SUMMARY: 

• Information Technology and Security professional with over 14+ years of experience in architecting and deploying Identity Management, LDAP Directories, Single/Reduced Sign - On (SSO), Provisioning and Provisioning/Identity Workflows, Access Management, RBAC (Role-Based Access Control), Compliance and Auditing Technologies, Federated Identity/Federation, Enterprise System Architecture, Security Infrastructure Design, Authentication and Authorization technologies, as well as custom-built  security and technology frameworks.
• Extensive experience in architecting, installation, configuration, deployment, troubleshooting, implementing and supporting Identity and Access management projects comprised of Oracle Identity Manager (OIM 11g R1/11.1.2.x and 10g), Oracle Identity Federation, Service Oriented Architecture (SOA), Oracle Adaptive Access Manager 11g R1/11.1.2.x and 10g, Oracle Service Bus (OSB), Oracle Identity Analytics (OIA)/Sun Role Manager (SRM), Sun Identity Manager (SIM), LDAP directory servers like Active Directory (AD), Active Directory Application Mode (ADAM), Exchange, Oracle Internet Directory (OID), Novell eDirectory, ODSEE, Sun ONE Directory Server, Oracle e-Business Suite, Unix-SSH, Remedy User & Ticket Management, Google.
• Integration of Oracle Identity Manager with Oracle Fusion Applications Compensation Management and Role Mapping, Role Provisioning User Sync with OIM, Define Data Security.
• Solid experience in building and deploying large scale Web Applications developed in Java, J2EE, JDNI, JDBC, EJB, JSP, JMS, XPRESS, JavaScript, AJAX, XML, XSLT.
• Experience in developing custom ICF connector including reconciliations using OIM 11g API's.
• Developed and Implemented OIM 11g event handlers, schedule tasks, SOA approval work flows, data validators, Self-service API to be used in custom application, UI customization for help desk roles, customized notifications etc.
• Experienced in developing Web services SOAP , REST, SCIM
• Experienced in developing custom ICF connectors for LDAP, Database & RACF Connectors
• Designed and developed a module for multi factor authentication
• Reconciling complex Multivalued Data, Transformation and validation of account data.
• Designed and developed custom UI using spring, BackboneJS for helpdesk using OIM API.
• Experience in developing RBAC process & attestation process to validate user access quarterly.
• Real Time Monitoring and Metrics collection using Oracle Enterprise Manager (OEM) 11g.
• Performed Vulnerability Analysis - Network Vulnerability Scanning, Advanced Web Application Scanning, Detecting Rogue Access Points, Auditing and Security Testing
• Implemented UNIX based SSO/Account Centralization using PAM based tools like Centrify.
• Implemented SSO solutions & Security for Cloud Service Solutions like Service Now, Office 360 and Okta.
• Solid experience in implementing and handling Security Compliance and Governance projects.
• Implementation experience of practical security including SSL, PKI, certificates.
• Proven expertise in Federation using SAML 2.0, SAML 1.1, WS-Federation, Kerberos Authentication and SNC, Oracle Identity Federation, Oracle Virtual Directory and Oracle Internet Directory.
• Experienced in Web Services (SOAP), SOA, OWASP and associated security.
• Good RDBMS development experience using Oracle Stored Procedures and PL/SQL.
• Excellent oral, written, interpersonal, and trouble shooting skills, proactive listener, and the ability to work in a team or individually.
• Involved in designed and developed a module for multi factor authentication using image passwords and developed custom connector for cloud Based Identity Provisioning (IdaaS).

