Summary

Manager Technology in Calance Corporation, USA with 12 years of total experience including around 11 years of Identity and access management with IBM Tivoli and Sun Identity and access management implementations, architecting, design and support.

Around 4 years of Onsite Identity and access Management experience with Baker Hughes Incorporated, USA and AllState Insurance company, USA as security consultant in a contract position.

Proven track record of providing the best solution to drive down costs while increasing quality and efficiency throughout the companies by process improvements and has excellent knowledge of Identity and Access Management and problem solving abilities to achieve aggressive goals within specific deadlines to meet customer satisfaction

Experience Synopsis

IBM Tivoli Directory Server 6.3 implementation Certified.

IBM Tivoli Identity Manager 5.0 Certified.

IBM Tivoli Access Manager 6.1 Certified.

IBM Security Systems Sales Mastery Certified.

Currently working as a contractor security consultant role in Identity and Access Management Services division of AllState Insurance Company, USA for TAM and TFIM integration with multiple cross functional, businesses and environment.

Implemented IAM infrastructure movement of Baker Hughes Incorporated, USA. Consisting almost all IBM Tivoli Identity and Access Manager Components in 2013.

Supported and maintained the whole Baker Hughes Incorporated, USA identity and access management for three years from Dec 2011 to Oct, 2014 as an onsite coordinator and security consultant in a contractor position.

Past experience in IBM India Pvt. Ltd as senior advisory consultant in security practice.

Domain Expertise: Tivoli Access Management, Tivoli Federated Identity Manager, Tivoli Directory server, Tivoli Identity Management, Tivoli Directory Integrator, Sun Identity Management, Sun Access Management, ActivIdentity secure Login (E-SSO).

Hands on experience on Tivoli Access Manager 6.1, 6.x.x, Tivoli Federated Identity Manager 6.2.2, Tivoli Directory Server 6.x, Tivoli Directory Integrator 6.x.x, 7.x, Tivoli Identity Manager 5.x

Product Training on Tivoli Identity Manager 5.0 and Tivoli Access Manager for e-Business 6.0, 6.1 deployment and Administration in IBM.

Worked on several onsite projects in and out of India on both Security and IAM

Having very good exposure on SSL certificates.

Excellent communication skills, Enthusiastic, motivated and a team player

Work Experience

Oct 2015 – Till Date Calance Corp, USA (client: Allstate Insurance Company, USA)

Manager Technology (Role: Security Consultant)

Environment : Server OS: Linux, Sun Solaris, Microsoft Windows 2008 R2 Server

Software : Access Manager 6.1, Tivoli Federation Identity Manager 6.2.2, Active Directory Server, Websphere Application Server 7.0, SAML 2.0, SPNEGO, Kerberos.

Tools : Fiddler 2.0, 4.0, Wireshark 1.10.14

The Allstate Corporation is the nation’s largest publicly held personal lines insurer, serving approximately 16 million households whose members know “You’re In Good Hands With Allstate®.” As part of their Worldwide Information Technology infrastructure, they have very complex and powerful systems to manage all aspect of computer security. Many of these systems are based on technology from leading companies such as IBM, Oracle and Microsoft.

They are currently undertaking significant upgrades and changes to these systems to enhance their corporate security, and to enable access to their system worldwide by employees, Allstate Agents and Consumers. These systems are critical to the safe and secure operation of their organization.

In particular, the system they use to give the secure access to the clients and federation to the third party vendors includes IBM Tivoli Access Manager and IBM Tivoli Federation Identity Manager. These are advanced and complex systems where significant skills are required to configure them correctly and modify them. They use infrastructure elements including Active Directory Server, understanding of network services, Kerberos token and SAML 2.0. I have the following responsibilities as a security consultant role in the core engineering group.

Interact with the internal as well as external client for requirement gathering and delivery from the day project kickoff until it signs off.

Raise Request for the F5 VIP assignment for Mydeskop, Agency and consumer WebSEAL servers including the load balancing features and rules F5 VIP persists.

Make firewall change request spread sheet and raise it as per the requirement of the application integration with TAM or TFIM.

