SUMMARY

• Have an overall experience of 10+ years as an Identity and Access Management (IAM) Consultant and exclusively worked in Banking and Healthcare projects.
• Implementation of enterprise - wide security applications using PingFederate, Microsoft ADFS, Azure AD, CA SiteMinder, Okta, LDAP Directory, Active Directory on Windows, Unix, and Linux.
• Detailed subject matter expertise with Agentless, SAML 2.0, OAuth, OpenID Connect.
• Designed, deployed, and supported highly available and scalable IAM environments such as PingFederate and SiteMinder infrastructure in on-premises that provides single-sign-on and federation solutions for internal/external access.
• Experienced in migrating applications from Okta to PingFederate, and SiteMinder to PingFederate.
• Experienced in implementing SAML and OAuth based SSO using multiple authentication products like Ping federate, SiteMinder, Okta, ADFS and Azure.
• Experienced on Form based authentication, Multi-factor Authentication and X.509 certificate-based authentication.
• Expert in implementing, configuring and supporting business systems in multiple functional areas including business requirements elicitation & analysis, business process improvement, system integration and post go-live support.
• Creating and managing application integrations for identify and access management. Having Experience of Creating conditional Access policiesMultifactor authentication (MFA), Resetting MFA and Resolving the MFA issues.
• Experience in creating directory and proxy server configuration and administration.
• Experienced in creating Adapters, Selectors, Policy contracts in PingFederate.
• Hands on experience in IAM requirement analysis, implementation of Agentless, SAML, OAuth, and OpenIDbased integrations using various IAM solutions.
• Experienced in configuring Microsoft office365 with Ping Federate.
• Experienced in setting up SAML and OAuth/OIDC applications in Ping Federate.
• Provided L-3 support to resolve the tickets raised by Application teams or clients on various IAM solutions along with PingFederate, SiteMinder, AZURE AD, ADFS and Okta.
• Experienced in using multifactor authentication using Microsoft Authenticator, Duo, RSA.
• Worked on all the PingFederate OAUTH grant types to get the access token to access the protected API. Supported development with integration of Mobile Apps using OAuth/SAML in PingFederate.
• Experienced with Failover, Load Balancing, and other Administration tasks.
• Experienced in supporting vulnerability related and periodic patching of the servers.
• Experienced in using Postman client for OAuth troubleshooting purposes.
• Experienced in using ticketing tools like Service now to assign the ticket and to work on troubleshooting issues to the closure.
• Experienced in using PAM tools like CyberArk and Beyond Trust to retrieve credentials to login to the servers.
• Good understanding of Web Technologies like fiddler and SAML Trace to troubleshoot the issues.
• Gathered requirements for the centralization, standardization and automation of processes that ensure appropriate people have appropriate access to only needed resources.
• Experience in analyzing Business and Functional Requirements.
• Excellent communication skills and good Interpersonal skills helped me to keep productive and positive working relationships with staff from varying technical backgrounds and skill levels.
• Experience in Requirement Analysis, Technical Analysis, Impact Analysis, Estimation, Defect Prevention, Unit Test Planning.
• Drafted Implementation plans for the upgrade activities from v+ version from
• Supported the batch activities across various environments like SIT, UAT and production.
• Performed code retrofits for the compliance projects in Vision Plus.

TECHNICAL SKILLS

SSO: PingFederate 8.x - 10.x, Ping Access, CA SiteMinder Federation Services, Azure AD, ADFS, OKTA

Access Management: Ping Access, Okta Access Gateway, CA Access Gateway/Secure Proxy, CA SiteMinder Web Agents

Multi-Factor: Okta Verify, Google Authenticator, PingID and Duo

Web Server: IIS, Apache, Tomcat, SunOne App Server, WebSphere, IBM Http Server, JBoss.

Directory Servers: Microsoft AD, CA Directory Servers R12.x/14.x, Active Directory Server, Ping - Directory, Data sync and Proxy

Operating Systems: Windows 2012 R2, 2008/2003/2000/ XP, UNIX, Sun Solaris, Linux, IBM-AIX, HP-UX.