TECHNICAL SKILLS SUMMARY:

Identity Management & Security: Oracle Access Manager 11gR1/11.1.2.x and 10g, Oracle Identity Manager 11g R1/11.1.2.x and 10g, Sun Identity Manager, Centrify, Microsoft Identity Integration Server (MIIS), Oracle Service Bus, Novell Identity Manager, Oracle Identity Federation, OpenSSO, SAML 2.0, SSO, PKI, Cryptography - Password Encryption & Decryption Techniques, Image Passwords, Image Steganography and Okta

LDAP Directories: Microsoft Active Directory, MS Exchange, Novell eDirectory, Sun One Directory Server, Oracle Internet Directory (OID), Oracle Unified Directory (OUD), ODSEE, ICF, Oracle Virtual Directory (OVD), libOVD, ICF - Connector Server, RACF, eBusiness Suite, Unix-SSH, Remedy User Management & Ticket Management

Vulnerability Assessment: Nessus, GFI LanGuard

Security Testing: Wireshark, Wapiti, Scrawlr, Watcher, HP Webinspect, Dev inspect

Password Management: KeePass, RoboForm, SharePoint

Remote Access: Juniper SSL VPN concentrators

Web Technologies: J2EE, Java, JSP, Servlets, HTML, XML, XSL, XSLT, JavaScript, C#, SharePoint, SOA, Web Services, BackboneJS, NodeJS, AngularJS

Application & Web servers: WebLogic Application Server, Apache Tomcat, Oracle HTTP Server, Apache Web Server, IBM WebSphere Application Server, JBOSS, Microsoft IIS, Sun Java App Server

Operating Systems: Solaris, Windows 98/NT/2000/XP, UNIX

Databases: Oracle 7.x/8i/9i/11g/12C, SQL Server, MySQL, MS Access

Tools & IDEs: Microsoft Visio, Microsoft Project, MS Office Suite, VSS, CVS,, Jdeveloper, Eclipse, Netbeans

PROFESSIONAL EXPERIENCE:

Confidential, Columbia, MD

Identity Management Architect

Responsibilities:

• Architect and implementer for Oracle suite of products
• Installed and configured OIM, OAM and integrated them using libOVD in a high availability clustered Linux environment.
• Upgraded existing environments (OIM and OAM) to 11gR2 PS3
• Integration RBAC system with EIDM to provide role based access control for all EIDM users
• Developed and implemented connector to integrate OIM with Okta.
• Migrating users, and supporting data, from AIF which was implemented in legacy Sun IDM product to Oracle Suite of productions in EIDM in a very aggressive timeframe
• Migrating users, and supporting data, from OIM to Okta
• Providing Operations and Maintenance (O&M) services, including testing services, for complex integrated IDM/RIDP/MFA systems supporting 13+million user volume.
• Developed and implemented service for Symantec Validation & ID Protection (VIP) to provide EIDM Multi-factor Authentication (MFA) services, and facilitating support.
• Developed and implemented Experian’s Precise ID service to provide Remote Identity Proofing (RIDP) services, and facilitating support in EIDM.
• Involved in developing custom ICF based connector to provision and de-provision accounts to WAAS database.
• Developed and implemented various user management RESTFUL web services to integrate EIDM with QPP application.
• Implemented procedures for development and deployment of password management processes.
• Coordinated with security teams for auditing and reporting functions and related processes.
• Formulated procedures for translation of business and functional requirement into technical designs.
• Prepared custom reports for certification and role management module and related systems
• Involved in implementing custom Helpdesk UI, custom certification process and UI.
• Developed and configured OAM authorization and authentication policies to protect resources.
• Project and Technical design and planning of multi-phased implementation of Oracle Identity Manager
• Designed and developed custom helpdesk UI using Spring, backboneJS using OIM API
• Involved in de-commissioning OIM-OAM integration for IMAS system.
• Involved in migrating all environments from Terramark datacenter to HP data center.
• Developed and implemented various approval workflows for all WAAS applications.
• Cloned one environment to another in a very short span of time using T2P process.
• Applied performance tuning for all servers to improve the performance
• Designed and Implemented disaster recovery process and the environment.
• Providing support for around 10 environments
• Involved integrating around 26 external applications with OIM
• Implemented a process to bulk load large volume of users and roles into OIM
• Implemented custom connectors, schedule jobs, event handlers, adapters and notification resolvers
• Configured custom authentication plugins and configured authentication and authorization policies in OAM.
• Developed and implemented custom approval worklist application using SOA / BPEL engine, and external authentication and authorization.
• OIM approvals based on SOA Composites for user self-registration and role assignment.
• Implemented custom connector to create users from a csv file and assign roles to them based on business logic using OIM 11g API’s.
• Developed and implemented custom schedule tasks, custom adapters by using OIM 11g API’s.
• OIM Connectors installation, configuration and customization. Migration of connectors from Test to Production (T2P).
• Developed and implemented custom ICF (Connector server) Authz database connector for user management and role management into a separate database.

