SUMMARY:

• 8+ years of experience in Identity and Access Management Implementation Single Sign - On, Identity Federation using CA Site Minder, Ping Federate, Tivoli Access Manager. Involved in designing and implementation of end-to-end security solutions involving different security products.
• Extensive experience in Client interaction and support maintenance engagement in Web Authentication.
• Successfully implemented Web Access Management Solutions using Ping Access 4 and other security products like CA Single Sign-On (CA Site Minder).
• Having strong experience in Middleware Security Product Administration. This includes extensive work in Installation, Configuration, Deployment, Administration, Trouble Shooting and Migrating of CA/Netegrity Site Minder, CA Governance Minder, Sun One Directory Server, Web security, network security, database systems, and Enterprise Document Management.
• Experience in User Directory Administration and System Administration. Experience in debugging of authentication / authorization related issues and creating Rules, Responses, Realms and Policies in Site Minder.
• Expertise in Installation, configuration, deployment and maintenance of the Site Minder components the Policy Server, Web Agent, Policy Store and Key Store certificate store.
• Involved in Web Agent upgrades from 5.x to 6.x and 6.x to R12.51
• Upgraded CA Site Minder Policy Server from R6.X to R12 version and R12 to R12.51 versions.
• Hands on experience on Ping Federate, Oracle IDM, CA Single Sign-ON, CA Advance Authentication, CA Secure Proxy Server, Ping Access, and Ping Cloud.
• Migrated Web Authentication solutions from CA Single Sign-On (Site Minder) to Ping Access 4.
• Experience in SAML based authentication 1.1 and 2.0 using Ping Federation, Site Minder Federation and integrate with Site Minder authentication and another adapter.
• Experience in deploying SAML based highly available solutions using Ping Federate and other security products.
• Extensive experience in client interaction and support maintenance engagement in security.
• Designed and implemented Ping Identity Solution for Web Access Authentication using Ping Access and Ping Federate.
• Successfully upgraded Ping Federation Services from 6 to 7 and 7 to 8.
• Implemented OAuth and OpenID for mobile and non-browser solutions using Ping Federate.
• Worked on all the Ping Federate OAUTH grant types to get the access token in order to access the protected API.
• Hands on Experience working on multiple Ping Federate adapters like http adapter, token adapter, and composite adapters.
• Experience in token, FORM based authentication and X.509 certificate based authentication and creating Custom Authentication Schema and adapters.
• Hands on working experience on LDAP products like Oracle ODSEE, CA Direction.
• Experience with LDAP Architecture includes DIT and Replication Mapping between replica hub/consumer, Multi-Master/Single-Master in Sun One Directory server.
• Fine-tuned and set up High availability with LDAP and Site Minder. Tested and implemented back up, recovery.
• Experience in understanding Failover, Load Balancing (F5, A10), GTM other network tasks.
• Experience in installing and implementing Web Application servers IIS, Apache, I Planet/Sun/Oracle Web servers, IBM http web server, Apache Tomcat, I Planet App server, web logic, web sphere.
• Installed and configured Ping Access servers, Gateways and Agent to protect the resources. Including in the new infrastructure were the installation of PingFederate and PingAccess
• Worked on Ping Access Integration with Ping federate to Protect the applications using Ping Access Tokens. 
• Worked on OAM to Ping Access Migration with session management and authentication management using ping federate.
• Expertise in configuring and troubleshooting Webservers like Apache, IIS, IHS (IBM HTTP Server).
• Worked on OAM installation and configuration to protect the applications and allow users single sign on.
• Experience as a configuration administrator to protect web applications using CA Single Sign On.
• Implemented a secure identity and access management infrastructure design, authentication, authorization and business application integration, custom-built solutions and technology frameworks.
• Involved in Capacity management with hardware and software architecture for middleware integration and management

TECHNICAL SKILLS:

IAM Products: PingFederate6.0/7.0/8.0, Site minder Policy Server R12.5, 12.6, Site minder Web Agents, CA Federation, OAM, MIIS, CA-E trust admin, CA Directory Sun One Directory Server, CA Identity Management, CA Governance Minder, Oracle Directory Server 11g

Programming Languages: Java, Perl, shell script.

Web Servers: IIS, Apache, Tomcat.

Operating System: Unix, Saloris, AUX, Windows Servers, Linux (RHEL, SUSE)

Incident management tool: Service Now, Sail Point, Global Event Management, Remedy and HP.

