SUMMARY

• Over 7+ years of experience in IT infrastructure support & administration of Identity & Access Management systems.
• Excellent knowledge about the functionality of the Siteminder components and Identity manager components.
• Expertise in Installation, configuration, deployment and maintenance of the Siteminder components the Policy Server, Web Agent, Policy Store and Key Store certificate store.
• Involved in Siteminder policy server upgrades from Siteminder 12.52 to latest version.
• Involved in Web Agent u pgrades from 5.x to 6.x and 6.x to R12.52.
• Experience as a configuration administrator to protect web applications using CA Single Sign On.
• Managed and Maintained Active Directory across 20 different domains.
• Created, Modified, and deleted User Accounts, Security Groups, and Distribution Lists in Active Directory.
• Expertise in implementing Federation SAML services to SSO into third party vendors.
• Improving technical efficiencies in Identity & Access Management and Single - Sign-On space, involved in designing and implementation of end-to-end security solutions
• Operating in Installation, configuration, deployment and maintenance of the CA Siteminder components the Policy Server, Web Agent, Policy Store and CA Access Gateways.
• Upgrading CA Advanced Authentication from 8.2 to 9.0 to improve functionality of multifactor authentication and ReCaptha.
• Installation and Configuration of OKTA LDAP Agent for delegated authentication with okta.
• Configuring OKTA Directory settings in OKTA - Directory Mappings, user search, attributes, groups/roles and username format.
• Migrate Users from LDAP and Active Directory to OKTA Universal Directory.
• Work on CA SSO and OKTA co-existence setup.
• Create custom login, logoff and error pages and integrate with okta applications.
• Customize/brand okta to use company specific branding and domains.
• Work on Identifying Security Policies and configure MFA for required applications.
• Configure Multi Factor Authentication for applications that require elevated permissions.
• Install and configure Radius Agents for VPN access.
• Knowledge on Different Identity and Access Management tools like Alert Enterprise IDAM, Tivoli IDM, Siteminder, Ping.
• Diagnosed and resolved issues relating to Active Directory Replication.
• Tested and Installed applications as well security updates to Servers.
• Closed on a weekly basis an average of 20 tickets relating to Active Directory and other servers.
• Hands-on experience with Configuration aspects of protecting Web Application using Siteminder - Agent, ACO, HCO, Domains, Realms, Rules, Response and Policies.
• Working knowledge in exporting configurations from development to higher environments (xpsexport and xpsimport).
• Experience in installing CA IDM, creating environment and directory mappings.
• Working-on various aspects of SSO including Configuration & Integration; Single Domain and multi-domain environments.
• Experience in designing, development, deployment, and implementing Security and Infrastructure solutions using Netegrity Siteminder.
• Experience in implementation of Security Management tools in enterprise wide Applications to achieve Authentication, Authorization and Accountability.
• Experience in analyzing the logs and Trouble Shooting issues in Integration of other applications using CA Siteminder (Access Management).
• Experience in setting up SSO environment and Integrated SSO products as Netegrity Siteminder and Sun one LDAP with exiting enterprise application and middleware applications.
• Experience in the development of CA Siteminder Single sign-on Services with Siteminder configurations (setting up policies, realms, rules and responses based on requirement).
• Experience with using IDP initiated and SP initiated SAML profiles with different binding methods like POST, Artifact, and Redirect to deliver a custom SSO environment.
• Installation of Siteminder Policy Server Optional Pack and Web Agent Optional Pack for Federation.
• Configured CA Siteminder System objects like Agents, Agent Conf Objects, Host Conf Objects, User Directories, Domains, Administrators and Schemas.
• Configured User Authentication Stores, Policy Stores and Key Stores on LDAP and maintained replicated environment for load balancing and failover.
• Used Siteminder tools like smobjexport and smobjimport to export and import Policy Stores respectively, smreg to change the Siteminder super user password.
• Installed and configured multiple TAI agents on servers to implement SSO.
• Automated identity management tasks such as user provisioning, role based access control, delegated administration, attribute based auditing and reporting using CA Identity Manager.
• Experience in Java, JSP, HTML, Shell scripting, Perl scripting, ODBC, SQL Server Oracle.
• Experience in using Unix/Linux utilities for analyzing logs, and trouble-shooting the applications with Application servers and Security/Identity management servers.
• Excellent trouble shooting skills verifying web agent and Siteminder logs and monitoring the health of the environment using One View Monitor.
• Experience in designing, implementing and deploying LDAP architecture which includes replication and data synchronization.
• Experience in creating manual entries of directory server using command line, GUI and LDIF files.
• Experience in administration of LDAP Servers including version 5.x, 6.x and 11.x.
• Experience in User Directory Administration and System Administration.
• Proficiency in Java/J2EE, WebLogic, Web services, Solaris 10 and Windows system administration.
• Expertise in configuring and troubleshooting Webservers like Apache, IIS, IHS (IBM HTTP Server).
• Experience with using Integration Kits and Token Translators for integrating identity enabled web services into SSO environment.
• Very good Knowledge with web applications and their frameworks .
• Skilled in implementing high availability and fault tolerant strategies, implemented replication strategies for HA and failover using MMR, write failover and load balancing.
• Providing 24/7 support as per the company requirements.
• Excellent verbal and written communication skills.