Confidential, Appleton, WI

Identity Management Architect

Responsibilities:

• Architecting and the Implementation of entire Application security infrastructure in LCRA which includes Oracle IAM Suite 11g and then migration of the entire Oracle stack to 11g R1 integrating with PeopleSoft, OVD, OID, and Active Directory, Exchange.
• Configured IDM product to talk to three separate Authoritative PeopleSoft sources for all identities.
• Developed custom OID and Oracle Access and Identity Manager plug-ins.
• OIM 11g custom de-provisioning connector which disables Employees Badge access real time with control triggered by the HR department.
• Implemented Enterprise Digital Rights Management (EDMS) which involves Data Classification and Data Security and Password Management in LCRA.
• Performed Security Risk Assessments (SRA) and Vulnerability Assessments and Pen Testing.
• Designed and implemented End User Self Registration Interface.
• Designed and implemented Delegated Administration Interface.
• Delegated administrative authorization model and UI for the Service Provide Edition that provided a high-performance, high-scale version of OIM
• Implemented SSO solutions for Cloud Service Solutions like Service Now, Maximo, PeopleSoft and also implemented unix based SSO/Account Centralization using PAM based tools like Centrify.
• Extensive experience on OIM 11G event handlers, schedule tasks, developing SOA composites, data validators, UI customization, customized notifications, request templates, request datasets.
• Architected and implemented Oracle Identity Manager into development with basic out of the box functionality with a single LDAP as their authoritative source, and provisioning users into Active Directory, EBS, OID, Exchange.
• OIM was configured to talk to three separate Authoritative PeopleSoft sources for all identities.
• Developed and implemented custom flat file connector using OIM 11g API's for user management and implemented custom remedy connectors including recon job.
• Installed and implemented ICF (Connector server) to provision AD and exchange accounts. Used ICF connector instead of remote manager.
• Extensively involved in using oracle role manager in OIM 11g.
• Developed and implemented custom schedule tasks, custom adapters by using OIM11g API’s.
• Implemented attestation (certification) process.
• OIM 11g and SOA implementation and BPEL Human Workflow implementation.
• Performed Security Risk Assessments (SRA) and Vulnerability Assessments and Pen Testing.

Confidential, Appleton, WI

Identity Management Architect

Responsibilities:

• Architected and implemented Oracle Identity Manager into development with basic out of the box functionality with a single LDAP as their authoritative source, and provisioning users into Active Directory and Novell eDirectory.
• Developed and implemented custom flat file connector using OIM 11g API's for user management and implemented custom remedy connectors including recon job.
• Well capable of integrating the IDM provisioning system with other environments like, IBM TAM, ACE, LDAP, LAN, Novell NDS, Lotus Notes, Main Frames.
• Designed and developed user interface for access provisioning team for managing that they can check out and close after provisioning.
• Analyze and document (both existing and potential) solutions for the following: User account provisioning/de-provisioning, Single Sign-On (web and desktop), Password Management, Role-Based access control, Strong Authentication.
• Extensive experience on OIM 11G event handlers, schedule tasks, developing SOA composites, data validators, UI customization, customized notifications, request templates, request datasets etc.
• Started a next-generation project with a small team that was to incorporate RESTful and WSDL web services, SOA / BPEL engine, and external authentication and authorization.
• Delegated administrative authorization model and UI for the Service Provide Edition that provided a high-performance, high-scale version of OIM
• Developed event handlers, schedule tasks, data validators, UI customization, customized notifications etc.
• Provisioning from OIM was configured for Oracle Internet Directory (OID), Oracle Virtual Directory (OVD) using EBS and Active Directory.
• Analyze and document (both existing and potential) solutions for the following: User account provisioning/de-provisioning, Single Sign-On (web and desktop), Password Management, Role-Based access control, Strong Authentication.
• Implemented attestation (certification) process.
• Started a next-generation project with a small team that was to incorporate RESTful and WSDL web services, SOA / BPEL engine, and external authentication and authorization.
• Have good experience in developing J2EE programs using OIM API's.
• Modified out of the box Oracle Database Connectors to fit Thrivent’s given needs.
• Developed and implemented custom schedule tasks, custom adapters by using OIM API’s.

