SUMMARY:

• Developed U Drive Creation Automation to create home directory for end users on Storage environment DataONTAP OS via ISIM interface, when new associates or vendors are joining.
• Developed Sanity Automation Tool to check the status of applications onboarded into TAM without opening the url of application which results in saving a lot of time and will get the screenshots of application pages using JAVA/J2EE
• Implemented webSEAL code in the error pages to identify which webSEAL threw the error.
• Installation
• Created the Federation web Services Domain to use SAML 2.0 requests.
• Created and configured the SAML service Providers under the Federation Partners.
• Configured the SSO (Single sign - on) and SLO (Single Log-out) for all the service providers.
• Configured the signed Authn Requests for all the SSO.
• Installed and configured the simple SAMLas SP.
• Experience in troubleshooting various issues in LDAP. Exporting, importing, performance tuning, creating and maintaining user and group profiles in LDAP.
• Experience in trouble shooting various issues, checking and maintaining health of Unix environment.
• Automation of various manual tasks like backups, logs housekeeping, monitoring and checking health of servers with shell scripts.
• Enabling SSO to the web applications, Federated SSO
• Installing webSEAL and configuring the instances
• Hands on experience on Apache Directory Studio LDAP.
• Handling tickets using BMC Remedy and Service Now.
• Experience with SAML 1.1 and SAML 2.0
• Experience in Providing technical guidance to the team to ensure successful service for physical access deliverables for the enterprise
• Good knowledge in scripting technologies like Windows Shell, JavaScript .
• Experienced in day to day operational support in adding and deleting accounts, applying policies, assigning safes, synchronizing failed accounts, Password rotations.
• Experienced in using IAM/PAM tools for deployment, configuration, integration and troubleshooting of CyberArk Privileged Account Security product suite - Enterprise Password Vault, Password Vault Web Access, Central Policy Manager, Privileged Session Manager, Application Identity Manager, and Privileged Threat Analytics.
• Worked with other platform teams and external suppliers to consistently deliver on physical access objectives or requirements
• Migration Experience ITIM 5.1 to ISIM v6.0, TAM 6.1 to ISAM 8.
• Improved Site Minder and LDAP performance, High availability. Designed and implemented solutions for load balancing, fail-over. And monitoring the growth capacity planning.
• Experienced in supporting LDAP and Site Minder in production environment.
• Excellent communication and interpersonal skills and a very good team player with the ability to work independently.
• Hands on experience in development of SailPoint Identity IQ 6.x and 7.x workflow solution.
• Good working experience with deploying applications in Unix/Linux and using tools like Putty and WinSCP.
• Worked with Active Directory, LDAP/UNIX groups, Networks, Human Resource systems for Identity and Access Management.
• Designed SailPoint deployment activities - connector configuration, custom rule development, workflow configuration, development and third-party system integration.
• Experience with Implementation and Administration of Sail Point for large population of users
• Experience in SailPoint tool customization, Report Generation, Integration with end/target systems, SailPoint API's and Application Development
• Experience with Installation and configuration of CyberArk Vault, CPM, CyberArk PVWA, OPM CyberArk PSM, AIM, and PSM SSH proxy Architecture and design.
• Experience on IAM products from ForgeRock (OpenIDM, OpenAM and OpenDJ) and building IAM solutions implementing OAuth2 and ODIC specification
• Extensive experience onboarding Windows, UNIX, Database servers, RACF and Network device into CyberArk
• Exposure in design and architecture of PIM using Cyber-Ark.
• Daily administration of CyberArk Enterprise vault Management includes
• Safe Management, Master Policy Management, Platform Management and Access Management.
• Account management i.e. adding /deleting accounts /group management
• Managing policies and platforms.
• Creating and assigning Safes, reconciling accounts, rotating passwords.
• Create AD users and groups for safe delegation and updates.
• Conduct workshops with application and infrastructure teams about on-boarding privileged accounts.
• Assist application teams with CyberArk application Identity Manager Integrations and linked accounts.
• Generating various reports in IIQ like Identity Reports, Orphan Account reports, Account Discrepancy reports, Role composition report and Application attribute reports etc.
• Coordinating with existing Provisioning Team for the application in order to get the existing User Access Management (UAM) model to make it fit in to IIQ.
• Provisioning application's requests in IdentityIQ to Create/Amend/Delete user access for the on boarded applications.
• Expertise in Installation and Configuration of Oracle Identity Manager 11GR2PS2.
• Expertise in User Life Cycle Management and implementation of various workflows design with different application resources.
• Developing Application instances and entitlements and Integrating New Application (Connected and disconnected) with OIM.
• Customizing UI in OIM using Sandbox.
• Developed Custom BI Reports, Schedulers, and workflows like access policies and Approval Policies.

