SUMMARY

• 7 years of experience with deploying one or more IAM solutions.
• Experience in implementing IAM solutions for complex enterprise environments with diverse user populations.
• Experience in Identity management solutions for User Provisioning, De - Provisioning, Joiners, Movers, Leavers, Attribute based provisioning.
• Outstanding analytical, communication and problem-solving skills with the ability to develop solutions to complex analytical/data-driven problems.
• Strong experience with Oracle, SQL, and Microsoft Office products: Visio, Excel, PowerPoint, Access, Word.
• Develop IAM policies & procedures, architectures, use cases, test, and implementation plans.
• Define Role Based Access Control (RBAC), Entitlement, and Segregation of Duty models.
• Writes scripts, templates, interfaces, and utility applications as needed to maximize efficiency and target continuous improvement.
• Role Based Access Control (RBAC) and Attribute Based Access Control (ABAC).
• Work closely with project teams and other architects to translate technology direction functional and technical roadmaps.
• Expertise in minimum enterprise identity & access management system, e.g., CA Identity Manager, Oracle Identity Manager, SailPoint Identity Manager, Saviynt.
• Responsible for provisioning users across endpoints like Active Directory, Oracle Directory, Radiant Logic, Unix, and RACF/Mainframe along with exploring and correlating users from the various endpoint.
• High Proficiency in analyzing Root Cause analysis, implementing solutions, and documenting.
• Understanding and experience with Identity Federation protocols such as SAML2.0, WS-Federation, OAuth, OpenID Connect etc.
• Experience with installation, configuration, migration, and administration of IAM solutions for Single Sign On (SSO), Federation services, Multi Factor Authentication (MFA) components.
• Hands on experience with SSO Products include Broadcom SiteMinder, ForgeRock, Okta.
• Implemented IDP and SP initiated journeys to deliver custom solutions as per business requirements.
• Technical understanding of entitlement management products and processes.
• Strong interpersonal, problem solving, organizational and time management skills.
• Have good knowledge of password management, password expiry, basic minimum password guidelines.
• Worked with peers, technical & business staff, vendors, customers, and all levels of management.
• Experience in services like change, problem, and incident management, proficient in tools like Service Now, Cherwell, HP service manager with a good understanding of ITIL concepts.

TECHNICAL SKILLS

Identity and access management solutions: SailPoint, Broadcom Identity Manager, Saviynt. CA SiteMinder, OKTA, ForgeRock

Programming and scripting: UNIX Shell Scripting, Java, HTML, JavaScript

Change Management: Service-Now, HPSM, Cherwell

Monitoring and Administrative Tools: Splunk, Dynatrace, Wily Introscope, Apache Directory Studio, Microsoft SQL Server management studio, Softerra LDAP Administrator, Postman, SOAP UI, Fiddler

Operating Systems: Windows 2008/2012 R2/2016, Red Hat Linux.

PROFESSIONAL EXPERIENCE

IAM Engineer

Confidential, Charlotte, NC

Responsibilities:

• Execute and track security process related activities including User ID management
• Ensure strong controls and discipline are in place to manage efficient services levels, and effective controls around Moves adds and changes, provisioning and de-provisioning, and attestation
• Created Custom tasks, Custom Objects to update the entities in the system which are scheduled every week.
• Built Joiner, Mover, and Leaver workflows to maintain user accounts.
• Involved in creating custom reports, certifications to cater various data feeds.
• Participated in all SailPoint deployment activities - connector configuration, custom rule development, workflow configuration and development, third party system integration.
• Created and implemented static/dynamic roles, configured entitlements and policies.
• Analysis of the specifications provided by the client and help Project Manager to estimate the effort required.
• Developed Rules like Build Map, Correlation, Exclusion, Policy Violation,
• Policy Formatting etc., as part of connector development.
• On boarded different applications into SailPoint IDM.
• Managed client requirements and configured SailPoint IIQ connectors.
• Configuring the Applications (Authoritative and Non-Authoritative) using AD, Flat file, JDBC and LDAP connectors to load the Identity Cubes.
• Performed Access re-certification, automatic manual remediation for applications managed by SailPoint for Employees and Contractors.
• Designed and implemented solutions which manage the Identity lifecycle of almost all applications with the enterprise, without directly controlling the identity store within the application.
• Working with Access Control processes and properties such as User Provisioning, Onboarding, Role-Based Access Control (RBAC), Authorization models, Single Sign-On (SSO), Active Directory
• Oversee the automation of user access activities including access request, approval, provisioning and de-provisioning, and certification/re-certification
• Develop IAM programs and establish new quality assurance processes to increase effectiveness
• Monitor metrics to measure program effectiveness, and compliance against standards and deliver reporting to provide assurance to product owner.
• Working knowledge of access certification and provisioning tools and processes
• Proven awareness and understanding of identity and access risk management, compliance, information protection, regulatory concepts, and requirements

IAM Consultant

Confidential, Melville, NY

Responsibilities:

• Created and updated the provisioning policies as per the change in the business environment using Policy Xpress.
• Developed multiple Policy Xpress to trigger various tasks and to generate standard company requirements like the generation of unique IDs, passwords, emails, etc.
• Integrated Active Directory via interceptor.
• Deploying SailPoint IIQ Connectors for various target systems.
• Hands-on with aggregation, workflows, tasks, rules, and roles.
• Understanding of Role Based Access Control, Governance and Access Certification in SailPoint
• Experienced in migration project.
• Involved in the design and implementation in SailPoint IIQ modules Life Cycle Management and Compliance Management
• Involved in the developing workflows (JML process) with two level approvals.
• Provide subject matter expertise/consulting for web authentication,
• Single sign-on, federation, SAML and related technologies.
• Implemented solution to give end users a business-friendly dashboard to
• View status of pending and completed requests.
• Handled complex SSO environment setup (Multifactor Authentication setup) Troubleshooted system failures, identify root cause and fix issues, ensuring the availability of the system.
• Verification of security entitlement information is imported into SailPoint
• Implemented SailPoint IdentityIQ to periodically review employee access to high-risk Sox Applications.
• POC for migrating from SiteMinder to ForgeRock
• Experience in deploying ForgeRock OpneAM and OpenDJ in AWS DevOps env
• Installed and configured Password Synchronization Agent.
• Integrated the Exchange gateway server in CA Identity Manager.
• Creation of new endpoints and Account Templates.
• Good experience in setting up Bulk Load Clients and automating different tasks.
• Act as a subject matter expert for SSO features

IAM Engineer

Confidential, Lakeland, FL

Responsibilities:

• Integrated Active Directory with CA IDMvia interceptor.
• Installed and configured Password Synchronization Agent.
• Integrated the Exchange gateway server in SailPoint.
• Creation of new endpoints in CA Identity Manager and Account Templates.
• Good experience in setting up Bulk Load Clients and automating different IDMtasks.
• Responsible for provisioning users across endpoints like Active Directory, Oracle Directory, Radiant Logic, Unix, and RACF/Mainframe along with exploring and correlating users from the various endpoint.
• Provide support to multiple technologies Incident/Problem management using tools like ServiceNow.

Identity Access Management Engineer

Confidential, Ashburn, VA

Responsibilities:

• Experience with SAML 2.0 while implementing Federation between PartnerWebsites.
• Integrate applications from development to production, assist development teams in identifying and resolving various issues related to SiteMinder.
• Configured the Policy Domains, User directories, Rules, Realms, and Policies for protected web resources.
• Worked with SiteMinder federation services to provide the necessary sign-on solutionsfor SSO with external partners.
• Created and updated the provisioning policies as per the change in the business environment using Policy Xpress.
• Configured failover, load balancing, and high availability solution for Policy Servers, Policy Stores, and User Stories.
• Performed POC for Ping Access Authentication Solutions.
• OKTA for cloud Identity as a Service (IDaaS)
• Involved in creating Federation connections using Active Directory Federation Service (ADFS) and SiteMinder
• Provided 24x7 support for Infrastructure in staging and production environments.
• Worked with engineering team to document technical specifications and procedures for SiteMinder best practices and future references.

Site Minder Specialist

Confidential, New York, NY

Responsibilities:

• Assigned as a consultant to install, configure, upgrade, maintain, and support enterprise infrastructure security solutions and middleware solutions on CA SiteMinder r12.0 SP2.
• SiteMinderadministration for agents, agent configuration objects, logs, and cache management.
• Involved in setting up policy servers, web agents, and web agent option packs forSiteMinderfederated web services.
• Experience with SAML 2.0 while implementing Federation between PartnerWebsites.
• Integrate applications from development to production, assist development teams in identifying and resolving various issues related to SiteMinder.
• Configured the Policy Domains, User directories, Rules, Realms, and Policies for protected web resources.
• Used CA Identity Minder for user provisioning and life cycle management
• Configure Service providers, Identity Providers, and update SAML Certs for SAML and troubleshoot any issues related to it.
• Deployed applications on the clustered environment and performed load balancing
• Worked with Web Administrators, LDAP Administrators to determine the best values forSiteMinderparameters and tune the system to boostSiteMinderperformance in the Web Tier, the Application Tier, and the Data Tier.
• Configured and tested LDAP connection settings for applications requiring access to theActiveDirectorytree.
• Manage and troubleshoot LightweightDirectoryAccess Protocol authentication for applications.
• Configured failover, load balancing, and high availability solution for Policy Servers, Policy Stores, and User Stories.
• Cross forest/domain migration of users for acquisition and removal from the enterprise.

Jr.Java Developer

Confidential

Responsibilities:

• Worked in a SiteMinder engineering team providing services to design and implement CA SiteMinder SSO and Federation integrations.
• Worked on upgrading SiteMinder environment from R12.5 to R 12.52.
• Worked on the projects to design, develop, and enforce the Single sign-on multi-domain infrastructure.
• Worked on a project to add additional infrastructure capacity to increase the load handling capability in the Production environment by adding 4 new servers in the Production environment.
• Install and configure CA secure proxy server R12.5 and setup SiteMinder Federation services using SPS.
• Co-ordinate the changes for an optimized plan to minimize downtime across the DEV, TEST, STAGE, and PRODUCTION environment.
• Worked on a project with the CA core team to discuss and design health check suggestions to improve the health and performance of the SiteMinder environment within the infrastructure.