Confidential, Eagan, MN

Sr. Identity Management Consultant

Responsibilities:

• Involved in install and configure of Oracle Identity Manager, Sun Role Manager, Sun Identity Manager software and integration of SRM with OIM.
• Successfully implemented AD2SAP Password Synchronization solution in Tesoro along with the implementation of OIM, OAM and OIF.
• Oracle Identity Federation and OAM implementation (Identity Provider IdP) with partner applications with Ping Identity Federation on the Service Provider (SP) End with SAML 2.0 as the protocol.
• Designed and implemented Identity Management and Single Sign-On solutions utilizing Sun’s Identity Manager and Access Server, Ping Federation Server, and SAML
• Developed business logic approval workflows for access requests raised by the user for each application.
• Designed and developed automated workflows for approval, provisioning and de-provisioning processes.
• Configured Access policies in OIM for automating the provisioning process.
• Implemented Custom workflows, role based access controls in Sun IDM frame work using XPRESS language
• Involved in requirement gathering and design phase of the project.
• Implemented Provisioning of all users, groups, organization to target systems.
• Performed the reconciliation from a flat file PeopleSoft feed to Oracle Identity Manager.
• Designed and developed automated workflows for approval, provisioning and de-provisioning processes.
• Configured Access policies in OIM for automating the provisioning process.
• Customized end user interface for the end user administrative screen.
• Implemented User On-boarding, User Self-requests with Approval Workflows.
• Developed and implemented custom schedule tasks, custom ADAPTERS using OIM api’s.
• Developed and maintained trusted source reconciliation from HR system.

Confidential, Concord, NH

Identity Management Consultant

Responsibilities:

• Architect for the implementation of Oracle Identity Manager, Oracle Access Manager, Oracle Internet Directory, and Oracle Virtual Directory.
• Implemented OIM and OAM through Development, Staging, and Production
• Developing custom workflows and Generic Technology Connectors (GTC) for manual user dumps
• Analyze and document (both existing and potential) solutions for the following: User account provisioning/de-provisioning, Enterprise Directory Services, Single Sign-On (web and desktop), Password Management, Role-Based access control, Strong Authentication
• Provisioning from OIM was configured for Oracle Internet Directory (OID), Oracle Virtual Directory (OVD) using Active Directory.
• Started a next-generation project with a small team that was to incorporate RESTful and WSDL web services, SOA / BPEL engine, and external authentication and authorization.
• Determined user roles and responsibilities, classifying like users into groups to ease maintenance and rule implementations controlling access to resources appropriate to user and group classifications.
• Analyze current network layout, services and resources to determine required access.
• Determined user roles and responsibilities, classifying like users into groups to ease maintenance and rule implementations controlling access to resources appropriate to user and group classifications.
• Developed business logic approval workflows for access requests raised by the user for each application.
• Developed and maintained trusted source reconciliation from HR system.
• Developed and maintained target source reconciliation to reconcile target system accounts in to OIM.
• Developed and implemented custom schedule tasks, custom adapters by using OIM API’s.