PROFESSIONAL EXPERIENCE:

Confidential, KY

Sr. SSO Consultant

Responsibilities:

• Designed the architecture based on technical requirements and implemented the solution with CA Identity Manager r12.5 SP8 CR2, Site Minder 12.52, Governance Minder 12.6.1 with my Experienced in installing and configuring CA Governance minder. Configuring import and export of user and privilege information.
• Implement CA Governance Minder and CA identity Suite software. Independent responsibilities included the installation, configuration, customization, and ongoing maintenance of CA Governance Software in cloud platform.
• Migrated SAML Based SSO partners from CA Single Sign-On federation to Ping Federate 7.
• Hands on CA Site Minder Primary Security Operations.
• Used Ping API to deploy and create SAML changes.
• Implemented Design Security Network on CA Single Sign On.
• Good knowledge on Docker Security.
• Configured and supported SAML based Identity & Service Provider connections
• Implemented open ID and OAuth solutions using Ping Federate.
•  Extremely capable at developing custom SSO integration in PHP, C#, Java, Node.js and Meteor 
• Skilled at project management, documentation, communication, training and providing technical support 
• Implemented JWT token instead of traditional http headers.
• Created Custom Adapter Replacing Site Minder 3.0 Ping Federate Identity Provider adapter.  
• Expertise in open source and commercial SAML Identity Provider and Service Provider implementations (Shibboleth, Simple SAML php and ADFS) 
• Resolve complicated IDM issues and health checks for IDM system.
• Utilized IAM protocols such as SAML, O auth, OpenID 
• Support enterprise data backup (VTL) Backup Exec, Net Backup, and HP Open view, HP data protector
• Design and implement Identity Manager 3.6 with different drivers (AD, Notes, LDAP, Exchange, SOAP, JDBC, Active Directory, directory) 
• Performed Proof of concept for Open AM, Ping Access 3 and CA Single Sign-On R12.52.
• Supported development with integration of Mobile Apps using OAuth/SAML in Ping federate
• Developed custom Ping Agent using Ping SDK and Implemented SAML Protection with Digital Signature.
• Designed, deployed and supported highly available and scalable Ping federate infrastructure in AWS and On-premise that provides single-sign-on (SSO) and federation solutions for internal accesses.
• Performed POC for Ping Access Authentication Solutions.
• Created SP /IdP connections using Ping Federate with external partners.
• Developed shell scripts for backing up current setup and upgrading between different Ping federate versions.
• Hands on Vulnerability Assessment page injection flaw.
• Deployed several Ping federate integration kits for Apache, Core blox, Atlassian, Java, PHP, Symantec VIP, Agentless, IWA etc., to establish the “first- and last-mile” implementation of a federated-identity.
• Creating Open SSL Certificates and using the same for Federation of external Services to achieve the purpose of maintaining confidentiality, message integrity and non-repudiation. 
• Implementation of fully API based SSO architecture using CA Site Minder, CA IDM, Ping Federate, and Radiant Logic Virtual Directory Server which accomplishes end applications integration with SSO easier. 
• Responsible for successfully completing POC.
• Install TIM/TAM/TFIM and provide 24/7 support for TIM.

Environment: Ping Federate 8.3, 7.1 SAML 2.0, OAuth2.0, AD, Java, PowerShell, Oracle ODSEE 11g, Web Agents, Policy Servers, Oracle LDAP Directory Server 11.0g, IBM WebSphere, CA Identity Management, CA Governance Minder SQL Server, HTML, SQL, SSH, MS Visual, Tivoli Access Manager

Confidential, NC

SSO Engineer

Responsibilities:

• Successfully upgraded Ping Federation Services from 6 to 7.
• Implemented Ping Federate solution with Services like AWS, Service-Now, Salesforce, Oracle Fusion.
• Integrated Siteminder with Ping federate using Core blox token translator to bridge the SSO gap between applications protected on either system.
• Involved in Requirements gathering, development if required, integrating and testing for enabling SSO for the application.
• Integrated internal Applications, SAAS based applications using SAML 2.0, SAML 1.1, WSFED and OAuth 2.0.
• Provided solutions for complex application using Site Minder and Ping Federate.
• Integrated Site Minder to third party internal applications like Clarity, Splunk, Alarm Point, Good integration and Service Now.
• Written custom active responses to extend the capabilities of Site Minder and to support the client requirement.
• Provided Impersonation, share point, HR Services, Sales Force solution using Ping Federate and Site Minder.
• Manages 350+ federation partnerships via Ping Federate on a day to day basis, which involves provision users to cloud applications using Ping 3rd party plugins.
• Successfully supported to migrate/Build all the infrastructure to a new an environment.
• Upgraded Site Minder from R6 to R12.52, R12 to R12.52.
• Configured application agents on People Soft, WebSphere, WebLogic and OBIEE.
• Worked on internal application like Splunk, Service-now, Wily to customize to our team and management requirements.
• Created scripts to monitor Apps, dashboards, backup LDIF and generated reports.
• Supported production environment with out missing any SLA’s and supported TIAA-CREF environment 24 X 7
• Created Shell Scripts for monitoring and reporting site Minder, SPS, CA Directory, Web agent, and Tomcat services and accordingly perform failovers or Scale services.
• Automated identity management tasks such as user provisioning, role based access control, delegated administration; attribute based auditing and reporting using CA Identity Manager.
• Designed and implemented ADFS 2012 R2 SSO federation plus filtered Windows Azure AD Sync to enable hybrid Exchange 2013 and other Office 365 services
• AD domain global consolidation and AD/ADFS/Exchange migrations including Office365 and tenant to tenant migrations, plus SSO with ADFS 2012 R2 for Office 365 and other partners
• Consulted on numerous solution designs regarding migration strategy for AD, Exchange, Office 365, and ADFS
• Worked closely with local administrators and assist with on Premis Exchange Server with preparation for the migration 
• Travel to other sites to perform in server migration/installation and setup.
• Hands on experience with IIS, IBM IHS, Apache, Sun One Web servers and WebLogic and WebSphere Application servers in Identity and access management environment.
•  Experience in using Unix/Linux utilities for analyzing logs, and trouble-shooting the applications with Application servers and Security/Identity management servers.
• Engaged in architect design, implementation and roll-out of Tivoli core products and Tivoli Access Manager/Web SEAL/LDAP.
• Installation and Configuration of other IAM components - IBM Directory Server 6.1, Tivoli Access Manager Policy Server, Access Manager Authorization Server, Tivoli Access Manager Web SEAL Server, Web Sphere Application Server (WAS 6.1), IBM UDB DB2 

