- Around 9 years of experience in Information Technology in implementation and providing Single Sign on across enterprise applications using Ping Federate, NetIQ's Access Manager, Active Directory Federation Service, CA Federation.
- Worked on implementation of Novell/NetIQ's e - Directory, Identity Manager, i-Manager
- Worked on Enterprise Users Single Sign On through browser and through services with third party application hosted in enterprise or cloud using Ping Federate, Ping One.
- Upgraded Ping Federate from Version 7.1.1 to 7.3.
- Installed and Configured Ping Federate.
- Expertise in implementing SAML as both Identity Provider and Service Provider across multiple platforms Using SiteMinder and Ping Federate.
- Implemented OAuth to access the protected API with Access Token by using Different OAuth Grant types.
- Configured multi factor Authentication for internal applications using PingID.
- Worked on NetIQ Access Gateway to send all the traffic through a common proxy server and redirect to Resource Server.
- Experience in Sail point tool customization, Report Generation, Integration with end/target systems, Sail point API's and Application Development.
- Designed Sail point deployment activities, connector configuration, custom rule development, workflow configuration, development and third party system integration.
- Experienced in migrating NetIQ Access Manager to Ping Federate.
- Working as a part of Single Sign on team, Protecting Web applications with Standard/Custom Authentication Schemes and educating the application team about the flow of authentication and authorization.
- Worked in tuning the environment and setting up High availability with LDAP and Access manager.
- Implemented Single Sign-On using SiteMinder on single/multiple cookie domains for Web applications and integrated SSO with SunOne LDAP and MS Active Directory and e-Directory. This also includes Federation both inbound and outbound using SAML 2.0.
- Experience in implementation of IAM solution from scratch.
- Deep knowledge on OKTA MFA device management, server MFA management.
- Hands on experience in IAM requirement analysis, implementation of Access Gateways and SAML based integrations.
- Experience in collaborating with teams to determine systems requirements and functionalities needed in LDAP.
- Experience working with Active Directory using LDAP protocol and good understanding of the LDAP concepts.
- Experience in redesigning the existing LDAP schema with some custom attributes and object classes.
- Experience in developing applications using java, j2ee and using databases oracle 10g.
- Excellent communication skills and good Interpersonal skills helped me to keep productive and positive working relationships with staff from varying technical backgrounds and skill levels.
- Good in prioritization, multi-tasking and project planning skills. Expert in documentation and management of standard operating procedures.
Sr. IAM Engineer
- Design of identity federation connectors from SailPoint to target systems, along with subsequent access control by SecureAuth.
- Ensure requirements gathered, processes defined, and use cases documented follow out of the box configuration vs. customization as much as possible
- Manage client requirements and configure Confidential connectors for 34+ applications
- Design SailPoint deployment and solution architectures.
- Provide L2 and L3 support for the Service requests/incidents.
- Participate in all SailPoint deployment activities - connector configuration, custom rule development, workflow configuration and development, third party system integration.
- Design, Implemented a solution which manage the Identity lifecycle of almost all applications with the enterprise, without directly controlling the identity store within the application.
- Involved in creating custom reports, certifications in order to cater various data feeds.
- Achieved SOX and PCI compliance by building a flexible and scalable framework to provide authentication and authorization services while supporting rules/roles/languages requirements for various International countries.
- Design and Implement data import of various types of data files from internal and external target sources for validating access levels.
- Created a Registry for important information on all applications.
- Participate in and/or User Acceptance Testing and bug-related reengineering efforts
- Perform Installation and configuration of SailPoint IdentityIQ
- Develop custom SailPoint BuildMap Rules and Workflows as per the business needs.
- Setup applications Active Directory, LDAP, Oracle and Flat Files.
- Providing solutions for the changing business requirements.
- Implement REST classes using SailPoint Rest Application.
- Using IIQConsole for operations such as checkout, import, connector Debug etc.,
- Used IQService as part Identity IQ for Active Directory (AD) provisioning.
- Setup direct connectors for AD, LDAP,MySQL,Oracle,EPIC
- Configuration of Roles, Policies and Certifications for governance compliance
- Build and Configure SailPoint in-built tasks like aggregation, ID refresh, schedule tasks, correlation, etc.
- Working knowledge of ISAM AAC components i.e. Authentication Mechanism (MFA, Context and Risk Based), Access Controls (Policies and Rules), Risk Profiles, Information Points, Attributes.
- Involved in adding direct connectors for Active Directory, LDAP, Exchange Online, Box and UNIX.
- Configuration and development of SailPoint Life Cycle Events (LCM)
- Customizing and branding of SailPoint solution.
- Provide knowledge transfer and post production support activities, as necessary.
Environment: Windows 2012 R2, RHEL 7.0, Ping federate 6.0, 8.0, Ping Access 4.1, AD (LDAP) as User Store, Oracle Database as Policy store, IIS,Bean shell scripting, Apache Web Server, IBM Http Web Server.