Confidential, Peoria, IL

Identity Management Consultant

Responsibilities:

• Architect for and the implementation of Oracle Identity Manager, Sun Role Manager.
• Involved in requirement gathering and design phase of the project.
• Customized end user interface for the end user administrative screen.
• Supervised the creation of the Identity Connectors open source project.
• Led the SIM team that built the access certification / attestation function.
• Guided the team that replaced a home-grown Java Swing application for creating and managing customizations with NetBeans and Eclipse IDE plugins. The result was a full function IDE for SIM solution development and debugging.
• As a first-level manager, drove technical and strategic direction for SIM.
• Implemented User On-boarding, User Self-requests with Approval Workflows.
• Delegated administrative authorization model and UI for the Service Provide Edition that provided a high-performance, high-scale version of SIM
• Designed and developed workflows for AD, Access Manager and LDAP provisioning
• Designed and developed user interface for access provisioning team for managing that they can check out and close after provisioning.
• Involved in Designing a common component workflow to Integrate Base access in IDM with difference components like request access matrix, approval matrix & Decision matrix.
• Involved in designing the active sync process for Employees for auto provisioning of accounts.
• Experienced in implementing Custom workflows, role based access controls in Sun IDM frame work using XPRESS language

Confidential, Hartford, CT

Sr. Identity Management Engineer

Responsibilities:

• Sr. Technical consultant in product disciplines like “Certive Server” world's first business intelligence server for business analytics Sun’s IDM (formerly Waveset’s Lighthouse) and Baan ERP. And application implementations like SAP IPC (SCE & SPC) in java/j2ee space.
• Analyze and document (both existing and potential) solutions for the following: User account provisioning/de-provisioning, Single Sign-On (web and desktop), Password Management, Role-Based access control, Strong Authentication.
• Managed a team of integration specialists to implement and promote through three environments and on a separate Disaster Recovery (DR) datacenter.
• Wrote all documentation to cover the use cases, implementation design, and promotion strategies
• Implemented SIM through Development, Staging, and Production.
• Led the SIM team that built the access certification / attestation function.
• Adapter framework and a number of adapters to manage accounts in target systems
• Implemented Role Based Access control (RBAC) process using Sun Role Manager.
• Configured the scheduled tasks and reports, resource adapters, password sync with AD
• Designed and developed custom provision tasks, bulk load tasks
• User Entitlement Certification, Role certification.
• Implemented customizations for Sun’s Identity Management product formerly known as Waveset’s Lighthouse.
• implemented Custom workflows, role based access controls in Sun IDM frame work using XPRESS language
• Integrated IDM provisioning system with other environments like, IBM TAM, ACE, LDAP, LAN, Novell NDS & Lotus Notes.

Confidential, Bloomington, IL

Identity Management Engineer

Responsibilities:

• Installed and configured Sun Role Manager, Sun Identity Manager.
• Implemented SIM through Development, Staging, and Production.
• Implemented Role Based Access control (RBAC) process using /Sun Role Manager.
• Led the SIM team that built the access certification / attestation function.
• Product upgrades with streamlined handling of customizations
• Adapter framework and a number of adapters to manage accounts in target systems
• Guided the team that replaced a home-grown Java Swing application for creating and managing customizations with NetBeans and Eclipse IDE plugins. The result was a full function IDE for SIM solution development and debugging.
• Responsible for building Oracle Identity Analytics Identity Warehouse.
• Implemented auto provisioning processes in custom workflows
• Designed and developed new workflows (leave of absence, extend disable, BG &NT domain).

Confidential Leasing AG

Software Engineer

Responsibilities:

• Involved in designed and development of multi-tier Java-technology based web application using Oracle 8i, Java Servlets, and JSP.
• Designed and developed Report module built-in JDBC, XML and EJB connectivity, along with our User-Defined Data Source API which allows easy access to virtually any data source.
• Involved in writing SQL queries to get the data, update the data from the database and to connect database in the DAO implementation classes.
• Responsible to test the application integrating front-end tier with EJB tier connecting Database tier.
• Analyzed the enhancement in Interwoven 5.5 with respect to 5.01.
• Designed the Integration of Team Site with Websphere.
• Developed the application using Plum tree portal server and Java Server Pages JSP 1.1 that invoke custom tags that interact with the Enterprise Java Beans backend.