TECHNICAL SKILLS:

IAM Tools: ISAM 7, TAM 6.1.1 & ISIM 6.0, CyberArk, SailPoint IdentityIQ 6.0

Programming: Core Java

J2EE Technologies: JSP, Servlet

Scripting Languages: JavaScript, HTML, Windows Shell

Databases: SQL

Tools: Worked: Eclipse

Web Servers: Apache Tomcat, WAS

WORK EXPERIENCE:

Confidential, Detroit, MI

IAM DEVELOPER /SAILPOINT DEVELOPER

Responsibilities:

• Developed U Drive Creation Automation to create home directory for end users on Storage environment DataONTAP operating system via ISIM interface, when new associates or vendors are joining.
• Customized the Space Check in ISIM environment using Linux shell scripting.
• Understanding the Existing System and converting the same Functionality in ISIM.
• Gathering the Requirements, Documenting the functionality before Implementing.
• Creating Organizational Tree, Service Types, Services.
• Creating Roles, Identity policies, Password Policies and Provisioning policies.
• Creating Views, Access control Items(ACI) and adding same to User.
• Creating and Customizing the operational work flows.
• Performing Partial and Full Reconciliation to reflect the data from Services like ISAM, AD into ISIM
• ISIM administrative activities such as generating user reports, create/modify users
• Involved in customization and creation of workflows
• ISIM 6.0 environment maintenance activities, stopping and starting the components such as ISIM console, DB2, TDI and TDS.
• Involved in Coding, Testing and Support Activities.
• Documentation and analysis of current and future processes/systems
• Troubleshooting issues related to ISAM, authentication and authorization, as well as troubleshooting LDAP issues.
• Onboarded the application for aggregating the accounts to identity IQ as per requirements
• Hands on experience on onboarding different connectors like Active Directory, Oracle, JDBC and Delimited File.
• Experience in developing custom rules such as customization rule, build-map rule and connector rules.
• Developed custom leaver workflow according to the business need.
• Administered user accounts and profiles and performed test planning and test activities for SailPoint Application post patch application
• Using IIQ Console for operations such as checkout, import, connector Debug etc.
• Managed all phases of application lifecycle including requirements analysis, application design, construction, quality control-testing, deployment and integration, troubleshooting and change management on SailPoint IIQ.
• Configuration of Roles, Policies and Certifications for governance compliance.
• Build and Configure SailPoint in-built tasks like aggregation, ID refresh, schedule tasks, correlation, etc.
• Configuration and development of SailPoint Life Cycle Events (LCM).
• Developed custom reports like application data validation to validate the account, entitlements and account status after aggregation.
• Installation and Configuration of Oracle Identity Manager (OIM), Oracle Access Manager (OAM), WebLogic Server and SOA Suite for deploying identity management stack. Installed and configured OVD as a frontend LDAP proxy server using MS Active Directory and Oracle Identity Directory (OID).
• Developed Custom Flat-File and DBAT Connectors to perform data reconciliation from the target Authoritative Source and load the reconciled data onto OIM
• Implemented Request Workflows for objects and users managed within the OIM system
• Developed OIM customizations such as Schedule Jobs, Event Handlers, Plugins, Access Policies and Approval Workflows according to business needs
• Developed Generic Connectors and SOA Composites

Environment: IBM Security Identity Manager 6, IBM Security Access Manager 7, Tivoli Directory Integrator 7.1, Apache Directory Studio LDAP, Websphere Application Server 8, Java, DB2 and Linux, SailPoint IIQ 7.0, SailPoint IIQ 7.1.

