SUMMARY:

• Around 8+ years of experience in Information Technology, which includes demonstrated work experience in design, development, testing and implementation of enterprise wide security applications using CA SiteMinder, Pingfederate, PingAccess, LDAP Directory, CA Directory, Active Directory and other Sun/Netscape/iPlanet/IBM products on Windows, Unix, and Linux.
• Experienced on Cloud based Identity and Access Management Solutions like OKTA and PingOne.
• Experienced in installing Pingfederate and PingAccess on both Linux (RHEL) and Windows Platform.
• Experienced in upgrading of PingFederate from 7.3 - 9.1; PingAccess from 4.0-5.1
• Experienced in creating Polices using selectors in PingFedarate to accomplish various business requirements.
• Experienced in configuring PingID for MFA for sensitive applications
• Experienced in configuring application in PingOne and creating policies on PingOne docker for applications
• Experienced in protecting application using PingAccess; RateLimiting; Step-up legacy applications from HTTP to HTTPS; creating reverse proxy for applications.
• Experienced in SAML based authentication 1.1 and 2.0 using Pingfederate, SiteMinder Federation
• Experienced in writing OGNL expression to meet the vendor requirement for SAML Assertion and experienced in restricting the access for certain users by writing OGNL expression in the Issuance criteria
• Worked on OAUTH grant types to get the access token to access the protected API. Supported development with integration of Mobile Apps using OAuth/SAML in Pingfederate
• Integrated PingAccess with Pingf ederate System to get authenticated by Pingfederate and Authorized by PingAccess Servers using the Access Control Lists
• Experienced on application configuration with PingAccess and defining PingAccess Sites, Site Authenticators, Virtual hosts, Policies and Rules.
• Experienced in performance testing the Ping Engine servers depending on the min and max threads, depending on that we used to scale the number of engine servers per cluster.
• Experienced in installing, configuring SiteMinder policy servers, Web agents, Web Agent Option Packs, Secure Proxy servers and various Web & Application servers on Multiple platforms like Windows, UNIX (Solaris), RHEL.
• Experienced in debugging of authentication/authorization related issues and creating Rules, Responses, Realms, and Policies in SiteMinder.
• Configured CA SiteMinder System objects like Agents, Agent Conf Objects, Host Conf Objects, User Directories, Domains, Administrators and Schemas.
• Integrated RSA as MFA in the Siteminder for high critical applications.
• Experienced in integrating various applications with Okta to provide SSO as well as user provisioning, deprovisioning and reconciliation.
• Good understanding of Web Technologies like HTTP Protocol, fiddler, SAML Trace, HTML, Web-Form encoding.
• Installed and configured web agents on IIS, Apache, Sun Java System/iPlanet web servers on Multiple Platforms.
• Experienced in wor
• Provided L-1 support to resolve the tickets raised by Application teams or clients on CA Siteminder, Pingfederate, PingAccess and Okta.
• Excellent communication skills and good Interpersonal skills helped me to keep productive and positive working relationships with staff from varying technical backgrounds and skill levels.

TECHNICAL SKILLS:

O/S: Windows 2012 R2, 2008/2003/2000/ XP, Windows 98, UNIX, Sun Solaris, Linux, DOS, IBM-AIX,HP-UX.

Languages: C/C++, Java, shell, perl.

SSO: SiteMinder Policy Server R12.7, R12.6/R12.5/R12/ 6.x/5.x/4.x, Web Agents, Secure Proxy Server 12.52, 12.6, Pingfederate 6.x, 7.x, 8.x, Ping Access 4.x, 5.x, Okta, AD agent for Okta

IDM: Okta

Directory: CA Directory 12.0.18, 12.6, Odsee 10g, 11g, MS Active Directory, IBM-Tivoli Directory Server, IPlanets, Netscape Directory server 4.x, 5.x.

Servers: IIS, SunOne Web Server, Apache, Tomcat,SunOne App Server, WebSphere,Weblogic,IBM Http Server,JBoss.

Databases /RDBMS: MS SQL Server 2000/2005/2008/2012 R2, PL/SQL, SQL, Oracle 8i/9i/10g.