Environment: Ping Federate 7.1 SAML 2.0, SAML1.1, WS-FED, OAuth2.0, Active Directory, ADFS, Tivoli Access Manager Java, C#, PowerShell, CA Identity Manager, SSH, LDAP, ILM.

Confidential, OR

Web Authentication Engineer

Responsibilities:

• Installed and configured CA Site Minder R12 SP3 Policy Server.
• Installed and configured CA Secure Proxy Server R12.
• Installed and configured CA Directory R12 Server as Policy Store.
• Created Multi-level authentication scheme using CA Site Minder.
• Integrated numerous application using Web Agents traditional model and CA Gateway Access model.
• Created Multi-Domain Single Sign-On solution using Cookie Provider.
• Installed Web Agents on different web servers flavors like Apache, IIS and Sun One.
• Worked on different Operation Systems like Linux RHEL, Unix and Windows 2008 R2.
• Implemented Federation Solution using SAML 2.0 Ping Federate 6.
• Attended business meeting to understand the SAML requirements and created the connections.
• Created Idp Adapter and SP Adapters and Data Stores.
• Worked on Open Token, Core Blox, Form Based Adapters.
• Participated in Ping 6 to Ping 7 upgrade.
• Performed Migration from ODSEE to CA Directory.
• Installed and configured CA Directory R12 Servers.
• Created feed scripts to sync the Data between AD and other party Directory Services.
• Created Monitoring and Cron tab scripts as part of regular maintenance.
• Supported the Production critical environment 24x7.
• Have experience working with Change Management, Change Release and Incident Management teams.
• Experience using Monitoring tools like Net cool, and CA Wily.
• Experience working on Oracle WebLogic and IBM Web Sphere.
• Experience working on CA Application Server Agent and 4.x Web Agents.
• Implementation and roll-out of Tivoli core products and Tivoli Access Manager/Tivoli Identity Manager/ Tivoli Directory Integrator /Web SEAL/LDAP.

Environment: CA Single sign on (6.0/12.51), Ping Federate 6.x/7.x, Oracle DSEE 11g, Microsoft Active Directory, Web Agents, Oracle LDAP Directory Server 11.0g, IBM WebSphere, SQL Server, HTML, SQL, MS Visual. Tivoli Accesses Manager

Confidential, CA

Site Minder Engineer

Responsibilities:

• Involved in the Analysis, Design, development, Installations, Configurations, upgrades and deployment.
• Integrated many applications in Policy server by creating new policies.
• Installed and configured various web agents in accordance with the web servers involved both on Windows and UNIX.
• Configured few applications with Custom responses and with custom authentication schema.
• Created Realms, Rules, Policies and Responses for protecting applications to work under single sign on environment. Implemented password policies for all the applications using Site Minder.
• Implemented password policies for all the applications using Site Minder.
• Created policies, realms, rules and responses to protect the applications and configure them to work under the SSO environment.
• Configured load balancing and failover mechanisms for various Site Minder components in different environments.
• Upgraded Site Minder Policy server from version 6.0 sp1 to 6.0 sp5.
• Worked on almost 60 policy servers in production environment.
• Configured multimaster replication setup in the production environment across multiple data centers.
• Configuring User Authentication Stores and Policy Authorization Stores on LDAP.
• Installed and Configured MDHA Authentication Servers.
• Installed and configured web agents on IIS Web Server, IHS Web Server.
• Installed and configured Oracle web sphere and Worked on bridge between Site Minder Policy Server and Web sphere.
• Provided 24/7 on call support for solving Tickets on a rotating basis with other team members.
• Worked on many Production Issues with High Priority.
• Assisted load-testing team by Monitoring Policy Servers during load tests. Provide application support for the Integrity Site Minder.
• Work with team on the daily problem resolutions and on the escalated issues for user administration.

Environment: SiteMinder 6.0sp5, r12 sp3, Web agents 6QMR4,6QMR5, R12 Active Directory Server, Ping Federate, Windows 2003 and 2008, Red hat Linux with Apache 2.2 and IBM HTTP Web Server, IIS 5.0 ,6.0 and 7.0.