SUMMARY

• Around 10 years of experience in the design, development, testing and implementation of enterprise wide security applications using PingFederate, PingAccess, PingOne,Okta, CA Siteminder,One LDAP Directory, Active Directory and Websphere.
• Expert in installation, configuration, troubleshooting and migrating of Ping Federate 5.x/6.x/7.x/8.x, Ping Access 2.x/3.x, PingOne 2.x and OKTA on Windows and Linux Operating System.
• Strong Knowledge in Customer IAM, multi - factor authentication, access security, single sign-on, federated identity management, mobile identity security, API security, social identity integration, identity & access management, SAML, OAuth, OpenID, WS-Federation, WS-Trust, and MFA.
• Provided solution, implementation, tuning, and troubleshooting in Single Sign On such as OKTA, Ping Federate and LDAP Directories such as AD, ODSEE and OUD.
• Build adapters and plugins to integrate PingFederate and PingOne with third party products / services
• Deployed several Ping federate integration kits for Apache, Coreblox, Atlassian, Java, PHP, SymantecVIP, Agentless, IWA etc., to establish the “first- and last-mile” implementation of a federated-identity.
• Strong Knowledge in implementing Single Sign On solution using Kerberos constrained delegation with Forms authentication
• Experience in Production support of Directory Services LDAP, PKI Authentication, PING Federation, UUM (Unified User Management).
• Experience in debug the core dumps / package cores on Linux / Solaris.
• Strong experience in working with various authentication schemes like Form based RSA token and PKI certificates based in configuring Single Sign on with ping access.
• Troubleshooting integration/environment specific issues and supporting Operations team to troubleshoot integration issues in higher environments.
• Implemented Inbound Federation and develop customization to support.
• Installed and configured sites, policies for authentication, virtual hosts, web sessions and responsible for backup and restoration of data in Ping Access.
• Extensively involved in policies, selectors, policy contracts, adapter mapping and sessions for authentication process in both production and non-production environment.

TECHNICAL SKILLS

SINGLE SIGN ON: OKTA, PingFederate,Ping Access, Ping One, CA SiteMInder

DIRECTORY SERVERS: ODSEE, OUD, OID, and Microsoft Active Directory

WEB and APP SERVERS: Apache 2.0 / 2.2, IIS 7.5, Tomcat

OPERATING SYSTEMS: Linux, Solaris, Windows

MONITORING TOOLS: SPLUNK, NAGIOS, SCOM

TOOLS: LDAP Browsers, Visio, SSH, WinSCP, Putty, SAML Trace, Postman, Splunk, SLAMD, Apache Directory Studio, Visio, SSH, WinSCP, Fiddler Trace, SCOM

PROFESSIONAL EXPERIENCE

Confidential

Sr Security Engineer /IAM Engineer

Responsibilities:

• Implemnting cloud based application Using PingOne
• Deployed PingOne in Cloud and integrated with Pingfederate on premise as identity bridge
• Building PingFederate and PingDirectory environments in AWS from scrach
• Onboarding application with different protocols like SAML, OAUTH OIDC
• Creating an schemas in Ping Direcoty
• Working on System for Cross-domain Identity Management
• Doing Federation hub between two environmnets (WIAM - CAIM)
• Creating an authentication Policies based on Ping Risk Management weights
• Working on Automating ping using Ping api’s
• Created SP/IdP connections using Ping Federate with external partners.
• Implemented SAML Protection with Digital Signature.
• Developed Custom adapter IdP and SP Adapters, Created adapters to prevent the DOS attack.
• Working on beyond trust for onetime password creating
• Monitoring all activites in Qrader for logs .
• Working on SP application for configuring SSO.
• Using Ping Access as token provider
• Experience in Production support of Directory Services LDAP, PKI Authentication, PING Federation, UUM (Unified User Management).
• PingFederate Performance tuning for supporting support heavy traffic.
• Designed, deployed and supported highly available and scalable Pingfederate infrastructure in AWS and On-premise that provides single-sign-on (SSO) and federation solutions for internal
• Customizing the LDAP schema for the client needs
• Implemented Directory and authorization mapping for authentication on Lightweight directory access Protocol (LDAP) and authorization on active directory.
• Installed on premise servers for single sign on (SSO) and directory synchronization
• Working on AD and Ping Directoy creating an roles and password reset

Environment: Ping Federate 11.0.1,Ping Access 6, Ping One,Ping Riskmanagment, Ping Directory, Active Directory Server, Database (SQL/Oracle).

