SUMMARY

• Lead the ongoing Thycotic Secret Server Cloud project implementation for one of the clients
• Interacted with the stakeholders and client to understand the project requirements and the prerequisites to achieve those requirements
• Designed and prepared Thycotic secret server high availability and disaster recovery architectural scenarios
• Worked on Understanding the need for additional servers for Secret server cloud components such as distributed engines, ALM, and DSV, and assisting to build the same with the help of the networking team
• Involved in the integration of ALM, Service - now, Splunk, DSV, and Okta authentication with Secret server cloud
• Worked on Handling escalated tickets regarding issues faced by users accessing Thycotic Secret Server and the secrets
• Worked on Creation, management, and decommissioning of Active Directory Service Accounts using Account Lifecycle Manager
• Worked on Securing and managing highly vulnerable secrets using DevOps Secret Vault
• Worked on Analyzing, monitoring, and detecting threats/unusual activities if any, using Privileged Behavior Analytics
• Performed Planning, Architectural Design, Installation and Implementation of the Thycotic Secret Server in both Production and Non-Production (DEV) environment.
• Worked with Windows & Network Teams on building the servers, opening the ports, and installing pre- requisites for the installation of Thycotic SS.
• Experienced on both On-premises and Cloud Deployment of Thycotic Secret Server.
• Worked with the IAM team side by side to effectively perform both Privilege and Identity Access Management within reputed organizations.
• Implementing, Design Document, Operations Guide, End User Guide
• Recently upgraded Thycotic Secret Server to the latest version 11.2.000002 with new Delinea UI.
• Built Secret Policies for Admins, Domain Admins and Service Accounts.
• Enforced Check-In/Check-Out (CICO) feature with Remote Password Changing (RPC) on every Check- In for highly Privileged Accounts.
• Integrated Splunk and Qualys with Secret Server to scan and report on vulnerabilities within networks.
• Ability to perform troubleshooting and disaster recovery tasks with problem solving skills

PROFESSIONAL EXPERIENCE

Confidential, Boston, MA

Thycotic/Delinea Engineer

Responsibilities:

• Regular Interaction with the stakeholders and Thycotic vendor talking about the strategy for Thycotic secret server implementation
• Onboarded privileged accounts such as Administrator and SQL DB accounts to Thycotic
• Granted users access to Thycotic based on different roles and group membership
• Integrated Azure AD with secret server
• Disabled users from Secret server as and when they left the organization
• Created folder structure as per the client requirements and suggestions
• Administered and monitored the alerts for secrets with failed heartbeat
• Cached their secrets in the Secret server mobile application for offline use.
• Implemented new secrets.
• Enacted a custom audit entry when accessing a secret using the web service API.
• Analysed and configured automated backups for secret servers.
• Changed the backup path, disable backup, and implemented the backup schedule.
• Performed general configuration options for example, turned on force HTTPS/SSL and disabled “Allow remember me”.
• Led the project - Thycotic Secret Server in Ingram Micro and guided the team into appropriate direction in benefiting the project.
• Managed Privileged accounts of Windows, Linux, SQL, and Oracle instances and onboarding them to Thycotic Secret Server.
• Worked on Saviynt to create/delete connections (Windows, SQL, Linux, Oracle) to pull the user’s correlated accounts.
• Configured Reports for mismatched identities and accounts of users
• Run and schedule daily/weekly reports on Saviynt for various categories such as
• Inactive AD accounts, Users with no managers, etc.
• Ensured proper termination of users from Saviynt (automation)
• Resolved and assisted end-user IT issues/queries such as password reset, network connectivity and onboarding new user account in active directory, working on tickets in Service Now
• Rotated the passwords of Windows, Linux, SQL, and Oracle privileged accounts from the secret server as per the schedule
• Worked on Office 365 Admin centre to manage user accounts. Moreover, assigning licenses and adding the users to the respective groups as per the request.
• Managed user accounts and mailboxes on Exchange Online
• Onboarded external applications to our corporate network and integrating them with SSO with the help of the Azure AD portal.
• Monitored Azure AD corporate sync errors and resolving them within mentioned SLA
• Resolved the errors in IDFix on On-Prem corporate Active Directory domain controller
• Monitored the license count on Office 365 admin centre and escalating it to the billing admin for additional licenses procurement
• Performed SSH proxy settings.
• Performed SAML integration settings on the login tab of configuration settings.
• Implemented “Administer Security configuration and edited security configuration option in secret server.
• Updated and created event subscription.
• Implemented Dual control settings for reports and recorded sessions.
• Analysed and changed configuration or disable the use of a hardware security module (HSM).

