SUMMARY

• 161/2 years of experience wif cyber security and Identity Access management projects
• Understands projects from both technical and consulting aspects
• Strong experience in Cyber Security, Identity and Access management
• Involved in pre - sales to provide SME services to RFP responses, Orals to clients and work wif pre-sales team to create proposals.
• Willingness to take up business travel
• 161/2 years of overall experience in the areas of Application Security, Identity & Access Management, Cyber risk management, Disaster recovery and Business Continuity planning, Secure Infrastructure design, Privileged access management, Vulnerability management, Penetration testing for Windows and Unix based environments, Security reviews and security architecture design. Demonstrated work experience in design, development, testing and implementation of enterprise wide security applications using Oracle Waveset 8.1, Sun One Directory server (LDAP) and OUD 11GR2, Oracle Identity Manager ( Confidential ) and Oracle Access Manager for SSO PS1 and PS3 products on Windows, UNIX and Linux (RHEL).
• CISSP certified (certificate No. 482171) (certified Information systems security professional) in good standing.
• Hands on exposure on analyzing the application architectures in terms of authentication (LDAP AD, security groups, OU’s and Internal v/s external accounts in AD), authorization (authorization attributes store in SQL DB), Internal (employee) v/s external (agents and vendors) security requirements, access points for applications and flow of application data between network security components like Firewall, DMZ, F5’s and Reverse proxy servers implemented wif Apache web server.
• me have experience of documenting the application architecture (as-is and would-be) in Visio and present to client Information security teams for approval.
• Excellent communication skills and good Interpersonal skills helped me to achieve productive and positive working relationships wif staff from varying technical backgrounds and skill levels.

TECHNICAL SKILLS

Security Technologies/ Tools: Netegrity/CA SiteMinder 5.x/6.x/12.0, Oracle Identity Manager 11.1.2.1, Oracle Access Manager 11.1.2.1, Oracle Unified Directory OUD11g, Oracle Identity Federation (OIF), SAML 2.0 assertion SSO implementation, Oracle Identity Manager 9.1, Netegrity SiteMinder 5.5 for access management, Sun JES suite - Sun One Portal server in open and secured mode (Secure Remote Access Gateway), Mobile portal access wif Localization & Internationalization features, Waveset Lighthouse Identity Manager deployed wif Oracle 10g and BEA Weblogic Application server (LDAP/LDAPActiveSync/Database adapters), Sun One Access Manager, Sun One Application sserver (bothPE/EE), JES Webserver, Sun ONE Directory server. Integrating mail & instant messaging servers wif Sun Portal server, Oracle Identity Manager 9.1.0, Oracle Identity Analytics 11.1.1, SAML 2.0 SSO Framework solution for Federated SSO, AD Administration tools ADSi edit, ADUC and Softerra LDAP, AppDynamics 4.1, Microsoft Azure B2E/B2C Identity Management

CRM Technology: E. piphany Interaction Advisor (Real time tool for offer generation) and Analytical platform (AP for outbound CRM marketing)

Databases: Oracle 11g, Oracle 10g, My SQL, MS SQL (Joining and SQL Queries)

Operating Systems: Solaris 2.6/2.7, IBM AIX, HPUX, Redhat Linux 6.2/ 7.2/8.0

E-Com Frameworks/Web Technologies: Sun One Application server, ASP, Tomcat Apache webserver, CGI/Perl Scripts, IIS, JSP, Sun JES Web Server, JavaScript, NSAPI, Netscape Enterprise Server, Stress testing, WebLogic, WebSphere

Programming Languages: C, Java, Java scripting, XML, build tools ANT and power Confidential, Confidential programming, Makefiles, PHP, Attended training program on C# programming and ASP.NET

Security Tools: IBM App scan Security scanner, Open SSL, Open CA, Nessus, Nmap, Satan, SARA, Snort, Lophtcrack, Etheiral protocol analyzer, john the ripper, Sniffit, FLTK, Cyber Cop scanner, netcat, TCP Dump/ Windump, Languard, ISS Internet Security scanner, Retina

