Summary

• SiteMinder Consultant with over 12 years of extensive hands-on background in handling SiteMinder and LDAP projects for various technology giants.
• Installed and configured Netegrity/CA SiteMinder Infrastructure which constitutes Policy Servers, Policy Stores and Webagents in Windows, Solaris and Unix operating systems.
• Integrated Siteminder protected applications with the CA's latest acquisition product from Arcot called the AuthMinder and the RiskMinder Engines for the real time risk calculations.
• Carried out a successful POC for CA Secure Proxy Server and implemented the latest feature Enhanced Session Assurence with Device DNA feature which is released in the current 12.52 Siteminder version.
• Handled the CA's Identity Manager for the self-service applications.
• Implemented the CA's Advanced Password Services to enhance the customer experience by providing the self service features such as Change Password and Recover Password as per the company password policies.
• Performed the version upgrades succesfully SiteMinder from 4.x to 5.5 and 5.5 to 6.0 and 6.0 to R12,R12 to 12.5,12.51,12.52 respectively and SunONE DS from 5.1 to 5.2 and 5.2 to 6.3 and to the latest Oracle Directory Server Enterprise Edition on Solaris and Windows platforms
• Involved in setting up SSO environments. Implemented SSO for web applications protected with SiteMinder which are hosted on both single and multiple cookie domains.
• The various authentication schemes which I am exposed to are Basic authentication, Basic Over SSL, HTML forms based authentication, X.509 client certificate authentication, Token authentication schemes, Secure ID Authentication, Knowledge Based Auth KBA and Custom Authentication as per the client requirements
• Installed and configured the CA's SAML 2.0 Federation with a HTTP-POST binding serving as Identity Providers and also Service Providers.
• Exposure to Application server agents on Websphere and Weblogic application servers.
• Installed and configured the Sunone LDAP 5.0, 6.0 6.3/ now the Oracle Directory Server Enterprise Edition 11g directory servers which served as User Stores and Policy/Key stores.
• Profound knowledge on LDAP architecture, extending the schema as per requirements, setting up multi-master replication, etc.
• Hands on Experience with Certificate Authority CA product for issuing digital and SSL certificates
• Administered and supported the RSA Authentication Manager Suite for issuing and maintaining the RSA Soft tokens.
• Worked with another vendor called the Activ Identity in integration with Siteminder to protect the applications using a 2 factor authentication mode with both Soft and Hard Tokens.
• Handful of experience in Performance tuning of SiteMinder and LDAP for better functionality, availability and to boost the overall throughput. Designed and implemented high availability solutions through load balancing fail over
• Trained first level support engineers on SiteMinder concepts,Webagent installations and configurations.
• Author for the runbooks for Installations, Application Integrations and Upgrades of the various tools detailed.
• Excellent Team player, good interpersonal, written and communication skills.

Technical Knowledge

Directory Servers

Oracle Directory Server Enterprise Edition ODSEE 11g, Sun ONE Directory Server 5.x, 6.0,6.3 Microsoft AD Active Directory , Oracle Unified Directory Server

Single Sign On Products

CA/ Netegrity SiteMinder Policy Server 4.x/5.x/6.0/12.0/12.5/12.51/12.52 SP1, SP2, SP3, Web agent 4.x/5.x/6.x/12.x/12.5/12.51/12.52

Operating Systems

Sun Solaris, RedHat Linux, AIX, Windows

Application Servers, Web Servers and Messaging Servers

Apache Tomcat, SunONE Application Server. IIS 6.0,7.0, 7.5, iPlanet WebServer, IBM Apache Web Server, Weblogic, Websphere, ASF Apache

Soft/Hard Tokens

RSA / Activ Identity

PROFESSIONAL EXPERIENCE

Confidential

Security Architect

Responsibilities:

• Worked on a major project Global Visa online which includes the Reverse proxy configuration for the Siteminder agents from the front end ERS Apache Proxy server to the backend SharePoint Servers.
• This involved the building of servers from the scratch for the Siteminder Policy Server R12, the Web agents installation and configuration on the frontend and the backend servers.
• A major piece of this project included the SAML Federation between all the geographical locations of VISA.
• Advanced Password Services APS was a good bullet point which I am able to add on to my experience from this project.
• Policy store consolidation was designed to consolidate the existing R6 and the latest r12 in the production environment is a plus.
• Carried out a successful POC with Secure proxy Server and implemented the latest feature Enhanced Session Assurance with Device DNA feature.
• Implemented the CA's Authminder and Riskminder for offering OTP and Real time risk assessment features.
• Performed the Upgrades for the Magellan Application which includes the CA SiteMinder Policy Server, Oracle Directory Server Enterprise Edition CA Identity Manager.
• The product support matrix was defined to identity the compatible versions between all the security products.
• Installed and Configured CA SiteMinder Policy Server from the scratch on four Windows 2008 servers across DEV QA environments with the latest version of R12 SP3 CR04.
• The tools like smobjexport and smobjimport were used from the command line to export the entire policy store from the working previous versions of SiteMinder.
• Siteminder WAM UI and the Federation UI's were installed and configured leveraging the IIS 7.0 web server and the out of the box JBOSS Application Server.
• Built the Oracle Directory Server Enterprise Edition 11.1.1.3 on four Windows 2008 servers to act as User and Policy Stores. Leveraged the tuning parameters for better performance.
• Multi-master Replication is configured between the servers for both User and Policy Stores for high availability.
• The CA Identity Manager version R12.5 SP6 is installed and configured on 6 Windows 2008 servers. The Directories and environments were polished and imported from the R6 environments.
• Configured the CA SiteMinder Web Agents to protect the Identity Manager Environments. The agents were constructed on IIS 7.0 web servers.
• Moved to the Magellan Project with the similar responsibilities as of DPS Upgrade project on a different OS all together.
• Build the CA SiteMinder Policy Servers on 3 RHEL 5.x servers with the latest and greatest R12 SP3 CR005 version through DEV and QA environments.
• Created new instances for the User and Policy Stores on Red Hat Directory Server 8.x version.
• Worked on CA Directory Server in the build and configuration phase to act as User and Policy Stores.
• Installed and manually configured the SiteMinder web agents on the Apache web servers on RHEL OS.
• Author for the run books for the Operations team for the CA SiteMinder Policy Server, CA Directory Server CA SiteMinder Web Agents run books for the Magellan Project.

Confidential

Security Architect

Responsibilities:

• Successfully carried out Siteminder upgrade 6.0 sp5 to R12 sp3 in the POC stage.
• Upgraded Siteminder Policy Server and Webagents to R12 sp3 cr1 following a four step procedure from compat mode to FIPS mode
• Integrated a banking application with Arcot Webfort and Riskfort servers for real time risk assessment and high level of security.
• Administered the RSA/ACE servers for issuing the Soft tokens for the VPN purpose as well as the applications which uses RSA Token authentication.
• Installed and configured Siteminder Policy Server 6.0 SP5 to utilize Sunone Directory Server as the user and policy store on Windows environment.
• Supported LDAP Infrastructure in creating user accounts.
• Installed and configured Siteminder Webagents with IIS, Apache and IBM HTTP Servers for the web interface and IBM Web Sphere plugins for the application layer.
• Solely handled the portal project which includes the Siteminder Integration with the Weblogic application servers. Hence got handson experience with the Application Server Agents ASA .
• Created policies, realms, rules and responses to implement the single and dual factor authentication using RSA Secure ID Token based on the business requirements.
• Implemented password policies for all the applications using Siteminder Policy Server. Configured APS, FPS, Rules, and Help Desk Functionality Replacement.
• Installed and configured CA Wily Monitoring Tool to monitor the runtime activities for Siteminder and LDAP Infrastructure.
• Volunteered for verification of bulk servers and the applications after the completion of patching cycles.
• Created inventory lists for the entire architecture including the web and application layers and supported applications for ease of administration and troubleshooting
• Responsible for Netegrity /CA Siteminder infrastructure maintenance, support and deployment in development, test and production environments on 24/7 basis.

