PROFESSIONAL SUMMARY:

• Around 10 years of experience in Information Technology, which includes demonstrated work experience in design, development, testing and implementation of enterprise - wide security applications using PingFederate, Microsoft ADFS, Azure AD, CA SiteMinder, Okta, LDAP Directory, Active Directory on Windows, Unix, and Linux.
• Experienced in deploying and upgrading Ping Federate 8.x - 10.x in clustered environment and also integrating with PingID for MFA.
• Experienced in implementing SAML and Oauth based SSO using multiple authentication products like Okta, Ping Federate, CA SiteMinder and Azure AD.
• Creating and managing application integrations for identity and access management. having experience of creating conditional access policiesmultifactor authentication (MFA) and resolving the MFA issues using Azure AD.
• Experience in creating directory and proxy server configuration and administration.
• Experienced in creating various adapters like Kerberos, composite, ID, HTML, PingID for MFA.
• Helping client to manage Okta service, Okta life cycle management with Active Directory, LDAP, SSO, auto provisioning and automating different infrastructures.
• Performing OKTA integration while adhering to change management policies and procedures.
• Experience in integrating enterprise applications such as salesforce, ServiceNow, box etc. using SAML in Azure AD
• Configured conditional access policies and did analysis using whatif feature in Azure AD.
• Configured B2B applications in Azure AD using external identities and created self-service signup policies for the guest users.
• Performed access reviews on the applications with guest user access.
• Experienced in configuring Microsoft office365 with Ping Federate.
• Experienced in setting up SAML and OAuth/OIDC applications using Ping Federate.
• Provided L-3 support to resolve the tickets raised by Application teams or clients on various IAM solutions along with PingFederate, AZURE AD and Okta.
• Worked on all the PingFederate OAUTH grant types to get the access token to access the protected API. Supported development with integration of Mobile Apps using OAuth/SAML in PingFederate.
• Experienced in using Postman client for Oauth troubleshooting purposes.
• Experience in working multiple monitoring systems to understand and analyze various logs and reports to provide a more reliable and efficient support for SSO and IDM infrastructure.

TECHNICAL SKILLS:

Federation: OKTA, PingFederate 8.x - 10.x, CA SiteMinder Federation Services, Azure AD

Access Management: Ping Access, Okta Access Gateway, CA Access Gateway/Secure Proxy, CA SiteMinder Web Agents, Okta Access Gateway

Multi-Factor: Okta Verify, Google Authenticator, PingID and Duo

Web Server: IIS 6.0/7/7.5/8/8.5, Apache2.2/2.4, IPlanet Web Server 6.x

Directory Servers: Microsoft AD, CA Directory Servers R12.x/14.x, Sun ONE Directory Server 5.x, 6.x, Ping - Directory, Data sync and Proxy

Operating Systems: Windows Server 2003/2008/2012/2016/ R2, Red Hat Enterprise Linux 3-7, UNIX (AIX, Sun Solaris 7-10)

PROFESSIONAL EXPERIENCE:

Confidential, New York

Ping Consultant

Responsibilities:

• Implemented many Oauth and OpenID connections based on the client requirements.
• Configured multiple grants types such as Authorization code, implicit, client credentials and resource owner.
• Provided Architectural design and implemented enterprise-wide Identity and Access Management (IAM) solutions using Ping Federate and PingID.
• Worked on supporting multiple applications internal and external to provide SSO services using PingFederate.
• Upgraded PingFederate from 10.0 to 10.3
• Worked on Agentless Integration using ID adapter, SAML and OAuth with various legacy and new applications.
• Worked on both agent and proxy-based integrations for the applications that doesn’t support SAML or OAUTH protocols.
• Supported patching activities performed by Windows team, to provide continuous support to applications using SSO.
• Updated IDP Signing s before the expiry.
• Configured applications by enabling Kerberos and used composite adapters to accommodate user authentications from multiple domains.
• Worked on a POC in integrating enterprise applications using SAML in azure AD
• Created conditional access to apply business policies as per the requirement in Azure AD.
• Configured external identities to support B2B communication for the guest users.
• Created application proxy for the on-premise web-based applications to provide single sign-on.
• Worked on access reviews and self-service signup for guest users.

Confidential, Atlanta, GA

IAM Engineer

Responsibilities:

• Worked on supporting and debugging issues with and implementing SSO solutions with Business Partners using PING Identity solutions
• Provided Architectural design and implemented enterprise-wide Identity and Access Management (IAM) solutions Ping Federate and PingID.
• Implemented PingID MFA with Ping Federate
• Enforced enterprise-wide work force to PingID for MFA.
• Developed Ping Radius adapter and integrated with different clients which uses Radius (CyberArk, VPN, LB etc...).
• Implemented web application OAuth Integrations with Ping.
• Responsible for coordinating IAM team members, consultants, partners during project planning, execution.
• Have Knowledge in Designing the Privileged Credentials provisioning to CyberArk Vault.
• Responsible for defining, recommending, monitoring and deploying SSO (Single Sign On) Access
• Management Solution on premise using different technologies, Federated Protocols (SAML, OpenID connect, OAuth, WS Federation) with cloud computing providers like Sales force, AWS, Service-Now, Google etc.

Confidential

OKTA Consultant

Responsibilities:

• Taking end-to-end ownership of customer issues, including initial troubleshooting, identification of root cause and issue resolution. Meet or exceed customer expectations on response quality, timeliness of responses and overall customer experience.
• Serving as an internal and external point of contact on customer matters and ensuring customer issues are resolved as expediently as possible.
• Experience in complex implementation integration in production tenants.
• Experience in installing OKTA’s Lightweight agent to integrate with Active Directory.
• Support User Management in IDM - Creation, Adding/Updating resources, Lock/Unlock - Enable/Disable and deletion of user accounts.
• Supporting Identity Access Management solutions. Experience supporting LDAP, SSO, SAML, or WS Federation and OIDC
• Worked with application and business stakeholders to clear roadblocks during design and deployment.
• Expertise in administering OKTA and providing support to OKTA clients.
• Configured MFA policies and MFA Factors to application access such as Okta verify, SMS Authentication & Voice call authentication.
• Written tenant level as well as App level MFA policies to secure applications integrated with Okta.
• Supported various applications such as Office 365, Google Apps, Sales force, Workday, Net Suite, Box, etc.

Confidential

Software Consultant

Responsibilities:

• Worked on Parallel upgrade of Complete IAM suite which consist of SiteMinder (SSO) Identity Minder, Identity Portal and Access Gateway.
• Installed and Configured Policy Servers on Azure cloud to support high availability in cloud and used akamai (Global Load Balancer) to route the traffic to respected data centers.
• Configured and Defined the Policy Domains, User directories, Realms, Rules, Responses and Policies in SiteMinder and configured SiteMinder web agents and Affiliate agents to provide federation of webservices in the SSO environment.
• Worked on installing the Apache agents in silent mode using startup scripts on the docker containers.
• Working on replacing few LDAP tools and integrating them as endpoints in IDM to handle the passwords by enabling self-service using identity Portal.
• Integrated many applications using SAML 2.0 protocol.
• Generating the certs using Comodo and updating them as per the expiry date and coordinating with the application teams to update the metadata link.
• Attending the Security meetings to evaluate the newly onboarded applications to verify the authentication, authorization mechanisms used, and the protocols followed.