Confidential

Ping Federate Support Engineer

Responsibilities:

• Designed, deployed and supported highly available and scalable Pingfederate infrastructure in AWS and On-premise that provides single-sign-on (SSO) and federation solutions for internal accesses.
• Designed and deployed migration of SAML partner connections from Oracle Identity Federation & Simple SAML systems to Pingfederate
• Implemented OAuth & OpenID Solutions using Ping Federate.
• Integrated internal Applications, SAAS based applications using SAML 2.0, SAML 1.1, WSFED and OAuth 2.0
• PingFederate Performance tuning for supporting support heavy traffic.
• Involved in migrating Siteminder to PingFederate
• Implemented SAML Protection with Digital Signature.
• Developed Custom adapter IdP and SP Adapters, Created adapters to prevent the DOS attack.
• Deployed PingOne in Cloud and integrated with Pingfederate on premise
• Assisted developers with integration of Mobile Apps using OAuth/SAML in Pingfederate
• Developed custom Ping Agent using Ping SDK.
• Deploying and configuring gateway, web access, and agent web access managements in Ping access.
• Implemented Directory and authorization mapping for authentication on Lightweight directory access Protocol (LDAP) and authorization on active directory.
• Installed on premise servers for single sign on (SSO) and directory synchronization

Environment: Ping Federate 6.0/5.0,Ping Access 2.x,3.x, Ping One, Active Directory Server, Database (SQL/Oracle).

Confidential

SSO/ Ping Federate consultant

Responsibilities:

• Design and implement SSO solution for mobile and web applications using Ping Federate, PingAccess and Ping one
• Configured and administrated Ping Federate 5.x/6.x for SSO across multiple web based enterprise applications and upgrading Ping Federate from 6.8 to 7.2.0. and 7.x to 8.x.
• Installed and configured sites, policies for authentication, virtual hosts, web sessions and responsible for backup and restoration of data in Ping Access.
• SSO Application Integration and Provisioning setup in OKTA
• OneLogin work through and its functionalities compared to Okta
• Analyze application integration method in OneLogin and discuss how it can be improved in Okta in terms of security.
• Assign application that would be on Okta instances depending on app use and data.
• Implement MFA for applications containing sensitive information
• User and Group management in Active Directory and GroupID.
• User provisioning for certain applications in Okta.
• Application Integration in Okta
• Extensively involved in policies, selectors, policy contracts, adapter mapping and sessions for authentication process in both production and non-production environment.
• Strong experience in Ping Federate SSO for providing customer and organization secure single sign on to their cloud based applications.
• Worked on Ping access admin authentication, log levels, class and enabling cookie logging.
• Experience in SSO Login page concepts, Ping federation, RSO concept using new authorization standards like OAuth, OpenID and PKI authentication services
• Responsible for all levels of support from initial setup and configuration to handling production down calls as well as on-the-fly changes to customer production environments.
• Troubleshooting of customer environments, including issues with AD attribute retrieval, IIS, and Kerberos/NTLM, as well as issues with Mac and Linux environments.
• Work with OKTA support to resolve product issues related to user provisioning
• Involved in integration and configuration of Ping Federate to act as identity provider and service provider with other identity provider service, provider clients for SSO.
• Work with various applications teams and recommend technical solutions for SAML 2.0, WS-Fed, OAuth based federations and claims based and header based authorizations.
• Extensively worked as a part of Architecture team in designing communication flows for Seamless SSO implementation and Federation implementation
• Worked on User, Group Management, Provisioning and deprovisioning
• Managed Group Polices, Security groups, and file shares for Grainger enterprise

Environment: Ping Federate 6.x/7.x/8.x,Ping Access, Ping One, OKTA, Active Directory Server, Sun Solaris 2.8, Windows, and IBM HTTP Web Server, IIS 5.0 and 6.0 and 7.0, Sun Java System Web Server 6.0,7.0., Sun Identity Manager, Sun Access Manager, Tivoli Directory Server, NDS/Novell eDirectory, and Sun One Directory Server, Database (SQL/Oracle),