Security Concepts: Cryptography, PKI, Digital certificates, SSL

Security Trainings: Attended training program on Sun Directory Server, Sun Identity Manager and Meta Directory server. Appeared for certification exam and received Sun certificates for above products. Attended training on Oracle Identity Manager 9.1.0.1, In house training on Oracle Identity Manager 11g

Security certification: CISSP ISC2Certification # 482171

PROFESSIONAL EXPERIENCE

Confidential

me-AM Security PM

Responsibilities:

• Project is being executed under Confidential Scrum methodology wif user stories tracked through Jira and bi-weekly sprint cycles-based execution.
• My role in the project as Project Manager involves creating product backlog in the Jira, conduct daily scrum meetings internally amongst the team, track progress of Jira items and provide a vocal presentation to the Confidential Management team on a weekly basis on the progress of the workstreams, Risks, Issues and Dependencies.
• My role also involves coordinating technical discussions wif other Confidential Teams as Telematics and content and portal development teams wif regards to Azure tenant configurations, Data analysis between Oracle and Azure platforms, other key integration decisions. It also involves participating in discussions wif other integrating partners of Confidential as Sirius XM and Xevo for both technical and timeline discussions.
• me am also the PM for migration of https:// Confidential . Confidential .com Confidential Confidential application from consumer ODSEE directory to OUD based directory Corp directory.
• My responsibilities also involve building an intermittent build for Oracle components (OAM, OVD, ODSEE and OHS components) at Phoenix data center to support the retirement of Torrance data center Oracle servers by end of 2017.
• me am also involved in uplifting reporting and logging processes for the migrated applications to Azure platform. Splunk is being used the log management tool and its integration wif Azure is currently being analyzed for reporting processes.

Confidential

me-AM Security PM

Responsibilities:

• Production support for Online Banking and Mobile banking applications for Confidential . Online Banking application (www. Confidential .com) uses datapower (middleware) to make userStatus and validatePassword calls during authentication thru OAM to authenticate users. Confidential is used for provisioning new users / maintaining existing OLB user accounts.
• 2 consumer and 5 commercial applications are supported by the SSO infrastructure ( Confidential /OAM/OUD).
• Monitor the OLB and mBanking applications through AppDynamics tool (version 4.1.8.9) for spikes in web service calls and pro-active monitoring for latency in user calls to OlB and MBanking due to Weblogic cluster, Oracle 11g DB latency.
• Implemented pro-active monitoring for Weblogic cluster implemented across multiple data centers through wslt scripting for monitoring thread count, db connection pool, Long running sessions in the Confidential Db potentially causing hogging threads and stuck threads.
• Implemented Netcool alerts for Confidential and OAM logs files.
• Implemented App Dynamic alerts for stall error rate conditions and latency in Confidential / OAM calls during user operations
• Conduct quarterly disaster recovery exercise for all the 5 commercial and 2 consumer (Olb/MBanking) applications integrated wif Confidential /OAM/OUD. For the DR a separate network segment (Bubble) is brought up by the DR team and subsequently DR Instances of Confidential /OAM and OUD are started in the Bubble. Testing happens wif Bubble instance of the integrated applications. Any trouble shooting required is done wif app teams wifin the bubble network. Quarterly results and issue log is maintained wif the DRET team.
• Also supporting the Confidential /OAM upgrade project from PS1 to PS3 from a project perspective. Accenture is handling the actual development tasks.

Confidential

me-AM Security Lead

Responsibilities:

• RSA IMG 7.0 (Aveksa IdM) Implementer project Lead role for Confidential Oracle waveset de-commissioning and IDM system migration to RSA VIA 7.0 (Aveksa IdM)
• HR Workday is the primary source of Identity data for IMG Via (Aveksa IdM) and Oracle Waveset and AD are secondary sources. Workday feed creates and updates identities primarily in IMG VIA (Aveksa IdM).
• Aveksa IdM is currently configured wif 3 identity collectors - workday, AD and Oracle waveset. AD collector is the primary account collector.
• Hybrid mode is currently operational in production wif Oracle Waveset doing bulk of provisioning / de-provisioning for birth right roles and base access AD account, Exchange, Remedy access, U drive. Generate daily provisioning / de-provisioning reports for business users and for manual processing for non-connected applications like eSD, AutoFax and RxHome (Oracle DB applications)
• Oracle Waveset de-commissioning and migration to RSA VIA LNG 7.0 (Aveksa IdM). Migration of all current waveset functionality to Aveksa IdM is underway through Agile (Kan Ban) user story board (Rally dev) approach
• Assimilate feature requirement from Oracle Waveset and create the story for migrating the feature to RSA VIA 7.0 (Aveksa IdM)
• Create story on the Rallydev Kan Ban board and interact wif business users to migrate the same to RSA VIA 7.0 (Aveksa IdM)
• Work wif Offshore developers, explain the story requirements to offshore developers and validate the developed story in the dev Aveksa IdM environment
• Work wif RSA support in case of product issues and bugs. Update the user stories.
• Support user issues like error messages like logging in to the end user interface during challenge phrase questions setup.

Confidential

Cyber Security Lead

Responsibilities:

• The Cyber Security Lead (CSL) is a senior level technical role focusing on the overall Cyber Security and Identity and Access management; CSL aligns security/technology to HRS business, underpinning the customers’ ability to achieve its business objectives wifout compromising security.
• Inculcate the security paradigm thinking early in the SDLC lifecycle
• Review and Remediate exposure to HRS Web Applications (vulnerabilities/threats) using the Riverbed Web Application Firewall (Ongoing)
• Review and Remediate the overall security of the HRS applications Scans reports
  • Web Inspect (Internal) Scans - Monthly
  • Other Cyber Scans (Internal/External)
• Have a Deep Understanding on the Security Architecture and Security Practices
• Have a Deep Understanding of the Identity and Access Management Architecture
• Have a Deep Understanding of Centrify Suite or Similar technologies
• Have general or strong knowledge in enterprise security architecture, data, network, server technologies, web /application server technologies, architecture and integration design, disaster recovery, high availability, infrastructure consolidation and optimization.
• Participates in the monthly web scans for the review and remediation of the identified vulnerabilities dat may have a potential to cause exposures
• Effectively interface wif all levels of an organization - both business and technical.
• Excellent Verbal and Written Communications

Confidential

Onsite Lead

Responsibilities:

• MAPFRE desired to launch a new portal aimed at front end agents for selling Life Insurance policies
• Solution required integrating 2 partner sites Dell AWP (Agent web portal) and iPipeline portal for policy administration and new policies under-writing.
• SSO Framework authentication was against AD-EXT and upon successful authentication, SAML 2.0 SSO token was created.
• Token was inserted in the browser URL as http post and upon re-direct would authenticate agent to the target site wifout the need for agent to login again.
• Confidential portal was integrated wif 2 partner sites for Life Insurance business rules via Single Sign On framework.
• New authorization portal named ADMS (Agent data management system) was developed to update application authorization data for agents.
• Enterprise Entitlements manager (E2M) application was extended to provide capability to on-board New Life Agents.
• On-going production support for CAS SSO, E2M and ADMS applications
• SAML 2.0 assertion based SSO was also implemented for Travel Insurance 3rd party underwriter “Insure&Go” wif MAPFRE agent platform
• Responsibilities included - Production deployments, Issue resolution, source code maintenance in RTC versioning control system, Production support for agent and business issues in SSO and provide L3 resolution, coordinate new requirements and development tasks between MAPFRE and Offshore team, business analyst for Travel Insurance SSO integration wif MAPFRE agent platform, Test lead for Travel Insurance portal.

Confidential

Onsite

Responsibilities:

• 73 Hartford custom applications were integrated wif Confidential / Confidential which were deemed under SOX re-certification scope
• Applications comprised of flat file integration, DBAT, DBUM, Mainframe and AD based applications.
• As part of yearly re-certification project application data in each of the 73 applications needed to be synchronized wif the data present in Confidential for the app. before the certificate could be launched.
• Project was completed in 6 weeks onsite at The Hartford, CT.