- Design & Implementation of Confidential
- Confidential Installation and Configuration as required by the design solution
- Implementation of Self Service feature, Password features (PTA, Forgot password, Change Password), provisioning feature, configuring various roles and policies in SailPoint.
- Worked on different application connectors like Active Directory, UNIX, and Delimited.
- Working knowledge of Multi-factor authentication (MFA) using Time-based One-Time Password (TOTP), HMAC-based One-Time Password (HOTP) to Email (SMTP) and Phone (SMS).
- Set up Confidential policy server on 4 environments (Dev, QA, UAT & Production)
- Developed build map rule, creation rule and customization rule to create Employee and Contractor user accounts into SailPoint from their current application’s exported feed file.
- Developed a custom form in the SailPoint UI so that various admins can create Employee/Contractor user accounts manually through UI and provision users
- Created and ran the aggregation task to bulk load authoritative source data from Active Directory, Exchange and LDAP
- Developed a creation rule to run update, terminate and rehire transactions on specified Employee and Contractor user accounts based on the feed file data.
- Developed a scheduler using Java that will periodically run to terminate contractors on their specified contract end date
- Developed a code that will send expiration notification to Contractors
- Developed a scheduler that would periodically check for Name change requests in the feed file data and will change the name of respective Employee account
- Developed a java code that will consolidate role details of user accounts into a CSV file and send to HR or Application Admin. The admin can then act upon the access of users accordingly.
- Built Joiner, Mover and Leaver workflows to maintain user accounts
- Developed custom workflows with approvals and also modified OOTB workflows as per client requirement
- Created and Implemented static/dynamic roles. Configured entitlements and policies.
- Did Access re-certification, automatic/manual remediation for applications managed by SailPoint for Employees and Contractors
- Analysis of the specifications provided by the client and help Project Manager to estimate the effort required
- Requirement analysis and preparing Requirement Documents and Design Documents.
Environment: Windows 2012 R2, CA SiteMinder Policy Server r12.52, 12.6, Web Agents r12.52, Secure Proxy Server 12.52 and r12.6,UNIX, Bean shell,ADLDS and AD (LDAP) as User Store, SQL Database as Policy store, IIS, Apache Web Server, IBM Http Web Server.
- Coordinating with business analysts on collecting requirements
- Involved in Architecture, design, build, test and deployment stages of the project
- Integrated Oracle Identity Manager with Oracle Identity Analytics for Role Based Provisioning
- Developed Configuration, Integration and migration documentation for the client developing connectors and API(s) for automated provisioning
- Performed User provisioning and reconciliation from Flat file, DB and AD.
- Performed issue resolution with respect to these target systems.
- Acted as configuration manager for the project performing review of the OIM metadata exports.
- Version management of code and OIM components, import of OIM components.
- Sanity check on OIM environment.
- Configured entitlements, Provisioning and de-provisioning entitlements to users
- Applied Bundled Patch sets and OIM Merge Patch on OIM using O-patch utility
- Participated in Customer meetings and maintained On-call telephone for support, out of Business hours
- Registered the plugins, imported and exported XMLs into MDS.
- Configured Remote design console for Data Governance team
- Designed and implemented High Availability and failover
- Design workshops with all stakeholders involved in the project
- Built Identity Warehouse and Role mining
- Populated the Identity Warehouse (Imported Users, Applications and Glossary Definitions).
- Conduct Role Mining and validation.
- Designing and implementing custom solution for Recertification Managers and Admins for User Access
- Recertification and Data Owner Recertification
- Developed and implemented SIT and UAT test cases
- Trained Clients on managing infrastructure.
- Coordinating with business analysts on collecting requirements
- Involved in Requirements Gathering, Design, Build and Test phase of the project
- Involved in setting up the environment OIM with AD, MS Exchange, and Oracle DB.
- User Provisioning/Groups and Organization Level Provisioning to OID and AD with Exchange from OIM;
- Initial Reconciliation done from Trusted Source of PeopleSoft.
- Developed Complex Approval & Involved in developing Multilevel Approval tasks.
- Designed Roles, Rules, Workflows routes involving enable - disable user, and audit report, delegation.
- Added Custom attributes for both Reconciliation and Provisioning.
- Customized OIM From on the basis of Roles like Full-time and Contractor.
- Developed Entity, Prepopulate, Process task and Rule generator adapters to support the workflows.
- Created Password policies in AD and OID
- Integrating OIM and OAM applying Single-Sign on.
- Involved in the creation of tasks for lifecycle management of users.
- Configuring and customizing self-registration forms.
- Developed technical documents and test cases for SIT/UAT.
Environment: Ping Federate 7.1, Ping Federate 7.3, SiteMinder 6.0/R12, OAuth2.0, Web agents 4.x,5.x,6.x, R12 Sun One directory server 5.2/ iPlanet Directory Server, Sun Solaris 2.8, Sun Java System Web Server 6.0,7.0/Oracle iPlanet Web Server and IBM HTTP Web Server, IIS 6.0/7.0/7.5.