PROFESSIONAL EXPERIENCE

Confidential, Phoenix AZ

SSO and IAM Consultant

Responsibilities:

• Improving technical efficiencies in Identity & Access Management and Single-Sign-On space, involved in designing and implementation of end-to-end security solutions.
• Installation and Configuration of OKTA LDAP Agent for delegated authentication with okta.
• Configuring OKTA Directory settings in OKTA - Directory Mappings, user search, attributes, groups/roles and username format.
• Migrate Users from LDAP and Active Directory to OKTA Universal Directory.
• Work on CA SSO and OKTA co-existence setup.
• Create custom login, logoff and error pages and integrate with okta applications.
• Customize/brand okta to use company specific branding and domains.
• Work on Identifying Security Policies and configure MFA for required applications.
• Configure Multi Factor Authentication for applications that require elevated permissions.
• Install and configure Radius Agents for VPN access.
• Upgrading CA SSO Policy Server from version 12.52 to latest version.
• Installing CA Directory 14.0 and Configuring CA directory as Policy store.
• Installing and upgrading weagents to latest version and Installing CA Access Gateway 12.7 and configured for Federation services.
• Engaged with upgrading Identity Minder 12.6 to Identity Suite 14.0 Virtual Appliance and Integrating with CA Siteminder to Maintain Identity and profile to the users.
• Upgrading CA Advanced Authentication from 8.2 to 9.0 to improve functionality of multifactor authentication and ReCaptha.
• Creating Risk Evaluation Rule sets for Risk Authentication.
• Work with application teams, operation teams, and QA teams on applications on-boarding process
• Work with third parties to set up federations to their web sites so that users can login seamlessly.
• Act as a subject matter expert on SSO features.
• Address all and any security concerns raise by Cyber Security Team related to CA SiteMinder.
• Assist support team if production issues escalated.
• To be on call 24/7 for CASSO related production issues.
• Configured Siteminder 12.52 web agents for Apache web server 2.0, IIS 6.0 and Sun One iPlanet Web Server 5.2.
• Responsible for Integrating Identity and Access management services using Oracle Identity Manager OIM, Oracle Access Manager OAM, Sun Directory Server, Open LDAP.
• Responsible for Preparation, design and review IAM solutions architecture road map.
• Monitoring the servers and logs and follow the defined process in case outage.
• Responsible for resolving Issues by interacting with applications team and other network teams when access management assistance required.
• Responsible for documenting the best practices as per client requirements.
• Responsible for taking back up of whole policy store before major updates or configuration change to policy server.

Environment: RHEL 7, Windows, CA Siteminder Policy Server 12.x, CA Directory 14.0, CA Access Gateway 12.7, CA WebAgents 12.52. Menlo security, OKTA. CA Identity Minder 12.6 and 14.0, CA Advanced Authentication 9.0, Oracle 18c, IIS7.0, Apache HTTP server.

Confidential, Maryland

Siteminder Consultant

Responsibilities:

• Designed and implemented user authentication, web security and security solutions.
• Configured Siteminder 6.0 web agents for Apache web server 2.0, IIS 6.0 and Sun One iPlanet Web Server 5.2.
• Created policies, realms, rules, responses to protect Siteminder resources.
• Configured SAML affiliate agents on the web servers designated for affiliate customers.
• Installed and Configured Web agent on IIS 6.0, Apache 2.0 to implement SSO.
• Created strategies for backup and recovery of Siteminder environment.
• Performance tuning for Siteminder to provide better response time, low latency, high availability and maximum throughput.
• Responsible for Integrating Identity and Access management services using Oracle Identity Manager OIM, Oracle Access Manager OAM, Sun Directory Server, Open LDAP.
• Worked on VDS integration with Pingfederate and Siteminder.
• Implemented SSO between PingFederate and Siteminder protected applications using WAM adapter in PingFederate for Seamless user experience with Siteminder protected applications.
• Experienced in implementing SSO between PingFederate and Siteminder applications using WAM adapter in PingFederate for Seamless user experience with Siteminder protected applications.
• Work on User Provisioning, Self-Registration and Delegated User Administration.
• Worked on user management like account changes, password management and delete or freeze accounts.
• Provide support on rotation basis and troubleshoot Siteminder supported applications and User issues
• Responsible for Preparation, design and review IAM solutions architecture road map.
• Setup reconciliation of users with HRMS systems which was used as source of truth for IM solutions.
• Monitor user activity through one view monitor, error, and other exception reports to ensure security is being maintained.
• Provided level2 support for LDAP, Siteminder code issues.
• Maintain working relationship with application owners and subject matter experts to determine current and future needs.
• Work on the IR requests and design the policies as per the requirement.
• End to end production support, provided 24/7 support for our internet and intranet applications.
• Monitoring the servers and logs and follow the defined process in case outage.
• Responsible for resolving Issues by interacting with applications team and other network teams when access management assistance required.
• Responsible for documenting the best practices as per client requirements.
• Responsible for taking back up of whole policy store before major updates or configuration change to policy server.