Technical Lead

Responsibilities:

• Set - up the environments for TPR and IPAC DB Prov apps. in local sandbox, DEV and UAT platforms
• Maintain the environments for both TPR and IPAC DB Prov. apps.
• Perform development (code level) Proof of concepts for TPR and IPAC DB prov. apps
• Provide Level 3 support for TPR and IPAC DB Prov. Sun IDM applications. Analyze L3 cases assigned and timely resolve the cases. Update the case diary.
• Reproduce the productions issues in DEV and UAT environments, trace and debug java and Xpress code through Sun IDM tracing and also by inserting custom java code and re-compile the class (adapter)
• Work wif teams from the other integrating applications wif TPR and IPAC DB engines
• Analyze enhancements for TPR and IPAC DB Prov. Societe Generale applications. Both the applications are based on Sun IDM 8.1 provisioning engine
• Help the project manager wif the estimation process for support issues and enhancements
• Coach other junior team members wif IDM

Confidential

Project Lead

Responsibilities:

• Provide day to day production support for Oracle Identity Manager ( Confidential ) application
• Provide day to day production support for Oracle Identity Analytics ( Confidential ) application.
• Troubleshoot issues in Oracle Identity Manager and Oracle Identity Analytics applications.
• Handle end user support tickets for on-boarding, off-boarding, manager requests and end user access requests to applications, Databases and platforms both windows and Non-windows.
• Perform automated role attestation for users in applications, database systems both SQL and Oracle and Platforms both Windows and non-windows.
• Perform development activities including code generation and testing for fixing bugs in Oracle Identity Manager and Oracle Identity Analytics applications.
• Perform development activities for supporting new features and functionalities required from Oracle Identity Manager and Oracle Identity Analytics applications.
• Periodically provide data and reports to management function for Internal audit purposes.
• Weekly project status report updates to Cognizant management.

Confidential

Technical Lead

Responsibilities:

• Presentation to Merck SME’s on high level use cases expectations from external IDP Integration project
• Develop requirements specification (RS) document in consultation wif Merck SME’s
• Conduct requirements review meetings and requirements sign off
• Develop design specification (DS) document in consultation wif Merck SME’s
• Conduct design review meetings and design sign off
• Work wif offshore team on construction and coding for development of Sun IdM workflows
• Do unit testing of new workflows. Prepare unit test report in approved template.
• Work wif SV&T (system verification & testing) team for SIT testing
• Discuss design specifications wif integrating external IDP partners Verizon business and Exostar.

Confidential,Parsippany, NJ

Manager

Responsibilities:

• Perform vulnerability assessment (VA) on Wyndham Brand applications like Days Inn, Ramada, Super 8, Baymont Inn etc using IBM’s App scan tool
• Perform vulnerability assessment on non-web applications like PRM’s (property relationship management) using tools like Burp suite, Fiddler
• Present vulnerability assessment reports to Confidential management team based on OWASP top 10
• Work wif Confidential Engineering team to remediate vulnerabilities found in the applications
• Coordinate activities wif the offshore teams in India

Confidential

Technical Lead

Responsibilities:

• Analyze applications for automation. Automation is accomplished through Citi Marketplace, Resolve IT, Sun IDM and OneApproval systems.
• Gather automation requirements by interacting wif business stake holders and application developers.
• Convert the automation requirements into CitiMarketplace screen forms. Develop CitiMarketplace forms. Build and test in CMP dev environment, promote to UAT.
• Deploy in production and support.

Confidential

PCI DSS Compliance Analyst

Responsibilities:

• Analyze data using RSA DLP
• Scan Confidential file servers and shares to identify potential files containing credit card information.
• Use Archer to design questionnaire for soliciting responses from the owner of the file containing credit card information
• Use Archer to track remediation of credit card information in the particular identified file instance
• Use Varonis tool to generate reports on file ownership and permissions
• Work wif file owners to remediate / remove credit card information from the file.

Confidential

PCI DSS Compliance Analyst

Responsibilities:

• Analyze data using RSA DLP
• Scan Confidential file servers and shares to identify potential files containing credit card information.
• Use Archer to design questionnaire for soliciting responses from the owner of the file containing credit card information
• Use Archer to track remediation of credit card information in the particular identified file instance
• Use Varonis tool to generate reports on file ownership and permissions
• Work wif file owners to remediate / remove credit card information from the file.