Confidential, Bentonville, AR

ISAM ADMINISTRATION /SAILPOINT DEVELOPER

Responsibilities:

• Developed Sanity Automation Tool to check the status of applications without opening the url of application which results in saving a lot of time and will get the screenshots of application pages using JAVA/J2EE
• Implemented webSEAL code in the error pages to identify which webSEAL threw the error.
• Performing health check of all the webSEAL servers, TDS, Policy servers, space check for logs and CPU utilization before starting of the business hours so that business wont impact
• Handling user access related issues using Service Now ticketing tool
• Enabling Single Sign On (SSO) by creating Virtual host junctions, attaching ACL’s for the internal applications
• Creating standard junctions for testing the applications which are going to onboard in to ISAM, so that all the resources of application are accessible.
• Creating Identity providers and service providers for enabling single sign on to the external applications using SAML protocol which is CDSSO (Federation)
• Installing and configuring the webSEAL instances to manage the user requests efficiently.
• Involved in customization and creation of workflows
• Involved in Coding, Testing and Support Activities.
• Documentation and analysis of current and future processes/systems
• Development of identity federation connectors from SailPoint to target systems, along with subsequent access control by Secure Auth.
• Ensure requirements gathered, processes defined, and use cases documented follow out of the box configuration vs. customization as much as possible.
• Manage client requirements and configure SailPoint IIQ connectors for 34+ applications.
• Develop SailPoint deployment and solution architectures.
• Participate in all SailPoint deployment activities - connector configuration, custom rule development, workflow configuration and development, third party system integration.
• Design, implemented a solution which manage the Identity lifecycle of almost all applications with the enterprise, without directly controlling the identity store within the application.
• Involved in creating custom reports, certifications to cater various data feeds.
• Providing technical strategies and roadmaps for badge access systems, CCTV, and visitor management system.
• Achieved SOX and PCI compliance by building a flexible and scalable framework to provide authentication and authorization services while supporting rules/roles/languages requirements for various International countries.
• Design and Implement data import of various types of data files from internal and external target sources for validating access levels.
• Created a Registry for important information on all applications.
• Participate in and/or User Acceptance Testing and bug-related reengineering efforts.
• Perform Installation and configuration of SailPoint IdentityIQ.
• Develop custom SailPoint Build Map Rules and Workflows as per the business needs.
• Setup applications Active Directory, LDAP, Oracle and Flat Files.
• Providing solutions for the changing business requirements.
• Implement REST classes using SailPoint Rest Application.
• Using IIQ Console for operations such as checkout, import, connector Debug etc.
• Used IQService as part Identity IQ for Active Directory (AD) provisioning.
• Setup direct connectors for AD, LDAP, MySQL, Oracle, EPIC.
• Configuration of Roles, Policies and Certifications for governance compliance.
• Responsible for ensuring operational readiness of physical access platforms through reviews and procedures of planning, testing, and implementation management
• Coaches junior level employees on security best practices
• Build and Configure SailPoint in-built tasks like aggregation, ID refresh, schedule tasks, correlation, etc.
• Configuration and development of SailPoint Life Cycle Events (LCM).
• Customizing and branding of SailPoint solution.
• Provide knowledge transfer and post production support activities, as necessary.
• Installation of SailPoint IIQ in various environments like UNIX and Windows.
• Implemented workflows in IIQ and provisioning in SailPoint IIQ using SAP HR and Active Directory connector
• Provisioning application's requests in IIQ to Create/Amend/Delete user access for the on boarded applications.
• Involved in designing, development and implementing of SailPoint IdentityIQ.
• Involved in onboarding client specific Applications.
• SailPoint IdentityIQ Installation and Configuration as required by the design solution.
• Implementation of Self Service feature, Password features (PTA, Forgot Password, Change Password), provisioning feature, configuring various roles and policies in SailPoint.
• Playing role of Technical Architect for IAM platform built on Forgerock IAM product and defining solution for integration works.
• Installation of ForgeRock in various environments like UNIX and Windows.
• Involved in designing, development and implementing of ForgeRock
• Experience on OAM (Oracle Access Management) SSO (Single Sign on), ForgeRock OpenAM & OpenDJ..
• Developed/delivered multiple workshops formats for ForgeRock (PoC, Design/Discovery) establishing technical leadership in the IAM space for ForgeRock

Environemnt: IBM Security Access Manager 7, SAML 2.0, JAVA, J2EE, HTML, Service Now, Websphere Application Server 8, DB2, Java SE, JSP, Tomcat 8, PowerShell Script XML, HTML, CSS, SailPoint Identity IQ 6.4, 7, Ansible,Git,Jenkins.