PROFESSIONAL EXPERIENCE

Confidential, Atlanta, GA

Sr. IAM Engineer

Responsibilities:

• Worked on integrating PingFederate with Office365 and designed the policies to restrict the access to only managed devices based on the network IP’s.
• Created adapters, authentication selectors, policies, and policy contracts to protect the applications and configure them to work under the SSO environment using PingFederate.
• Created application proxy for the on-premises web-based applications to provide single sign on.
• Worked with legacy application owners to integrate with Ping using Ping Access as the proxy.
• Worked on Agentless Integration, SAML and OAuth with various legacy and new applications.
• Worked on access reviews and self-service signup for guest users.
• Worked on integrating various applications like Workday, ADP, ZScalar etc. to provide them with SAML based Single Sign On.
• Worked on providing the MFA for multiple applications using Ping ID.
• Created SP/IdP connections using PingFederate with external partners.
• Involved in failover testing and disaster recovery process and prepared and maintained the documentation.
• Created conditional access to apply business policies as per the requirement in Azure AD.
• Involved in various troubleshooting activities which are caused due to the migration of Application platform.
• Implemented many OAuth and OpenID connections based on the client requirements.
• Worked on a POC in integrating enterprise applications using SAML in azure AD.
• Configured external identities to support B2B communication for the guest users.

Confidential, Santa Clara, CA

Ping Engineer

Responsibilities:

• Worked on supporting and debugging issues with and implementing SSO solutions with Business Partners using PING Identity solutions.
• Provided Architectural design and implemented enterprise-wide Identity and Access Management (IAM) solutions Ping Federate and PingID.
• Implemented PingID MFA with Ping Federate.
• Enforced enterprise-wide work force to PingID for MFA.
• Developed Ping Radius adapter and integrated with different clients which uses Radius (CyberArk, F5, Checkpoint VPN, etc...).
• Implemented web application OAuth Integrations with Ping.
• Responsible for coordinating IAM team members, consultants, partners during project planning, execution,
• Have Knowledge in Designing the Privileged Credentials provisioning to CyberArk Vault
• Session Recording, Fine grained access control, A2A feature using CyberArk PAM
• Responsible for defining, recommending, monitoring and deploying SSO (Single Sign On) Access
• Management Solution on premise using different technologies, Federated Protocols (SAML, OpenID connect, OAuth, WS Federation) with cloud computing providers like Sales force, AWS, Service-Now, Google etc.

Confidential, Iselin, NJ

IAM Engineer

Responsibilities:

• Experience in Okta Implementation, Configuration and Administration.
• Deployment of Okta AD agent.
• Integration and Configuration of Active Directory with Okta.
• Creation of Dynamic groups in Okta.
• Onboarded various applications on Okta using SAML, OAuth protocols.
• Configuration of Agentless and with Agent integrated windows authentication.
• Integration of Office 365 portal using WS-Federation protocol.
• Integration of Fieldglass, SumTotal and Saviynt application using SAML protocol.
• Integration of Unify application using OpenID connect.
• Configuration of Sign-on and MFA policies.
• Creation of Sign on rules based on the different applications sign on requirements.
• Creation of Identity Profiles for the Authoritative source and attribute mapping.
• Configuration of Correlation rules for non- authoritative sources.
• Configuration of LCM for the Identities based on HR Pegasus events.
• Configuration of Password polices.
• Carried out several patching, maintenance, upgradation activities.
• Streamlined existing process for the client and automated tasks and arranged group aggregations.
• Modified email templates for new hires and updated workflows for all the LCM events.
• Onboarded 70 new Applications and carried out Access Review Certifications for them.
• Set up a unique workflow where the user was identified based on a flag to approve/revoke access.

Confidential

Software Consultant

Responsibilities:

• Setup policy servers and web agents and enable SiteMinder Federated Web Services.
• Created Policies, Realms, Rules and Responses in SiteMinder policy server to protect the applications and validate the users to work under SSO environment.
• Performance Tuning for SiteMinder to provide better response time, low latency, high availability and maximum throughput.
• Installed SiteMinder policy server 12.0.
• Configured SiteMinder web agents for Apache web server and IIS.
• Created policies, realms, rules, responses to protect SiteMinder resources.
• Performance tuning for SiteMinder to provide better response time, low latency, high availability, and maximum throughput.
• Configured and Defined the Policy Domains, User directories, Realms, Rules, Responses and Policies in SiteMinder and configured SiteMinder web agents and Affiliate agents to provide federation of webservices in the SSO environment.
• Created SiteMinder Policies - Rules, Realms, Responses, and Response Groups.
• Worked on SiteMinder policy server logs for Troubleshooting SiteMinder environment.
• Worked on Parallel upgrade of Complete IAM suite which consist of SiteMinder (SSO) Identity Minder, Identity Portal and Access Gateway.