Confidential

Security Workflow Administrator

Responsibilities:

• Communicate wif the project managers and understand security requirements of their project
• Conduct Business Impact Assessment (BIA) for project in association wif the PM
• Complete information classification for all data items being stored / processed by the application along wif the PM
• Conduct SOX assessment. Determine if project would need controls to be implemented to be in compliance wif SOX
• Conduct assessments whether compliance to regulations for export control, import control, PCI, cryptographic technology would be in scope for the project. Work wif the PM on formal documentation of evidences.
• Communicate back wif the project managers and ensure project deliverables are complete from IT security stand point
• Conduct Top Level Assessment (TLA) to identify if any other regulatory compliance areas would be in scope in association wif PM.
• Conduct application health check to ascertain overall compatibility of the application wif regards to information security requirements.
• Once all project deliverables are found to be complete for a particular stage gate requirement, recommend an IT security sign off for the project stage gate.
• Hitachi Id Identity Manager to automate management of identity life cycles and entitlements. Following features of Hitachi Id were implemented - Automated updates driven by a system of record, workflow triggers for request approvals, certify access and complete tasks, Access certification process, reporting through dashboards and use of reports to generate analytics, Identity synchronization through the source and target end systems.

Confidential

Technical Lead

Responsibilities:

• Single point of contact between the customer's program manager (IDM Program team lead at Weyerhaeuser) and Wipro Delivery Manager and onsite + offshore team
• Handled the responsibility of Weekly status reports to the client program manager and Wipro delivery manager
• me was responsible for ensuring customer was satisfied consistently wif the Quality and Timeliness of the deliverables (Code + Testing + handling of support tickets)
• Report to Onsite account manager in a weekly touch base meeting every Friday.
• Hands On work approach wif all the members of the team on technical issues / deliverables
• Hands Off management approach. No micro management. Communicate both formally and informally wif team members. Escalate only if all else fails.
• Send team's billing inputs to the account management team every last week of the month, ensure effort entries were complete for all team members, generate PDMR report
• Conduct customer satisfaction and feedback and report back to onsite account manager, offshore delivery manager and QA manager.
• Responsible for overall smooth functioning of the operational day to day delivery and customer satisfaction.
• Production support for Weyerhaeuser’s Sun Identity Manager system and SiteMinder access manager for web applications. IDM implementation at Weyerhaeuser comprised of Sun Identity Manager and Netegrity SiteMinder for access management
• Responsible for resolving end user issues and service calls
• Responsible for up keep and maintenance of Sun me-AM application and related services
• Responsible for Identifying root causes in production issues in a timely manner and resolving them ASAP
• Responsible for handling server incidents
• Responsible for writing test plans for Weyerhaeuser’s Sun Identity Manager system
• Responsible for promoting incremental builds into test, QA and Production environments
• Responsible for deploying Sun identity manager builds into production environment
• Attend daily bug triage meetings, write test plans, conduct testing and identity the failure points
• Applications integrated wif Sun Identity Manager included enterprise AD, exchange across locations, secure remote access, company directory, additional end user capabilities like telnet and FTP
• Netegrity Siteminder was used for policy based authentication and authorization of users
• AD Group membership based filtering was also implemented for restricting access on certain tabs on the end user pages for web apps using Siteminder
• SiteMinder was also used to provide Single Sign On seamless authentication experience to end users for applications like SUN Identity manager end user interface itself
• Self service modules like forgot password, reset password, unlock user account were also implemented using SiteMinder engine
• SiteMinder was also used for restricting access to entire web applications itself, if a certain user was member of an AD GROUP. This requirement was developed using Siteminder to protect sensitive information about users who would need to share their AD passwords wif their colleagues but still be able to prevent access to their sensitive personal information on their corporate page.
• Self service capability was provided. Users would add or remove themselves from a certain AD group for restricting access to certain web apps for their user ID, if they needed to share their account wif their colleague.
• SiteMinder was integrated wif enterprise AD to provide single sign on capability to all integrating user applications.
• Design resolutions to issues identified in testing

