PROFESSIONAL SUMMARY:

• Experience in development, design, and implementing security using PingFederate, WSO2, and Sun ONE Directory Server (LDAP).
• Continuously improving and automating in IAM technologies that consist of PingFederate, PingAcess, PingID, SiteMinder and LDAP directories.
• Experience in installation, upgrade and configuration of PingFederate 7.x/8.x/9.x.
• Experience in installing PingOne 1.x, WSO2.
• Configured SSO on Web/Application Servers to use the Sun One Directory Server for user authentication.
• Hands on experience on PingFederate 7.x, 8.x, 9.x and PingOne 1.x.
• Perform installation, configuration and maintenance of Access Manager and policy agents.
• Worked on PingFederate in conjunction with CA directory, SiteMinder adapters to implement various flows of authentication to provide single sign on (SSO) solutions to various clients in different scenarios.
• Expert in generating, implementing SSL certificates in both IIS 5/6/7, Apache 2.x.
• Developed custom PingFederate adapters and PingFederate custom data source drivers using PingFederate Java SDK (IdpAuthenticationAdapterV2 / Custom Data Source Driver / Password Credential Validator)
• Hands on experience on IIS, Apache Web Servers in Staging and Live environments.
• Experience in analyzing, debugging authentication/authorization related issues in PingFederate servers.
• Worked on PingID for Multi - Factor authentication in Dev and Production environments.
• Worked on JSON web token to send client to Windows and Apache servers for authentication purpose.
• High level of understanding on Federation services.
• Previous experience with modern authentication protocols including SAML, OpenID Connect (OIDC), and OAuth
• Experience in installation of PingFederate, and troubleshooting in Windows IIS, Apache Tomcat, and Red hat Linux webservers.
• Ability to generate SSL certificates using OpenSSL for SSO services in both ITG and Production environments.
• Experience in PingFederate using SAML and integrate SiteMinder Federation using coreblox adapter.
• Good experience on Microsoft Office tools like Word, Excel and Outlook.
• Proficiency in JAVA/J2EE, WebLogic Application Servers, and Windows system administration.
• Experience is authenticating applications seamlessly using Kerberos Token Processesor.
• Developed standard operating procedures and technical documentation of PingFederate components for user training and support.
• Experience working with LDAP to generate Idp and SP initiated SSO request using POST, and Redirect Protocols.
• Troubleshooted multiple PingFederate Open token/agentless/SAML applications in Live environment to retrieve authentication access.
• Developed composite adapter for Multifactor Authentication using PingFederate.

TECHNICAL SKILLS:

Identity Access Management (IAM): PingFederate 6.x/7.x/8.x/9.x, PingOne 1.x, SiteMinder, ADFS and PingID.

Data Stores: Sun One LDAP, Active Directory, Policy Servers and Oracle Directory Server

Web Servers: Microsoft IIS 6.0/7.0, Apache 2.x, Tomcat, JBoss

Operating Systems: Windows 2008/2012/2016 , RHEL 6.x, Windows 7/8/8.1/10, Mac OS, Linux.

Applications: MS Office suite, Eclipse, PuttY, MremoteNG, SoapUI, Apache Directory Studio

PROFESSIONAL EXPERIENCE:

Confidential, CA

Ping Engineer

Responsibilities:

• Assigned as SiteMinder Engineer for upgradation, configuration, and deployments of CA SiteMinder policy server and support SiteMinder infrastructure.
• Design, develop, deploy, maintain and administer Enterprise wide application security using CA's Siteminder, Oracle Access Manager, Oracle Identity Manager, and Ping Identity.
• Develop, Administer, Maintain and troubleshoot Siteminder Policy Server, Siteminder web agents, Oracle Access Manager, Websphere Application server, Ping Federate, Apache, IIS and IBM HTTP Webserver, SunOne Ldap and Active directory.
• Design and implement Single-SingOn between Siteminder and OAM integrated applications using Federation.
• Developed and Implemented Oauth 2.0 with different Grant Types on Ping Federate acting as Authorization Server to support Web service based SSO and Mobile based apps.
• Architect and built the Federation infrastructure and setup SSO for more than 100 Partners using SAML versions 1.0, 1.1, 2.0, WS-Federation, WS-Trust.
• Federated with SFDC (Salesforce) using Delegated Authentication SSO.
• Have done SSO for Webservice based environments and applications using WS-Trust technology.
• Have done SaaS provisioning to Salesforce CRM.
• Installed and configured SAML Affiliate agent for more than 50 partners and integrated with Confidential 's Siteminder Federation service acting as Identity Provider.
• Maintain, Administer and troubleshoot the Enterprise Infrastructure for different lifecycles like Test, Development, Stage and Production.
• Integrated Siebel/OBIEE servers, IBM Websphere with Siteminder ASA.
• Involved in migrating the Enterprise wide Applications from Siteminder to Oracle Access manager.
• Configured policies, realms, rules, responses for more than 1000 applications and configuring them to work under SSO environment.
• Fine tuned Netegrity SSO products to meet the business and user requirements while maintaining uniform security.
• Worked on installing, configuring and administering CA SiteMinder R12, R12.52 and Sun One LDAP 11 (ODSEE) on Windows, and Linux Platforms
• Upgrading SiteMinder 12.0.X to 12.52.X, 12.7 for advanced Load balancing, failover configurations and for facilitation of user impersonation.
• Assigned as SiteMinder Engineer for upgradation, configuration, and deployments of CA SiteMinder policy server and support SiteMinder infrastructure.
• Installed SiteMinder R12.7 in Linux server.
• Working on R12.7 POC to enable JWT tokens. experience with modern authentication protocols including SAML, OpenID Connect (OIDC), and OAuth
• Experience in installing, configuring SiteMinder policy server, Web agents, Netegrity Transaction Minder, Active Directory server (LDAP),Sun One Directory Server and various Web & Application servers.
• Installed, configured SiteMinder policy server Web agents, Active Directory server (LDAP), ASA agents, Domino Agents and various Web & Application servers.
• Designed CA SiteMinder R12 Enterprise infrastructure to provide high availability by configuring Clusters across two different data centers.
• Installed and configured various web agents on Apache, IIS 7, IIS 8, Sun one.
• Configured SiteMinder and Pingfederate Environment for SAML Federated Authentication for users coming from partner sites by configuring ID Provider/Consumer using SAML 2.0 POST binding.
• Install and configure Pingfederate and demonstrated POC for Federation SSO with external users and partners.
• Worked in Pingfederate Upgrade from 7.0 to 8.3.
• Experience with application configuration with Ping Access and defining Ping Access Sites, Site Authenticators and Rules.
• Workforce and Client identity management system (Ping Federate and PingAccess).
• Created policies, realms, rules, and responses to protect the applications and configure them to work under the CA SSO and Ping Access environment.
• Involved in troubleshooting and resolving the issues and implemented changes to enhance the performance.
• Assisted developers with integration of Mobile Apps using OAuth/SAML in Pingfederate.
• Applied patches to SiteMinder infrastructure to meet business needs.
• Installed and configured one view monitor and created other exception reports to ensure security is being maintained.
• Created, Configured and Administered Profiles, Clusters, Nodes and Node Groups for WebSphere Application Server.
• Performance tuning for SiteMinder to provide better response time, low latency, high availability and maximum throughput
• Coordinated with testing team to perform baseline, load and regression tests on applications.

Confidential, NJ

IAM Consultant

Responsibilities:

• Upgrade and built PingFederate on all the environments available.
• Engaged in the implementation of new Authentication methodologies like PingID.
• Gather the System configurations and Requirements for the SSO Requests by engaging in meetings with the Application team.
• Working Knowledge of Open ID connect.
• Creating a secure application environment often requires integration of existing user identity information that may be scattered across multiple locations and services. Oracle Virtual Directory, formerly known as OctetString Virtual Directory Engine, provides a single, dynamic access point to these data sources through LDAP or XML protocols.
• Experience in configuring PingOne to enable PingID.
• Experience Configuring and integrating applications with Single-SignOn (SSO) and SAML
• Implemented and configured both IDP & SP connections using PingFederate (SAML).
• Working experience with STS/WS-FED. Usage of Username token processor for authentication of email, mobile and other thin clients.
• Experience with modern authentication protocols including SAML, OpenID Connect (OIDC), and OAuth
• Exported metadata files from all the environments as per client requirements and implemented on Service provider end.
• Experience in both SAML based and Agent Based configurations in PingFedereate.
• Worked on language-based kits (Java, .Net, Raptor and PHP kits) and Server based Kits (Apache, IIS)
• Implemented and configured SSL, requested digital certificates, created self-signed certificates and imported/exported public/private keys.
• Responsible for creating firewall, DNS requests for Single-sign-on implementation
• Experience in setting up SSO Environment for PingFederate, and PingAccess. PF as Auth server and PA as Resource server protecting API
• Worked on implementing non-browser based SSO on VPN through Radius.
• Installed, configured SAFE-NET LUNA as a POC for PingFederate.
• Supported RSA integrations and configurations and daily operations like adding user disabling user token assignment.
• Worked on enabling SSO for ISE and Clear Pass.