Confidential, Detroit, MI

Sailpoint Developer

Responsibilities:

• Involved in building, design, testing, supporting and determining SailPoint Identity IQ Solution design.
• Worked on upgrading Identity IQ from 7.0 to 7.1 and applied patches.
• Onboarded the application for aggregating the accounts to identity IQ as per requirements.
• Hands on experience on onboarding different connectors like Active Directory, Oracle, JDBC, Delimited File, Salesforce, ServiceNow.
• Extensively worked on implementing loopback connector for certifying the workgroups within the SailPoint.
• Extensively worked on Identity Governance including User Provisioning, Access Certifications, Access request, Workflow, Delegated Administration and Password Self-Service.
• Developed before and after provisioning custom rules, tasks.
• Configured Business and It roles in SailPoint IIQ according to the Entitlement hierarchy in the target application.
• Involved in configuring Manager Certification for user access reviews. Developed Custom rules like escalation, exclusion for the certification.
• Developed custom leaver workflow according to the business need.
• Involved in End to End testing the application behavior like provisioning, Entitlement view in certification, Account Correlation validation.
• Administered user accounts and profiles and performed test planning and test activities for SailPoint Application post patch application.
• Developed custom reports like application data validation to validate the account, entitlements and account status after aggregation.
• Built and configured Joiner, Mover and Leaver workflows to maintain user accounts as per the birth right accesses.

Environment: SailPoint IIQ 7.0, SailPoint IIQ 7.1. Active Directory, JAVA, J2EE, UNIX, LINUX, JAVA 1.7, JSP, JDBC, Apache 2.0, Oracle database, MYSQL, SQL Developer, Bitbucket, bamboo, JIRA, Eclipse Oxygen.

Confidential

ISIM/CYBERARK ADMINISTRATION

Responsibilities:

• Performing health check of ISIM environment including the status of ISIM application servers, Messaging Engines in Websphere Application server, Space check, CPU utilization, node based ISIM urls, ISIM Pending requests before starting of business hours.
• Handling user identity issues using Service Now Ticketing tool
• Providing support for middleware teams such as Windows, Linux, AD and DB2 for any hardware/software fixes in servers
• Maintenance activities includes stopping and starting of ISIM servers as per monthly maintenance plan, any patch updates and hardware fixes
• Generating user reports on basis of weekly, monthly and Quarterly using TDI scripts as per client requirements
• Performing reconciliation to make sure ISIM has the user data as per ISIM services/Targets
• Involved in customization and creation of workflows, Coding, Testing and Support Activities.
• Creating Static and Dynamic roles, Provisioning policies based on the requirement
• Working on user identity issues like password issues, inactive profile/accounts issues
• Documentation of TRD, BRD & DLD, analysis of current and future processes/systems
• Worked on Cyber Ark Enterprise Password Vault and PVWA.
• Installed and configured Private Ark to Client to manage Vault server.
• Managing, monitoring and Supporting systems hardware, software, and applications.
• Resolved CyberArk issues in CPM communicate with host to reconcile credentials.
• Researching, recommending, and implementing new solutions in support of project and business requirements with focus on security and privacy.
• AIM to remove hard coded password from application and stored those credentials in Vault.
• Integrated Active Directory to the Vault Server to discover devices using bind account.
• Efficiently Managed Active Directory implementations across multiple domains.
• Worked on administering of User accounts, Group memberships, and Organizational Units using Active Directory.
• Coordinating efforts with vendors for upgrades and system maintenance.
• Managed failed accounts synchronization and password rotations.
• Confirming that all projects and infrastructure are properly documented.
• Cyber Ark integration with SIEM tool Arcsight.
• Managed sessions in Privileged session management (PSM).
• Generated reports of the account and devices inventories in the Cyber Ark.
• Perform system, security, and application log and reports reviews following established procedures.
• Good understanding of policies in Cyber Ark Central Policy Manager (CPM) and (PSM) on boarding windows and Linux accounts.
• Fallback from DR vault server to production in case of production vault server failure.
• Performed real-time proactive security monitoring and reporting on various security enforcement systems, such as NITRO (SIEM), Anti-virus, Internet content filtering/reporting, malcode prevention, Firewalls, IDS & IPS, Web security, Anti-spam, etc.
• Analyzed output from network vulnerability assessments and recommend mitigation strategies. Reviewed and provided feedback on security plans and procedures regarding all aspects of LAN, WAN or MANs as applicable. Worked with Cyber Ark utilities, PAR explicate, PACLI and PAR client.
• Performed SiteMinder Policy Server and Web Agent installation, and upgrades including Quarterly Maintenance Releases, Service Packs and Solution Modules for SiteMinder.
• Installed, Configured and administered Sun One Directory Server, Novell eDirectory. Designed and implemented SSO and authentication using SiteMinder.
• Integrated new applications with SiteMinder, including IPlanet Web Server, IIS, and IPlanet Directory Server, across multiple environments including Windows, Solaris, NT, and Linux.
• Implemented password policies for all the applications using SiteMinder.
• Responsibility includes maintenance of the system by installing and upgrading the application packages for Siteminder Policy server, Web servers and LDAP.
• Involved in performance tuning activities for SiteMinder and Sun One LDAP Directory Server.
• Installed and configured Apache, Microsoft IIS and Sun iPlanet web servers, Weblogic application servers, with Netegrity Siteminder authentication, and Sun One LDAP Directory Server.
• Installed and configured various web agents in accordance with the web servers involved.

