SSO) solutions to various clients in different scenarios.
• Expert in generating, implementing SSL certificates in both IIS 5/6/7,8, Apache 2.x.
• Hands on experience on IIS, Apache Web Servers in Staging and Live environments.
• Experience in analyzing, debugging authentication/authorization related issues in PingFederate servers.
• Worked on Ping ID for Multi-Factor authentication in Dev and Production environments.
• Worked on JSON web token to send client to Windows and Apache servers for authentication purpose.
• Worked on Implementing OAuth Configuration with the Clients to get the Access Token to access the web API’s
• High level of understanding on Federation services.
• Excellent troubleshooting skills on SAML, OAuth, OIDC, and PingOne
• Experience in installation of PingFederate, and troubleshooting in Windows IIS, Apache Tomcat, and Red hat Linux webservers, Unix servers.
• Ability to generate SSL certificates using OpenSSL for SSO services in both Staging and Production environments.
• Proficiency in JAVA/J2EE, WebLogic Application Servers, and Windows system administration.
• Experience is authenticating applications seamlessly using Kerberos Token Processor.
• Developed standard operating procedures and technical documentation of PingFederate components for user training and support.
• Experience working with LDAP to generate IDP and SP initiated SSO request using POST, and Redirect Protocols.
• Troubleshooted multiple PingFederate Open token/agentless/SAML applications in Live environment to retrieve authentication access.
• Good experience on Microsoft Office tools like Word, Excel and Outlook.
• Skilled in root causes analysis, problem solving and conflict resolution.
• Hands-on experience on IIS, Apache Web Servers in Staging and Live environments.
• Good understanding of CI/CD processes

TECHNICAL SKILLS

Identity Access Management (IAM): PingFederate 6.x/7.x/8.x/9.x,10.x PingOne, SiteMinder, ADFS, Ping Access, and PingID.

Data Stores: Sun One LDAP, Active Directory, Policy Servers and Oracle Directory Server, CA Directory store.

Web Servers: Microsoft IIS 6.0/7.0, Apache 2.x, Tomcat.

Operating Systems: Windows 2008/2012/2016 , Windows 7/8/8.1/10, Solaris, Linux, and Unix

Applications: MS Office suite, Eclipse, PuttY, MremoteNG, SoapUI, Apache Directory Studio

PROFESSIONAL EXPERIENCE

Confidential, San Jose, CA

IAM Consultant

Responsibilities:

• Worked on setting Oauth authorization server in Development and Pilot environments.
• Created Access Token managers and Authentication Policies for Oauth.
• Tested functionalities Oauth Grant types.
• Implemented security for Single Page JavaScript applications using Oauth Implicit Grant flow method.
• Configured High Availability clustering for PingFederate Pilot environment.
• Worked on PingFederate and PingAccess connectivity using OIDC protocol as STS provider.
• Created reverse proxy on apache web servers for Single Sign On.
• Worked on setting up Splunk logging system for PingFederate admin and runtime logging system.
• Worked on Proof of Concept of custom adapters
• Ping Federate to Ping One connectivity using PingID adapter.

Confidential, Eagan, MN

IAM Engineer

Responsibilities:

• Worked on authentication services in Ping Identity suite (PingFederate, Ping Access and PingID)
• Worked on SAML integrations in dev, staging and production environments
• Debugging SAML related authentication issues on timely basic
• Worked on developing policy contracts, selectors, and policies
• Worked on creating authentication policies in all environments
• Responsible for Developing technical documentation to support the evaluation, selection, installation, and maintenance of SSO and MFA security technology systems.
• Involved in integrating SSO and MFA for internal and external applications.
• Responsible for MFA polices in Ping federate and Ping one.
• Worked and integrated OAuth Hard Tokens with Ping Identity.
• Integrated applications with Ping Federate using OAuth using Authorization Code, Resource Owner Password Credential, and Implicit grant integration.
• Responsible for to provide audit logs to application teams and Vendors and Build Dashboard and reports in Sumo logic
• As a part of support, worked on escalated tickets on authentication and SSO.
• Worked on integrating with major platforms such as Azure and AWS applications to authenticate using PingFederate SSO.
• Integrated applications with Ping Federate using OAuth using Authorization Code, Resource Owner Password Credential, and Implicit grant integration.
• Migration and configuration of PingFederate 9.0 to 9.3 on UNIX servers.
• Worked on application configuration with Ping Access and defining Ping Access Sites, rules, Virtual hosts, Policies and Rules.
• Experienced with multiple Ping Federate adapters like HTTP adapter, Open Token adapter and Composite adapters.
• Integrated PingFederate with active directory and Azure AD to authenticate the users as per requirement.

Confidential, Austin, TX

Authentication Engineer

Responsibilities:

• Designed, Developed, and Supported highly available and scalable PingFederate infrastructure in on-premise that provide SSO, SAML, WS-Fed, and WS-Trust federation service for internal and external users.
• Migration and configuration of PingFederate from 7.x to 8.x and 8.x to 9.x on Linux servers.
• Worked extensively on creating custom password polices and authentication schema as per requirement.
• Installed PingFederate Open token, Agentless methods of federation from scratch Apache 2.x, and IIS 6/7.
• Generated and updated IDP, SP SAML signing certificates in both Identity provider and Service Provider.
• Continues high level support on developed Single Sign On applications.
• Worked on certificate based SSO application development.
• Worked on Implementing OAuth Configuration with the Clients to get the Access Token to access the web API’s
• Expert in generating, implementing SSL certificates in both IIS 5/6/7, Apache 2.x.
• Documented applications and changes when a new application is integrated with PingFederate.
• Created forms to On-board companies, On-board external/tertiary users profile using PingFederate 7.3.x,8.x and 9.x.
• Providing PingFederate server logs to Microsoft for modern auth development.
• Provide Infrastructure and Security Suggestions to both 3rd party and Internally developed applications.
• Provided PingFederate installation and required documentation for on-premise/external applications, to vendors for internal purpose.

Confidential, NJ

IAM Engineer

Responsibilities:

• Configured SSO on Web/Application Servers to use the Sun One Directory Server for user authentication.
• Installed Ping Federate 6.x version on Windows servers.
• Configured admin, runtime, and state servers for PingFederate environment.
• On boarded SAML applications to client as per requirement.
• Worked on Policy Server and Policy Store Upgrade from R6sp1 to R6sp5.
• To manage and configure Sun One directory servers, Sun Access Manager and agents on Solaris/Linux/Windows platforms
• To maintain, configure and install iPlanet/Sun One directory server on the Sun and Windows servers
• To Perform installation, configuration and maintenance of Access Manager and policy agents
• To provide timely resolution of all tickets (incidents, service calls, workorders) within specified SLA, assigned to the team and document repeating tickets as knowledgebase for the team
• To perform analysis on all tickets and identify areas of improvement to avoid reoccurrence and improve SLAs.
• Planned and deployed independently the migration of Sun One directory server from version 5.1 patch 2 to 5.2 patch 6 in B2B.
• Involved in planning and deploying an upgrade of Sun One directory server from version 5.1 to 5.2.4 in B2A environment
• Created and configured cron jobs to create ldif and binary backups, configuration backup and backup/logs rotation
• Setup script for directory server logs analyses (logconv.pl) to ensure proper use of directory server
• Monitor backup jobs of directory server and provide failover and load balancing support