PROFESSIONAL EXPERIENCE:

Confidential, Atlanta, GA

Sr. IAM SSO Engineer

Responsibilities:

• Working on federation single sign on between third party vendors making both inbound and outbound calls security exchanging the attributes in SAML both as identity and service provider.
• Worked on PingOne where all the applications are placed in the docker, authentication call will be redirected to Federate server and depending upon the applications policies will be triggered
• Worked on PingID (MFA) for the sensitive applications and people who are accessing any application from outside the network
• Worked on protecting PingFederate with PingAccess; enabled sticky sessions on the PingAccess so that transaction will be served to the same Federate server
• Worked on writing different OGNL expressions to meet the SAML assertion requirement for the vendor’s and also restricted the user groups by writing OGNL in the issuance criteria
• Worked on creating reverse Proxy for the applications; rewriting the headers, rate limiting, steup from HTTP to HTTPS.
• Worked on application configuration with PingAccess and defining PingAccess Sites, Virtual hosts, Policies and Rules.
• Deployed several Pingfederate integration kits for Apache, Coreblox, Atlassian, Java, PHP, Symantec VIP, Agentless, IWA etc., to establish the "first- and last-mile" implementation of a federated-identity.
• Implemented OAUTH using different Grant Types to get the Access token and access the protected Restful API's.
• Worked on ROPC Grant Type to fetch the Access Token for Native Mobile Applications to call the third-party API's.
• Worked on ID Token to get the user information using user info endpoint and send as part of scope along with Access Token.
• Develop core features for global wealth management group including Membership provider, Role provider, Templated user controls, Security Token, Federation, Config encryption/decryption, FA Simulation/Impersonation, Control Test, Provider Test, and Federation Test applications for Online Banking.
• Migrated SAML Based SSO partners from Ping Federate 7.x to Ping Federate 8.x. and 8.x to 9.1.4.
• Worked on Apache web server to make the application URL work with both http and https and protected both secure and non-secure URL’s using PingAccess.
• Experienced with multiple Ping Federate adapters like HTTP Adapter, Open Token adapter and Composite adapters.
• Worked on Token Generator and Token Processor to establish a connection between two web services from different Enterprises and PingAccess and JWT tokens to authenticate the user using Pingfederate.
• Creating and managing application integrations for identify and access management. Having Experience of Creating conditional Access policies Multifactor authentication (MFA) , Resetting MFA and Resolving the MFA issues.
• Familiarity in the following areas: Single sign-on, enterprise directory architecture and design, directory schema, namespace, replication topology, resource provisioning, role-based access Control, user lifecycle
• Successfully established and tested Azure AD Tenant for production. Provided technical direction to allow Active Directory on-Prem group to populate users
• Worked on Ping Access Gateway to take the Application traffic directly using Virtual Hosts and redirecting back to the application with PingAccess Token.
• Worked on configuration of PingAccess as Proxy Gateway to protect the application without exposing the application URL to the end users.
• Participated actively in Change meetings to implement the changes in higher environments.
• Involved in daily Scrum meetings to discuss day to day updates on the project.
• Supported customers to troubleshoot the issues for L-1 Tickets.
• Developed custom Ping Agent using Ping SDK and Implemented SAML Protection with Digital Signature.

Environment: Ping Federate 7.1, Ping Federate 7.3, Ping Federate 8, Ping Federate 9.1, OAuth2.0.

Confidential, Orange County, CA

Sr. IAM SSO Engineer

Responsibilities:

• Worked exclusively with different teams and users to get them registered with OKTA.
• Worked on integrating Okta with commercial Billing applications.
• Worked on troubleshooting the issues encountered in Okta during the application integration with SAML, provisioning of users, importing of users etc.
• Worked with OKTA support by opening cases on several issues.
• Worked on provisioning users from OKTA to AD and also importing users from AD to OKTA.
• Worked on integrating various applications like Workday, ADP, ZScalar etc. with OKTA to provide them with SAML based Single Sign On.
• Involved in discussions with Okta-Workday project.
• Worked on providing the MFA for multiple applications, mostly Okta verify and RSA.
• Worked on providing the MFA for multiple applications, mostly Okta verify and RSA.
• Worked on integrating various Oauth and SAML based application such as RabbitMQ, Convene, JupyterHub, Horizon, Microfocus etc.
• Installed and configured AD agent on a new Datacenter to support more applications.