Confidential, NJ

IAM Engineer

Responsibilities:

• Integrated SiteMinder with PingFederate using Coreblox token translator to bridge SSO gap between applications protected in both environments.
• Designed, Developed, and Supported highly available and scalable PingFederate infrastructure in on-premise that provide SSO, SAML, WS-Fed, and WS-Trust federation service for internal and external users.
• Migration and configuration of PingFederate from 7.x to 8.x and 8.x to 9.x on Linux servers.
• Worked extensively on creating custom password polices and authentication schema as per requirement.
• Installed PingFederate Opentoken, Agentless methods of federation from scratch in Apache 2.x, and IIS 6/7.
• Generated and updated Idp, Sp SAML signing certificates in both Identity provider and Service Provider.
• Continues high level support on developed SingleSignOn applications.
• Provide SSO and support for Partner Reverse Proxy environment to protect external facing applications.
• Worked on certificate based SSO application development.
• Worked on BPIA/PRACS issues with external partners.
• Expert in generating, implementing SSL certificates in both IIS 5/6/7, Apache 2.x.
• Developed custom PingFederate adapters and PingFederate custom data source drivers using PingFederate Java SDK (IdpAuthenticationAdapterV2 / CustomDataSourceDriver / PasswordCredentialValidator) Working on issuing BPIA/PRACS certificates to external partners whenever required.
• As a part of high level support, worked on escalated tickets on authentication and SSO.
• Documented applications and changes when a new application is integrated with PingFederate.
• Implemented Identity Manager Solutions for Services - Business Objects integration, initial steps for leveraging Identity Manager Solutions to external customers.
• Created forms to On-board companies, On-board external/tertiary users profile using PingFederate 7.3.x,8.x and 9.x.
• Worked on DEV, ITG, and PROD environments extensively to develop, and support Applications.
• Working with PingID setup using PingFederate for MFA (Multi-Factor Authentication)
• Testing on Modern Auth development.
• Working on Multi-Factor Authentication integrations and engaging in the usage of other protocols like OAuth.
• Providing PingFederate server logs to Microsoft for modern auth development.
• Provide Infrastructure and Security Suggestions to both 3rd party and Internally developed applications.
• Provided PingFederate installation and required documentation for HP on-premise/external applications, to vendors for internal purpose.

Confidential

Ping/Siteminder Engineer

Responsibilities:

• Configured SSO on Web/Application Servers to use the Sun One Directory Server for user authentication.
• Installed Pingfederate 6.x version on Windows servers.
• Configured admin, runtime and state servers for PingFederate environment.
• On boarded SAML applications to client as per requirement.
• Worked on Policy Server and Policy Store Upgrade from R6sp1 to R6sp5.
• To manage and configure SunOne directory servers, Sun Access Manager and agents on Solaris/Linux/Windows platforms
• To maintain, configure and install iPlanet/SunOne directory server on the Sun and Windows servers
• To Perform installation, configuration and maintenance of Access Manager and policy agents
• To provide timely resolution of all tickets (incidents, service calls, workorders) within specified SLA, assigned to the team and document repeating tickets as knowledgebase for the team
• To perform analysis on all tickets and identify areas of improvement to avoid reoccurrence and improve SLAs. Reviewed and revised existing OV SPIs monitors with new monitors to reflect actual problems and avoid unnecessary tickets with high severity levels possibly affecting SLAs
• Planned and deployed independently the migration of SunOne directory server from version 5.1 patch 2 to 5.2 patch 6 in B2B.
• Setup servers under F5 Big IP in load balancing and failover configuration (in B2A and B2B)
• Involved in planning and deploying an upgrade of SunOne directory server from version 5.1 to 5.2.4 in B2A environment
• Created and configured cron jobs to create ldif and binary backups, configuration backup and backup/logs rotation
• Setup script for directory server logs analyses (logconv.pl) to ensure proper use of directory server
• Monitor backup jobs of directory server and provide failover and load balancing support