PROFESSIONAL SUMMARY:

• An Identity Federation and Access Management (IAM) Consultant and subject matter expert with about 7 +years of experience across Banking & Financial services, Utilities and Public sectors. Has successfully implemented and supported more than 12 IAM Solutions across US in a client facing capacity, interacting both business and technology stakeholders including, but not limited to, CTO, Director - VP Security, Principal Architects and Security Architects from varied Lines of Business (LOB).
• Policy Server Domains, Affiliate Domains, Realms, Rules, Policies, Active response, Accept/ Reject Rules, Authentication Schemes like Multi - factor/Step-up/X 509 authentication/Custom Authentication Schemes, Agents configuration, Host configuration, User directory and mappings, Password Policies APS, PKI Signing encryption s, SM-Profiling, Backup Strategy, Failover and load-balancing, Policies export, import and xpsconfig.
• Agents Agents installation and configuration on different web servers like Apache, IBM Http server, IIS, WebSphere, Weblogic, Reverse-Proxy setup on the web servers to application servers, load balancing of agents, Sticky Sessions
• Agent option pack Federation web service installation and configuration on different application servers ServletExec-IIS, Apache-Weblogic, WebSphere. Auditing, logging, tracing of Federation web services
• Federation Manager/FSS SAML-WS-Fed Implementation Creating IdP, SP entities both local and remote, Creating IdP-SP, SP-IdP Partnerships, Signing and Encryption s, Metadata configuring, importing and exporting of the partnership, Attributes and Name Identifier mappings, Custom Assertion generation plug-in, Message consumer plug-in, SDK s to read Open format/Legacy cookies for the federation to work end to end for SAML 1.0, SAML 2.0 AND WS-FED profiles
• Identity Federation: SAML 1.0 SAML 2.0 protocol messages, Authentication Request, Response, Logout Request, Logout Response, Artifact Profiles, and Attribute Query profiles for different bindings like POST, Redirect, Artifact. WS-FED, STS, WS-Trust
• PKI: XML Signing, Encryption, Decryption, s procuring from CA s, Self-Signing s, Client s using OpenSSL, Cryptographic Hash Algorithms (MD5, SHA-1, SHA-256), Encryption Algorithms DES, 3DES, AES Programming PKI using JCE, Crypto libraries, Bouncy castle, SSL Traffic capturing, Parsing using JPCap, WinPCap.
• Core Java/J2EE: Core Java, J2ee JSP, Servlets Struts framework, Hibernate, JPA, Web 2.0, AJAX, Java-Script, YUI, Content Management Liferay, Magnolia portals and Portlets development, Architecture, Class diagrams, Documents like Solution requirement specifications SRS, SDS, STP for the projects
• Tivoli Access Manager/Tivoli Federated Identity Manager: TFIM 6.2.1 Installation, Configuration, Administration/ Federation end to end implementation in TFIM, Creating partnerships, Management
• Tivoli Access Manager for e-biz Installation, Configuration and setup to protect the realms, Configuring ACL s, Protected Objects, User management.
• Web Seal Installation/ Configuration, Junctions protections, EAI, Authentication methods configurations, Auditing and logging.
• CA Identity Manager: Installation, Configuration, Administration of CA Identity manager, Directory Server, Provisioning Server/Manager, Connectors. End to end identity management environment for User management, Roles, Tasks, Self-service, provisioning and customizing as per SRS. Defining Tasks, Roles, Groups,, workflow, Policies, Self-service, Synchronization, Bulk loader, Scheduler in IDM. Integration with Connectors, Provisioning Directory, Siteminder protection to the IDM environment. Custom Development using Java for Event Listeners, Business logic task handlers, Logical Attributes deployment in IDM.

TECHNICAL SKILLS:

IDM tools: SiteMinder(4.x/5.x/6.x/12.x),IdentityManager(8.x/12.x),TransactionMinder 6.x

Products: CA SiteMinder Access Manager

Databases: Oracle 11g/10g, SQL Server 2008/2005

Webservers: IHS 6.1/7.0, SunOne 5.1/6.1, IIS 5.0/6.0/7.5, Apache 2.x, Lotus Domino 8.0

Application Server: IBM Websphere Portal 6.0/6.1, WebSphere 4.x/5.x/6.x/7.0, Tomcat 4.x/5.x., Oracle Weblogic Server 8.0/10.3

Directory Server: iPlanet/SunOne directory server 5.x, Sun DSEE 6.3/6.3.1, Microsoft Active Directory, IBM-Tivoli Directory Server.