Environment: Sun Solaris, Windows, CA Siteminder Policy Server 12.x, Sun One Directory Server 5.2, IIS7.0, Apache HTTP server.

Confidential

IAM/Siteminder consultant

Responsibilities:

• Worked on installing, configuring and administering CA Siteminder r12.5 and Sun One LDAP 6.3 on Wintel, Solaris, AIX, and LINUX Platforms.
• Migration of Siteminder6.0 to 12.0 for advanced Load balancing, failover configurations and for facilitation of user impersonation.
• Provide support for Oracle LDAP (Multi-master, supplier-consumer) in Solaris environment.
• Installed, configured proxy servers with LDAP as the primary backend and provide transparent seamless authentication to users.
• Configured Open LDAP with UNIX pam, and enabled users to authenticate against LDAP.
• Used Siteminder tools like smobjexport, smobjimport to export and import Policy Stores respectively, smreg to change the Siteminder super user password.
• Creating OpenSSL Certificates and using the same for Federation of external Services to achieve the purpose of maintaining confidentiality, message integrity and bilateral Authentication.
• Troubleshooting Siteminder environment using Siteminder policy server log files and agent log files.
• Automated Identity Management tasks such as user provisioning and application access based on each user's relationship with role within our organization using CA Identity manager.
• Integrated IDM into Active Directory, Multiple Exchange servers, eTrust Directory, and bulk loaded all users from a flat-file dump from their Auth Source.
• Deployment of SSO/SAML/OAUTH/WS-Federate solutions for clients with large customer bases.
• Responsible for working with the Siteminder team to configure ACO and Policy Server settings.
• Involved in ADFS work in providing desktop Single Sign On.
• Worked on Secure Proxy Server to intercept the request and redirect to policy server.
• Clustered Policy Servers for failover and high availability.
• Implementing SSO (Single Sign-On) among the applications configured with Access Manager.
• Performed user provisioning in Identity Provider(IdP) site Service Provider (SP) site using SAML for SSO.
• Experienced in using Networking Protocols for client server applications like TCP/IP socket programming.
• Configured and setup Secure Sockets Layers (SSL) for data encryption and client authentication.
• Enabled Single Sign-On across Web servers in a single cookie domain or across multiple cookie domains without requiring users to re-authenticate.

Environment: CA Siteminder Policy Server v6.0, Web Agent 5QMR7, 6. Sun Identity Minder 5.1, 5.2, Sun one Directory Server (LDAP), Sun ONE Web Server 6, Apache Web Server 2, BEA Web logic 8.1 SP2, Web Sphere 6, Oracle RDMS, Korn shell scripting, Perl, XML, UNIX, Windows Active Directory.

Confidential

Siteminder Consultant

Responsibilities:

• Enabled Single Sign-On across Web servers in a single cookie domain or across multiple cookie domains without requiring users to re-authenticate.
• Installed, Configured and Maintained Siteminder, Policy Servers, Sun One Directory Server and configured multi master replication in Directory server.
• Created Data sources, Queue and Topic connection factories, Virtual hosts etc.
• Involved in Configuring and updating IBM Http Server Plug-in to work with WebSphere Application servers on routine basis.
• Wrote wsadmin scripts to automate application deployments, to update configuration changes.
• Configured WebSphere resources like JDBC providers, JDBC data sources, connection pooling and Java Mail sessions.
• Created and updated the provisioning policies as per the change in the business environment using Policy Xpress.
• Configured Open LDAP with UNIX Pam, and enabled users to authenticate against LDAP.
• Used Siteminder tools like smobjexport, smobjimport to export and import Policy Stores respectively, smreg to change the Siteminder super user password.
• Creating OpenSSL Certificates and using the same for Federation of external Services to achieve the purpose of maintaining confidentiality, message integrity and bilateral Authentication.
• Troubleshooting Siteminder environment using Siteminder policy server log files and agent log files.
• Automated Identity Management tasks such as user provisioning and application access based on each user's relationship with role within our organization using CA Identity manager.
• Integrated IDM into Active Directory, Multiple Exchange servers, eTrust Directory, and bulk loaded all users from a flat-file dump from their Auth Source.
• Deployment of SSO/SAML/OAUTH/WS-Federate solutions for clients with large customer bases.
• Responsible for working with the Siteminder team to configure ACO and Policy Server settings.
• Experience in LDAP based directories like iPlanet/SunOne Directory Server, Active Directory and ActiveDirectory Application Mode (ADAM).
• Worked on Logical Domains (LDOMs) which provides virtualization capabilities.
• Monitored Applications and WAS performance through Tivoli Performance Viewer and tuned the system caching, queuing, JVM parameters, DB Connection Pooling.

Environment: CA Siteminder Policy Server v6.0, Web Agent 5QMR7, 6. Sun Identity Minder 5.1, 5.2, Sun one Directory Server (LDAP), Sun ONE Web Server 6, Apache Web Server 2, BEA Web logic 8.1 SP2, Web Sphere 6, Oracle RDMS, Korn shell scripting, Perl, XML, UNIX, Windows Active Directory.