Environment IBM Security Identity Manager 6, JAVA, Tivoli Directory Integrator 7.1, Service Now, Websphere Application Server 8, Linux, AD, DB2

Confidential

TIM/TAM Administration /Siteminder Administration

Responsibilities:

• Installed the TIM suite of products to include configuration as specified by the system level requirements, TDS, TDI and TIM.
• Applied fixes to TIM components.
• Installed and configured TIM adapters.
• Configured the TDI Server as a TAM Server.
• Created services and password policies, and imported service profiles into TIM.
• Created organizational roles and assigned users to roles based on their responsibilities. Created provisioning policies for each role.
• Deployed and configured Java Runtime Environment, GSKit, TDS client, Policy Server, Authorization Server, and TAM WebSEAL.
• Created and configured WebSEAL instances.
• Integrated WebSphere Application Server and WebSEAL using TAI++.
• Created TAM users and groups and assigned users to groups.
• Secured WebSphere applications using TAM.
• Attached policy templates to objects in the object space to provide protection of the resources.
• Configured failover cookies to prevent forced re - authentication.
• Configured WebSEAL to handle the processing of absolute URLs embedded in scripts, and server-relative URLs.
• SiteMinder administration for agents, user directories, agent configuration objects, logs and cache management
• Configured the Policy Domains, User directories, Rules, Realms and Policies for protected web resources.
• Configured SiteMinder load balancing and failover to meet high availability and performance.
• Backed up the user-store, key store, policy store for upgrading.
• Involved in the upgradation of SiteMinder Policy Servers from version 5.5 to version 6.0 and SiteMinder Web Agents from version 5.5 to version 6.x
• Implemented SSO solution in multiple OS environments using Cookie Provider.
• Installed patches on policy servers
• Installed and configured the LDAP Sun ONE Directory Server 5.2
• Configured the multi master replication in Sun ONE Directory server 5.2
• Integrated WebLogic and JBoss with Proxy servers (Sun One, Apache) and Authentication servers (SiteMinder)
• Supported production Servers for various issues.
• Created groups and add users for the new Applications
• Fine tuning of Web agents and policy servers for optimized performance
• Supported Replication and Replication Agreement
• Experience with Change management procedures
• Was part of the 24/7 On-call team for troubleshooting outages/ issues.

Environemnt:IBM Security Access Manager 7, SAML 2.0, JAVA, J2EE, HTML, Service Now, Websphere Application Server 8, DB2, Java SE, JSP, Tomcat 8, PowerShell Script XML, HTML, CSS, SailPoint Identity IQ 6.4, 7, Ansible, Git, Jenkins, CA SiteMinder (6.x), Web agents 5.x, 6.x, Sun ONE Directory Server (5.1, 5.2), Solaris(8x,9x), Microsoft Windows 2000/2003 Servers, IIS(5.x,6.x), RSA Authentication Manager 7.1, iPlanet, Apache (2.1x, 2.2), Http Web Server