Languages: C, C#,SQL

Languages/Server Programming: Java, J2EE, Struts Frame work, Hibernate, JPA, JDBC3.0/2.0, JNDI

PKI: Encryption/Decryption, Signing using Public/Private key pairs, JCE, Bouncy castle and crypto libraries

Client Side Programming: JSP1.3, JavaScript, AJAX, JSON, Portal, Portlets.

XML/Web Services: XML, XSL, XSLT, SOAP1.1, WSDL, AXIS, REST

Application/Web Servers: Jboss 4.x, Tomcat 5.x, 6.x, Weblogic, WebSphere, IIS 6/7, Apache 2.x, IHS

Databases/ORM/Directories: Oracle9i, MS-SQL server, MS Access, MySQL, DTS, SunLDAP, CA Directory, MS-AD

IDE: Eclipse3.x, NetBeans5.x, PLSQL Developer 7.x, MS-Visio, MS-Project

CMS: Magnolia, Liferay

Analysis & Design: UML, Design Patterns

Operating Systems: Linux 4-5, RHEL AS, Solaris x86 64 SPARC, Windows 2003/ 2008 servers

PROFESSIONAL EXPERIENCE:

Confidential, Tampa,FL

Siteminder Security Analyst

Responsibilities:

• Upgraded SiteMinder from r6.X to 12.X and CA IdentityMinder from 8.1 to r 12.5
• Configured CA Identity manager for user management and application access according to role based entitlements.
• Experience in installing, configuring SiteMinder policy server, Web agents for IBM Http
• Server and Websphere TAI agents.
• Worked on ERP /WebAS agent integration with SAP ITS and Web application server.
• Implement Federation SAML 1.x/2.0 services to SSO into third party vendors like
• Cornerstone, Empire Blue.
• Worked on LDAP authentication like assigning roles to users, creation of test user accounts in Stage and Production environments.
• Installation of SSL s on Apache, IIS, WebLogic & Websphere servers.
• Installed and configured SiteMinder for Documentum shared environment and performed troubleshooting on known issues.
• Worked on proofs of concept to integrate CA SiteMinder with various other
• Identity Management software
• Worked extensively on creating Custom Authentication schemes as per the requirement.
• Expertise in Configuring CA SiteMinder policy server, creating agents, ACOs, DomainsRules, Responses and Policies, Policy Server maintenance, SSO call clearance, Web
• Agent & Application server agent installations, trouble shooting in all the environments.
• Configured user impersonation feature to enable Customer service department to provide a better service to the business clients.
• Integrated SiteMinder to Lotus Domino web server for Advisory application.
• Hands on experience with configuring LDAP initiated and SP initiated SAML profiles with different bindings like POST, Artifact, and Redirect as per the custom business and security requirements.
• Creating Open SSL s and using the same for Federation of external Services to achieve the purpose of maintaining confidentiality, message integrity and bilateral
• Authentication.
• Worked as an Infrastructure Lead for myTaxLink/TaxBridge Application.
• Integrated SiteMinder into various IFS/TAX based applications which require Single Sign On.
• Involved in giving sessions to offshore team.

Environment: JDK 1.4/1.5, J2EE, JDBC, XML, SAML 1.x/2.0, CA SiteMinder 5.X/6.X/12, Sun ONE Directory Server 5.X/6.X, Apache 2.x, Solaris 8/9/10, Windows 2000/2003/2008, WAS 6.1/7.0, IIS 6.0/7.5, Lotus Domino 8.0

Confidential, New York

Siteminder and LDAP Admin

Responsibilities:

• Installed, Configured and Managed Netegrity SiteMinder 6.0
• Migration of policy server from SiteMinder 5.5 to 6.0 for Load balancing, and failover configuration of the Policy store.
• Configured CA Identity Manager workflow for user provisioning.
• Worked on CA Identity Manager Performance to optimize roles, tasks and identity policies.
• Configured CA Identity manager for user management and application access according to role based entitlements.
• Upgraded CA Siteminder 6.x to 12.x.
• Involved in the integration of CA Siteminder with CA IDM for advanced authenticationdirectory mapping and password policies.
• Experience in trouble - shooting the issues by analyzing the trace and TAI logs.
• Configured IBM HTTP Web server, SiteMinder to work with WAS.
• Worked on OneView Monitor statistics, error corrections for possible problems, reviewed
• SNMP events for possible problems and worked on the status of Siteminder P1 tickets.
• Worked on CA Siteminder Platform Support Matrix for changes.
• Worked on webagent.conf, sm.registry, etc. configuration files on SiteMinder.
• Reviewed and updated Siteminder policies and procedures.
• Worked on Siteminder architecture and taken care of changes that are needed based on capacity planning
• Created, Configured and Administered Profiles, Clusters, Nodes and Node Groups for
• WebSphere Application Server.
• Used One View Monitor in SiteMinder for identifying performance bottlenecks.
• Monitored heartbeats and refresh rates for various components of SiteMinder.
• Experience in creating and maintaining security policies for SiteMinder.
• Configured Node manager for administration of Managed servers.
• Responsible for deploying enterprise applications from Admin console and enabling security using LTPA and LDAP for admin console and application components on AIX.
• Configured SSL for WebSphere Application Server for security reasons.
• Experienced in assisting Web Administrators, LDAP Administrators to determine what the best values for SiteMinder parameters and tune the system to boost SiteMinder performance in the Web Tier, the Application Tier, and the Data Tier.
• Provided and group presentations on SiteMinder security planning to all employees, using Microsoft Visio and PowerPoint.
• Experience in implementing failover and load balancing schemes between
• WebAgents and Policy Servers and also between PolicyServers and
• LDAP.
• Experienced in setting up integrated security access to the portal and Single Sign-On.
• Implemented clustering and worked on analyzing the scalability of applications with the help of tools like IBM Tivoli Site Analyzer.
• Used ANT script to automate loading Users and User Groups into Active Directory (LDAP)and XML based EAR/ WAR deployment.
• Responsible for deploying enterprise applications from Admin console and enabling security using LTPA, LDAP for admin console and application components on Windows.
• Updated Latest Fix-pack 6.1.0.13 for AIX.
• Trouble shooting of errors in both Application and JVM, also analyzed heap or core plus error logs
• Involved in setting up JVM tuning parameters and used garbage collection.
• Assembled and deployed the application in production, staging for following change management practices.
• Regularly attended meetings on behalf of Middleware Team & co-ordinate with different teams for task .

Environment: Netegrity SiteMinder 5.x/6.x, CA Identity Manager 8.1, Web agents 5.x/6x, Websphere 5.x,/ 6.x, Apache 2.x, IIS 5.0/6.0, Sun ONE Directory Server 5.2/6.1, SAML, XML, LDAP, Solaris.

Confidential, GA

Siteminder Admin

Responsibilities:

• Installed, Configured and administered SiteMinder and Sun One Directory Server.
• Installation, Configuration and Administration of IBM WebSphere Application Server 5.1 on
• UNIX platform, Linux.
• Used Site Minder for authenticating the user passwords for the web application.
• Worked with SiteMinder administration for user directories, agents, logs and cache managementagent configuration objects.
• Worked on Configuring the Domains, User directories, Rules, Realms and Policies.
• Worked on Load balancing the SiteMinder for high performance.
• Involved in the SiteMinder Upgrade of Policy Servers, web agents from version 5.5 to 6.0 and
• SiteMinder Web Agents from version 5.5 to 6.x
• Performed user provisioning in Identity Provider(IdP) site Service Provider(SP) site using
• SAML for
• SSO
• Installed and configured the LDAP Sun ONE Directory Server. Configured the multi master replication in Sun ONE Directory server
• Creating OpenSSL s and using the same for Federation of external Services to achieve the purpose of maintaining confidentiality, message integrity and bilateral Authentication.
• Develop and execute IDM related test plans. Deliver components to testing and production using the Version Control tool.
• Mentor development and support teams involved in problem identification and solving.
• Created IBM Problem Management Records (PMR) to report WebSphere Application
• Server problems. Analyzed log files to solve problems using debugging tools like Log
• Analyzer, First Failure Data Capture Tool and Collector Tool.
• Worked on Fine tuning of Web agent and policy servers for optimized performance
• Implemented password policies for all the applications using SiteMinder.
• Configured custom alerts and e - mail notifications based on the business needs.
• Experience with using Integration Kits and Token Translators for integrating identity enabled web services into SSO environment.

Environment: Netegrity SiteMinder 5.5/6.0, Sun ONE Directory Server (5.1, 5.2), IBM WebSphere Application Server 5.x/6.x, Web agents 5.x/6x., XML, Oracle9i, BEA WebLogic 9.2/8.1, iPlanet 6.0

Confidential

Responsibilities:

• Setting up the identity provider side, Using CA Federation Manager R12. Policy StoreUser Store configuration
• Delegated Authentication on external WAM System
• J2ee API to create OPENFORMAT cookie
• Remote Provisioning, Account linking CA IDM R 12 CR 5
• Siteminder Connector to connect to the Existing Siteminder infrastructure
• Entities, Partnership, Meta - data exchange, Enabling SSL for IdP, SP Domains
• J2ee API developed to form open format cookie for IdP to accept SSO
• Federation partner onboarding and: Used FuGen MISP tools in a cloud/virtualized environment to create virtual scenarios, onboard, test, validate and certify the federation partnership
• Testing and On-Boarding users