Confidential

System Analyst

Responsibilities:

• Test Director tickets were prioritized by business for monthly release cycles. Responsible for resolving the assigned test director ticket for the designated release
• Analyze assigned Test director items and come wif proposed solution / solutions. Create formal design documents (doc or visio). Conduct design review meeting.
• Do coding once the design or design changes were approved by the WaMu technical architects.
• Unit test code in development environment. On successful unit testing, schedule code review meeting wif WaMu technical architects.
• Implement code changes in E. piphany Staging packages on successful code review. Redo the code in case of review comments during code review meeting.
• Unit test modified code. Deploy to stage if successful.
• Support E. piphany Interaction advisor (AP) production issues like scheduled jobs failing, errors in E. piphany production packages, issues wif new offer extensions.
• Custom report development for AP as per business requirements.
• Ongoing support and maintenance activities for E. Piphany Real time and Analytical platform components for WaMu.
• Assigned as Technical lead for E. piphany Real-Time (RT) and Siebel 7 application integration project.
• Responsibilities for Siebel 7 project involved being part of business discussions wif WaMu business team (contents and offers), E. piphany consultants and technical architects. These discussions were to formalize business expectations from Siebel 7 project and transformation of these requirements into technical implementation.
• Functional specification document (FS) and Technical design document were finalized and approved as outcome of these discussions. If functionality required new E. piphany custom functions create pseudo code for it in design doc.
• Started coding for Siebel 7 project as per functional specifications. Develop and unit test each functionality in the new ECC call center package.
• Schedule regular code review meetings wif WaMu technical architects.
• Attend project status meetings wif management and provide status on the progress of the work on weekly basis.
• Deployed new ECC package to staging environment for QA testing.
• Resolve bugs identified during QA testing. Schedule code reviews for bug resolutions.
• Bug resolution involved interacting wif multiple WaMu teams like E. piphany, middleware (MQ) and Siebel development team.
• Provide status to project management on outstanding bug counts and their resolution time frames.

Confidential

System Analyst

Responsibilities:

• Conducted application security audit for 3 applications (Titan, SNAP and Emerald) wifin COAF environment which have business application for Loan origination, decisioning, onboarding, funding and loan servicing. Prepared data flow diagrams & solution definition documents.
• Conducted meetings wif application owners to understand application flow technically and from business perspectives
• Analyzed data flow through the application and prepared MS Visio data flow diagrams (DFD) for 4 environments of the application namely, production, staging, testing and development. Wrote application processing narrative.
• Identified PII data locations along wif application owners. Conducted scanning using tool to identify other PII data locations. Depicted PII data locations on DFD along wif associated permissions.
• Performed file share analysis and identified potential problem areas. Recommended appropriate corrections. Performed user analysis & identified user groups accessing the application data.
• Performed data anonymization analysis for databases in the application. Analyzed scrubbing mechanism used. Identified gaps in database anonymization.
• Identified processes wifin the application accessing databases. Analyzed process authentication mechanisms for encryption (SSPI, NT authentication, proprietary DLL) and analyze various password mechanisms used wifin the application environment.
• Validated database users and roles list for appropriateness.
• Prepared solution definition document for the application being audited containing all the above findings and submission to IT risk management function wifin COAF.

Confidential

Systems Analyst

Responsibilities:

• Prepared use cases for user management (creation/deletion/disassociation/modification), password management (reset password/ forgot password / change password), role management (creating / assigning / disassociating).
• Prepared requirements specifications
• Prepared HLD & LLD.
• Coding for custom oracle financial adapter for Lighthouse. Waveset lighthouse was identified as the identity management tool in conjunction wif Sun One Access Manager.
• Development and deployment of custom adapter code for Oracle Financial application in java. Code development for LDAP ChangeLog Active Sync form for polling Peoplesoft HRMS application (in Xpress).
• Test Case generation (UAT/System/Integration) for testing functionalities for creation, End dating of user, End dating of responsibilities, modification of user attributes like email and description, forgot password, change password, password reset by app. Administrator, association of default user and administrative roles.
• Setting up onsite test environment for testing functionality of custom adapter. Environment setup included installing Oracle 10g database, BEA weblogic application server, waveset lighthouse. Configuring Lighthouse resources to point to LDAP and Oracle instances. LDAP Active Sync was setup to poll HRMS PeopleSoft.
• Deployed adapter code in test environment. Test environment pointing to live oracle financial application (replica of production environment for testing).
• Conducted Unit testing for adapter code. Identified bugs. Debugging through Xpress traces (Lighthouse debug pages) and adapter logs, made changes to adapter sources and re tested.
• Changes to custom adapter code and LDAP change log active sync form as per renewed requirements.
• Conduced user acceptance testing and integration testing. Documented the results of the testing & published.

