SUMMARY:

• To obtain a position in Identity & Access Management that requires expertise in creating and administering scalable identity management solutions
• 6+ years of experience in the IT industry, dedicated to IBM Security Access Manager (ISAM), IBM Tivoli Directory server (ITDS), IBM Tivoli Access Manager (ITAM) for e - business solutions, IBM Tivoli Federated Identity Manager (TFIM) and IBM Tivoli Identity Manager (ITIM), Single sign-on infrastructure
• Working knowledge of ISAM AAC components i.e. Authentication Mechanism (MFA, Context and Risk Based), Access Controls (Policies and Rules), Risk Profiles, Information Points, Attributes
• Working knowledge of Federated Single-Sign on (SSO) configuration using SAML 2.0
• Working knowledge of Multi-factor authentication (MFA) using Time-based One-Time Password (TOTP), HMAC-based One-Time Password (HOTP) to Email (SMTP) and Phone (SMS)
• Working knowledge of Microsoft Active Directory Lightweight Directory Service (ADLDS) as a user registry
• Understanding of External Authentication Interfaces (EAI) such as Kerberos
• Involved in installation and configuration of IBM Federated Identity Manager version 6.0 (TFIM)
• Experience in planning, designing, implementing, and fine tuning/maintenance of IBM Tivoli Directory Server v5.2/6.0 (LDAP) and Tivoli Access Manager for e-business 5.1/6.0 on Linux operating system
• Implemented Single Sign-On (SSO) through WebSEAL for web applications
• Experience using WebSEAL to deploy junctions in order to protect backend resources on a secure domain
• Working knowledge with Secure Domains in a distributed directory server environment
• Understanding of directory management tools such as access control lists, and managing search limit groups for ITDS v5.2/6.0
• Experience managing access to protected object space using security policies including access control lists, protected object policies, and authorization rules in a TAMeb environment
• Working experience with replication mapping between replica/consumer in ITDS and TAMeb environments
• Creating manual entries for IBM Tivoli Directory Server v5.2/6.0 using command line, GUI, and LDIF files
• Working knowledge in TAMeb and ITDS-LDAP distributed environments
• Knowledge of Shell Scripting and Perl programming to maximize system performance
• Working knowledge with DB2 and Oracle database systems using DDL to acquire, and manage operational data
• Strong problem solving skills
• Excellent interpersonal communication and presentation skills
• Extremely service oriented

TECHNICAL SKILLS:

Web Servers: IBM HTTP (Apache), Tomcat and IIS

Web Development: HTML, XML, PHP, JavaScript

Networking Protocols: HTTP/HTTPS, LDAP, SSL/TLS, SSH, TCP/IP, IPv4/IPv6, DHCP, ARP and DNS

Database Environment: Oracle, DB2, PL/SQL and MySQL

Operating Systems: IBM AIX v5, Solaris v8/9, Linux Redhat, UNIX, Microsoft Windows 9x/2000/2003/XP, DOS

PROFESSIONAL EXPERIENCE:

Confidential, Washington D.C

ISAM Administrator

Responsibilities:

• Using Local Management Interface (LMI) of the appliance successfully created and modified Reverse Proxy Instance
• Configured ISAM Runtime Component on the Appliance
• Created SAML 2.0 Identity Provider and Service Provider federation
• Uploaded keystore files as well as mapping rules for both Identity Provider and Service Provider
• Exported meta-data for Identity Provider and Service Provider partners for seamless communication between Idp and SP
• Installed and configured of IBM Security Access Manager 9x, and various components like WebSEAL, Policy Server, Authorization Server, IBM Security Directory Server
• Configured ISAM Federated User Registry using Security Directory Server and enabled basic user support
• Created virtual host, mutual auth junctions, attached ACLs passing customized attributes in the HTTP/HTTPs header
• Configured federations using SAML 2.0 and OpenID, using implicit flow and added partners

Confidential, Rockville, MD

TFIM/TAM Administrator

Responsibilities:

• Experience in planning, designing, and installing IBM Tivoli Access Manager for e-business upgrade from version 5.1 to 6.0
• Involved in a successful deployment of federated SSO with Shibboleth as identity provider for the organization
• Completed federated SSO with 5 different service providers using Shibboleth based IdP
• Involved in installation and configuration of IBM Tivoli Federated Identity Manager
• Lead the effort to migrate federation configurations from Shibboleth server to the newly built TFIM environment.
• Involved in schema changes required to complete integrations using SAML expertise
• Using TIM configured, provisioning and workflow design for user management
• Installed adapters on a diverse verity of components for provisioning
• Managed and configured Websphere application server with web servers in a multi clustered environment
• Worked with IBM Websphere and web server clients for SSO defining TAI between TAMeb and Websphere
• Deployed IBM Tivoli Access Manager for e-business, and configured connections to Directory server for secure user authentication
• Reconfigured and fine tuned new instances of IBM Tivoli Directory Server v6.0, And IBM Tivoli Access Manager e business 6.0 components
• Configured and maintained SSL connections between Policy Server, WebSEAL, and LDAP user registry for secure communication
• Enabled privacy through protected object policy (POP) using quality of protection (QoP)
• Managed the protected object space using command line utilities (pdadmin)
• Configured resource manager (WebSEAL), and implemented junctions to protect backend resources on Websphere application server and IHS
• Enabled e-community SSO authentication on WebSEAL. Used Master Authentication server (MAS) to vouch for client login and session creation.
• Configured the protected object space to define security policies through the use of ACL’s, POP’s and assigned permissions to users and groups
• Wrote performance monitoring, server monitoring and server built automation scripts using Shell, Perl and Expect programming
• Monitored system performance and unusual server activities (forced system entry) using TAMeb and ITDS log files
• Data integrity was provided through scheduled backup activities, allowing access to critical data at all times

Environment: IBM Tivoli Access Manager for e-business v5.1/6.0, IBM Tivoli Identity Manager Version 4.6, IBM Tivoli Directory Server v5.2/6.0, IHS, Websphere application server 6.1, shell scripting, Perl scripting Red Hat Enterprise Linux 3 & 4