Confidential, Chicago, IL

Thycotic Engineer

Responsibilities:

• Leaded Thycotic secret server cloud project consisting of 10 team members
• Monitored distributed engines as a part of daily health check in regard to cloud secret server
• Implemented high level and low level Thycotic secret server architecture for the client
• Interacted with networking team to explain them about the architecture and infrastructure required for implementation of Thycotic secret server
• Onboarded privileged accounts like root and some web credentials
• Verified and Monitored Secret server cloud status regularly as a part of health check
• Created and assigned secret policies to the folders or secrets if required
• Prepared user guide for the beginners for accessing credentials stored in secret server
• Worked on managing SSH keys.
• Responsible for the architect deployment and management of security solutions.
• Deployment of other technologies and strong background in programming specifically in use cases related to the domain and provides the highest value of customer argumentation needs.
• Excellent communication skills, a great listener and always aiming to achieve higher ends for our customers initiative and requirements.
• Collaborated with the client service team to help scope engagement for professional services.
• Led the implementation of the Thycotic solutions in the client’s environment.
• Prepared and delivered technical presentation explaining products or services to customers and prospective customers.
• Worked with clients to understand the technical architecture of their environment as it relates to the installation, configuration, upgrade, or enhancement of a secret server.
• Installed, upgraded, and configured Thycotic software to work within the capabilities of the application for those requirements.
• Review the configuration decisions that are available to clients and provide guidance on best practices.
• Integration with SIEM, SAML, IAM, MFA, and Ticketing System.
• Worked on applying security patching in the environment.
• Automated onboarding -Coding experience in REST API
• Lead & oversee the design and development of solutions that enforce applicable organization security policies and access management requirements
• Hands-on in Discover Local and Active Directory Privileged Accounts, Discovery Rules, Service Account, and Dependency Management, and other discovery approaches
• Produced deliverables for client signoff such as installation plans, configuration plans, documentation on what was installed and configured, the architect of the resulting environment, and any PowerShell scripts that were used.
• Built and maintained clients’ relationships to become a trusted advisor.
• Worked Efficiently with the client's technical support team to solve client issues.

Confidential, Greenville, SC

Thycotic Engineer

Responsibilities:

• Lead the project Thycotic secret server on-prem as well as cloud
• Implemented and administered service accounts creation and termination using Account Lifecycle Management
• Checked distributed engines service on each DE server for avoiding/minimising any latency issues
• Created Thycotic architecture based on the vendor suggestions using Lucid chart
• Involved in integration of ALM, Service-now, Splunk, DSV and Okta authentication with Secret server cloud
• Handled escalated tickets regarding issues faced by users accessing Thycotic Secret Server and the secrets
• Created, managed, and decommissioned of Active Directory Service Accounts using Account Lifecycle Manager
• Secured and managed highly vulnerable secrets using DevOps Secret Vault
• Analysed, monitored and detected threats/unusual activities if any, using Privileged Behaviour Analytics
• Explained about the strategy of Thycotic secret server implementation to the networking team based on the architecture and infrastructure
• Privileged accounts importing for Oracle DB
• Managed service accounts importing and adding dependencies for the same
• Rotated the password of privileged accounts at certain fixed intervals based on client requirements
• Configured check out and check-in option on the critical shared privileged accounts.
• Created secret policies to enforce some important conditions on the most critical privileged accounts
• Prepared Runbook for user administration and security team purpose

Confidential, Chicago, IL

Thycotic SME

Responsibilities:

• Hands-on in Discover Local and Active Directory Privileged Accounts, Discovery Rules, Service Account and Dependency Management and other discovery approaches.
• Responsible for handling Service Operations including Incident, Problem, Change Management, and Request fulfillment by coordinating with the Service owner, Service support and Service user groups.
• Created architecture diagrams and deployed Thycotic for both prod and non-prod. Environment in AWS.
• Solved load balancer issues in production servers.
• Created rules to automate the onboarding process as well as used PowerShell for customized onboarding and reporting.
• Configure and implement event subscriptions for production health check.
• Integrated multiple ADUC servers in Directory services and created costume scanner setting and discovery sources for Unix accounts.
• Performed Splunk integration for logs tracking and notifications
• Worked on securing Privileges for service, application, root, and administrator accounts across the enterprise
• Provisioned and deprovision, ensure password complexity, and rotate credentials.
• Implement session launching, proxies, monitoring, and recording,
• Stored privileged credentials in an encrypted, centralized vault
• Set up RBAC, workflow for access requests, and approvals for third parties
• Created folders and onboarded privilege credential.
• Granted access to the user in the folder and account level.
• Worked on AD integration with Thycotic
• Implemented various component of Thycotic that would include secret server, distributed engine
• Worked on implementing 2FA for Thycotic
• Configured different kind of launcher
• Configured SMTP alert and syslog and monitored the activity
• Configured the discovery rule for automatic account onboarding in Thycotic
• Upgraded distributed engine to various version also Applied security patched for the distributed engine
• Installed and Configured Distributed engine
• Installed the Secret Server
• Managed the credential for bunch of privileged account
• Setup policies on the personal privileged folder
• Performed operational task, enabled check-in/check-out interval and configured time frame for check-in and check-out.