Environment: Windows Server 2003, SunONE Directory 5.2, Netegrity SiteMinder 6.0 SP5, Apache 2.2.8, IIS 6.0, IBM HTTP Server, IBM Websphere 6.1

Confidential

SiteMinder Administrator

Responsibilities

• Installed SiteMinder 6.0 SP5 and implemented SSO across multiple domains and Lines-of-business. Created policies, realms, rules, responses to protect the applications and validate the users to work under SSO environment.
• Enabled the Single Sign on across multiple cookie domains.
• Upgraded the Siteminder 6.0 SP5 CR9 Policy server to CR18 and later on to CR29 Versions.
• Used smobjexport and smobjimport to promote SiteMinder policies to higher environments.
• Installed and configured the Siteminder Webagent on various web servers such as Apache 2.2.8, ISS 6.0 across different platforms.
• Also Upgraded the Siteminder Webagent from 6.0 SP5 CR9 to CR18 and to CR29.
• Handled a project on Federation using SAML 2.0 HTTP Post Binding method.
• Responsible for Application Integrations right from POC through Production in designing the policies.
• Monitored and Tuned System, DB and Entry Cache Utilization, Replication Transpute. Created Indexes to attributes that are used in searches to ensure high performance and to meet compliance determination requirements.
• Integrate applications from development to production. Assist development teams in identifying and resolving environment-related issues
• Offered 24x7 production support.
• Hands-on in providing the documentation to the required teams about the Siteminder procedural steps.

Environment: Sun Solaris 10.0 O/S, SunONE Directory 6.3, Netegrity SiteMinder 6.0 SP5, Apache 2.2.8, IIS 6.0.

Confidential

Security Architect

Roles/Responsibilities

• Installed and Upgraded the SiteMinder from 4.x to 5.x. Used smobjexport and smobjimport to promote SiteMinder policies to higher environments
• Implementing SSO across multiple domains and Line of business. Created policies, realms, rules, responses to protect the applications and configuring them to work under SSO environment
• Upgraded SAML Affiliate Agents from 4.x to 5.x and Web Agents from 4.x to 5.x and maintained further releases to bring same level versions across SiteMinder Enterprise Environment
• Configured and defined the policies for SAML Affiliate Agents to identify User across Portal sites
• Analyze the existing configuration and provided the solution to integrate the SiteMinder with several web applications. Designed the SiteMinder single sign on and authentication
• Installed and Configured Web agent on IIS 6.0 and Configured the Proxy Connection with iPlanet Application Server
• Took the initiative and redesigned the LDAP Directory architecture and Schema to implement the enhancements to existing business rules. Re-engineered and designed LDAP Schemas and DIT to implement enterprise wide centralized repository
• Documented all Tasks Plans, Conclusions, Findings, Configuration Settings, SUC BUC System and Business use cases , Recommendations, Logical Flow Diagrams of SiteMinder environment and provided 3rd level support in Production
• Coordinated with testing team to end-to-end regression tests on SiteMinder Protected sites. Coordinated with several application teams and system administrators, responsible for rolling out SiteMinder implementation and various releases into production seamlessly

Environment: Netegrity SiteMinder 4.x/4.51, Sun Solaris, SunONE web server 4.0, Windows Server 2000, Microsoft IIS, iPlanet Directory Server, MS Active Directory.

Confidential

Network Administrator

• Forge Info Systems is custom software Development Company based in India and has god number of clients across the world. As a part time employed for this company, I was responsible for Network / infrastructure administration, installation, configuration, support of Windows 2000 Advanced Server, MS Exchange Server. Also responsible for Web Servers such as IIS, Tomcat administration and support and various other Network Administration job duties.