Confidential

Systems Analyst

Responsibilities:

• Visited Sun Microsystems India Engineering center for Transfer of Information regarding Portal Server, Secure Remote Access and Mobile Access from Sun Engineers.
• Made changes to entire portal server source code which was platform dependent, subsequently started building the portal sources successively on HP-UX. Once the entire source code was converted on the porting branch, nightly automated builds were initiated on HP-UX platform.
• Created HP-UX depot packaging for Sun ONE portal server from SVR4 prototype files by using XML parsing, which generated PSF files.
• Sun ONE Portal server had its configurator coded in Confidential scripts on Solaris. This was highly platform oriented. Converted Portal server configurator to HP-UX platform.
• Conduct testing for successive builds. Install / configure all the prerequisite products for portal server like Directory server, Access Manager, Web / Application server. Subsequently, manually install Portal depots. First criterion to be fulfilled was Portal Server successfully coming up on configuration.
• The build would now be delivered to QA. QA would test it independently wif SILK test and file bugs in Bugtraq. Evaluate the bugs filed by QA, provide the fix, test & deliver to QA in next build.
• Ported the search functionality for portal server to HP-UX. This involved porting the prerequisite build time shared components like Berkeley database (libberk/libnet etc.) which were not available for HP-UX by default.
• Integration of HP-UX Sun ONE portal server wif common installer wif support for dependency resolution engine. This involved adding code to PPXML file for HP-UX platform. PPXML file was parsed by the CNPSDK based installer.
• Ported secure remote access and mobile access components for portal server.
• Keep track of bugs filed by QA and keep closure rate in accordance wif time lines for RR (revenue release) & GA (general availability) releases.
• Unit testing functionalities like secure remote access, mobile access, compass search etc.
• Conduct testing for various Portal scenarios like Portal Server deployed on Application server (EE/PE) or Web server. Portal & Access Manager deployed remotely, SRA & Portal deployed remotely. Cross platform testing wif atleast one or more the prerequisite products deployed on Solaris wif Portal deployed on HP-UX.
• Create L10N and I18N depots for portal server. L10N depots made Sun ONE Portal server available on HP-UX platform on 7 languages. Do testing for L10N & I18 Portal features.

Confidential

System Analyst

Responsibilities:

• Guiding principles were to protect the confidentiality and privacy of customer’s credit card information by encrypting credit card information residing in files and databases and securing its transmission across the network. Design objective was also to migrate the proprietary solutions implemented in segregation into a more standardized approach across D&B.
• Provide a Scalable, Platform independent, Global solution for encryption of credit card information across D&B.
• Scope of the project included review of all the access systems and back end databases dat accepted/stored credit card information including acquisitions like Hoovers, Harrisinfo.com
• Scope also included understanding credit card authorization and settlement process wif D&B external vendors like Paymentech, Verisign, CyberSource etc.
• Approach for the project included Requirement analysis, Gap analysis & Solution definition. Holding meetings/discussions wif representatives and owners for each D&B application and Interview them about the applications. Based on the findings Centralized Credit Card Transformation Service CCCT was proposed to support different combinations of platforms and their corresponding file systems and databases.
• Information regarding systems, technology and encryption were collected.
• Requirements included the real credit card number to be replaced wif irreversible value conforming to CC semantics (pseudo credit card number) to minimize impact on applications and CC no. placeholders. Requirements also included minimal changes to business processes, centralized key management, and automatic encryption/decryption between applications (transparent to user).
• Technical requirements included solution to be a centralized web service based on java2 framework & Sun JVM as runtime environment.
• Evaluate multiple options and vendors and recommend a solution dat is best suited for D&B. 4 options were suggested for the architecture of the encryption service and 1 option recommended wif reasons.
• Prepared a schematic representation of the entire D&B network connecting all the front-end access systems and back-end billing and Invoicing systems, depicting data of credit card information through the system.
• Prepared estimates of the impact of encrypting credit card information on the applications. Cost & effort estimates presented for each of the options to D&B stakeholders.