Environment: Windows 2016, Okta.

Confidential, Charlotte, NC

Sr. SSO Engineer

Responsibilities:

• Created SP/IDP connections using Ping Federate with external partners via metadata.xml, URL’s files and Manual connections.
• Experience in Installation and implementation Ping Access and integrated with PingFederate
• Experience working with Multiple IDP’s available in market and SSO configuration to application.
• Experience in working in parallel environments- Test, config and Production servers for Ping Federate along with the cluster management and timely Replications to deploy changes to servers.
• Experience in working with Microsoft, Azure, Okta to build custom integration for clients.
• Experience in installation and configuring DUO security for multi-factor authentication, integrated with Ping using DUO integration kit
• Experience in handling both onshore and offshore team.
• Created adapters, authentication selectors, policies and policy contracts to protect the applications and configure them to work under the SSO environment using Ping Federate.
• Worked on Open Token Adapter to establish SSO between two native applications.
• Performed POC for Ping Access Authentication Solutions.
• Worked on Ping Access POC to migrate applications from Siteminder to Ping Access.
• Worked on the architecture of Ping federate and PingAccess to check if we could replace CA siteminder with Ping Identity (Ping Access and Ping federate).
• Worked on integrating applications using both the available templates as well as Protocol template.
• Worked on installation and configuration of PingAccess Policy Servers and PingAccess Agents.
• Integrated PingAccess with Pingfederate System to authenticate the user using Pingfederate and authorize by using PingAccess Servers.
• Integrate the custom developed independent application with PingAccess to track the owner of the application which is being protected by PingAccess and Pingfederate.
• Involved in failover testing and disaster recovery process and also prepared and maintained the documentation for the same.

Environment: Windows 2012 R2, RHEL 7.x, Pingfederate 6.x, 7.x, Ping Access 2.1, Okta AD agent

Confidential

SiteMinder Admin

Responsibilities:

• Integrated many applications in Policy server by creating new policies.
• Installed and configured various web agents in accordance with the web servers involved both on Windows and Unix.
• Configured few applications with Custom responses and with custom authentication schema.
• Implemented password policies for all the applications using SiteMinder.
• Created policies, realms, rules, and responses to protect the applications and configure them to work under the SSO environment.
• Configured load balancing and failover mechanisms for various SiteMinder components in different environments.
• Upgraded SiteMinder Policy server from version 6.0 sp1 to 6.0 sp5.
• Worked on almost 60 policy servers in production environment.
• Configured multi-master replication setup in the production environment across multiple data centers.
• Configuring User Authentication Stores and Policy Authorization Stores on LDAP.
• Installed and Configured MDHA Authentication Servers.
• Installed and configured Webagents on IIS Web Server, IHS Web Server.
• Worked on fetching the ldap attributes from multiple data sources.
• Worked on WS-Trust Federation which is used to provide SSO between web services using STR.
• Experienced in Token Generator and Token validator as part of STR and RSTR.
• Involved in Signing the SAML using digital certificates
• Worked on SAML Encryption and Decryption for certain financial clients.
• Involved in Upgrading the SiteMinder Policy Server version from 6.0sp5 to R12.
• Worked on latest version Webagents 12.0sp3 cr08 on multiple platforms.
• Integrating Custom applications with SiteMinder by designing required Architecture.
• Installed Report server and Report database for auditing.
• Worked on Identity Provider and Service Provider agreements, Installed and deployed Ping Federation and involved in making secure connection and sending SAML attributes both inbound and outbound calls.
• Installed and configured Oracle WebSphere and Worked on bridge between SiteMinder Policy Server and WebSphere.
• Provided 24/7 on call support for solving Tickets on a rotating basis with other team members.
• Worked on many Production Issues with High Priority.

Environment: SiteMinder 6.0sp5, r12 sp3, Web agents 6QMR4,6QMR5 Active Directory Server, Sun Solaris 2.8, Windows 2003/2008, Sun Java System Web Server 6.0, 7.0/Oracle iPlanet Web Server and IBM HTTP Web Server, IIS 5.0 and 6.0 and 7.0.