Confidential

Project Engineer

Responsibilities:

• Understanding the functional and design requirements and generate requirements document.
• Generate HLD and document.
• Development of the COM component.
• Write test cases for system testing.

Confidential

Team Member

Responsibilities:

• Conducted current state assessment & device risk assessment.
• Conducted vulnerability assessment exercise using Nessus, Nmap & other scanning tools (for report comparison)
• Prepared current state assessment, device risk assessment and vulnerability assessment reports. Conducted detailed discussions wif the clients for mapping the reports exactly as per their specific environment. Changes to the reports subsequent to the review. It also involved conducting VA for their ERP application JD Edwards One world.
• Conducted vulnerability fixing & hardening as per the VA reports & prepared fixing & hardening reports. These 2 reports clearly indicated the difference in the vulnerability level of the particular host/ server prior to & subsequent to fixing & hardening.
• Conducted attack & penetration using modem & dial up connection for identifying vulnerabilities from the external network. Prepared the penetration testing reports based on the findings & suggested recommendations for improvement.
• Prepared secure network architecture for GARMCO indicating the proposed changes to firewall configurations, router configurations, location of new/ additional firewalls, incorporation of virtual Lans for segregating the users for implementing stricter access control through the use of an internal router & managed switches. Final deliverable was a MS Word report & presentation to GARMCO management.
• Total of 21 policies were submitted as a part of BS7799 guidelines. Prepared the following policies in consultation wif the client’s email usage, Internet access, software change control, version control, application security, password policy, physical access, punitive actions, hardware change control etc.
• Implementation of the final policies in consultation wif GARMCO system administrators & management.
• Assisting/ advising GARMCO to float RFP (request for proposal) for acquiring the assets identified in architecture.
• Secure SDLC design guidelines & documentation for the same.
• Pre-assessment support to GARMCO for the roadmap towards achieving BS7799
  • certification.

Confidential

Team Member

Responsibilities:

• Interacting wif the onsite client coordinators at phoenix & disaster recovery/ backup support group at Bangalore regarding day to day production issues.
• Automating login process wif single sign on
• Password management including password auto-generation.
• Implementing open authentication supporting a wide range of authentication mechanisms.
• Personalized web page & user interface.
• API modifications for changing requirements and growing environment

Confidential

Team Member

Responsibilities:

• Modification of HTTPS server code for supporting SSO feature.
• Generation of dynamic pages dat were updated for applications and users being granted single sign on and also for all the new users & applications added.
• Front end “Form validations” using JavaScript for validating user input parameters.
• Integration of Apache wif the single sign on feature.
• Documentation for the above wif definitions of functions used.

Confidential

Team Member

Responsibilities:

• Prepared/ documented security policies as per BS7799 guidelines.
• Identified the vulnerabilities in the network supporting SAP.
• Devised a business continuity plan for Confidential in case the main server went down for more TEMPthan 1 hour.

Confidential

Team Member

Responsibilities:

• Studied the Confidential Trading & Corporate networks & prepared network diagrams using visio professional studio.
• Understanding of the hardware & network architecture along wif applications hosted on them like capital market, wholesale debt market.
• Preparation of security checklist for VOS operating system.

Confidential

Team Member

Responsibilities:

• Installation of Checkpoint of Firewall -1 on the Internet bank DMZ network.
• Implementation of NAT and applying firewall policies.
• Installation of Real Secure IDS wif network sensor and OS sensor.
• Hardening of the bank website by implementing security features for the ASP mailing component and implementing security checklists for IIS and NT servers.
• Going through the support manuals for Real Secure IDS and providing support to banks system administrators on an ongoing basis.