Make the DNS change request as per the requirement in DEV, Test, TPT and Production of Mydesktop, Agency and Consumer environment.

Create and configure standard, Virtual host junctions as per the requirement and feasibility of the solution.

Configure SPNEGO for internal users environment i.e. mydesktop and agency.

Configure standard as well as virtual host junctions for .Net Web Form as well as .Net MVC model and suggested the application team for required configuration at their end.

Configure junctions for WAS based application, work with the WAS application team for the configuration of ETAI on their end.

Create ACLs, Pop, objects and apply them on the junctions as per the business requirement.

Troubleshooting with the TAM junction using Fiddler 2.0, 4.0, snoop and debug traces.

New third party application configuration with TFIM using SAML 2.0 token.

Mapping of identity attributes as an IdP for the assertion to take place with third party application.

Nov 2010 – Oct 2014 Calance Corp, USA (client: Baker Hughes Inc.)

Manager Technology (Role: TIM/TAM Consultant)

Environment : Server OS: Linux, Microsoft Windows 2008 R2 Server

Software : Tivoli Identity Manager 5.1, Tivoli Directory Server 6.1, 6.2, 6.3, Tivoli Directory Integrator 7.0, WebSphere Application Server7.0, Tivoli Access Manager 6.1.1, Tivoli Federation Identity Manager 6.2, IBM DB2 9.5

Moved entire IAM infrastructure of Baker Hughes Inc. from ATOS data center to IBM Data center. Took the strategy to build the new environment in the new IBM datacenter and moved the data. Baker Hughes is having around more than 100K users including 65K internal users and 45K external users integrated with Identity and Access management. Entire movement we delivered with the minimal downtime of less than 24 hours.

Installed and configured ITIM 5.1, ITAM 6.1.1, TDI 7.0, TDS 6.3 in clustered environment on high availability on Dev, Test and Prod environment.

Installed and build TDS environment on 7 locations on high availability to provide the solution to Baker Hughes Beacon business critical applications, SAP Netweaver portal, Baker Hughes Direct and Maximo.

Build new interface for employee directly provision from SAP HR.

Configured Adapter for SAP Net weaver with ITIM 5.1 to support SAP infrastructure for user provisioning, de-provisioning and update. Also configured role based provisioning to SAP.

Configured upgrade adapter of TDS with group provisioning support into LDAP.

Implemented ITIM web service 3.2 to support remote webservice API call to manage TDS groups from SAP interfacing with Web method.

Upgraded new Active Directory/Exchange Adapter with OCS provisioning and exchange 2010 support

Implemented almost real time provisioning for suppliers into SAP SNC including TAM account provisioning, three instance of enterprise LDAP account provisioning etc.

Almost real time implementation of customer/supplier creation from Baker Hughes Direct registration database.

Change Log connector implementation for real time update of email from Active Directory to ITIM flowing to peoplelink application, enterprise LDAP and SAP HR etc.

Tivoli Access Manager 6.1.1 new junction creation for SAP SNC for suppliers accessing from external.

Involved in ITIM 5.1 to Microsoft Forefront Identity Manager (FIM) 2012 R2 migration requirement gathering and development of functional requirement document (FRD), use case document etc.

Implemented the changes required in TAM LDAP, Enterprise LDAP to migrate the internal IAM infrastructure from ITIM to FIM.

Only onsite resource with the help of two offshore resources responsible to support the entire IAM infrastructure including ITIM 5.1, ITAM 6.1.1, TFIM 6.2.2 with internal user base of 65K active users and 45K of external users. Baker hughes single sign on applications are internal as well as external facing. Consisting around 24 single sign on business applications of SAP NetWeaver portal, SAP ABAP, webmail, myhr, hrsc, peoplelink, Fem, spotfire web etc.

Apr 2009 – Oct 2010 IBM India Pvt. Ltd. (client: Bharti Infratel India Pvt. Ltd.)

Sr. Advisory Consultant (Role: Team Lead)

Environment : Server OS: AIX, Microsoft Windows 2003 Server

Software : Tivoli Identity Manager 5.0, Tivoli Directory Server 6.1, Tivoli Directory Integrator 6.1.1, WebSphere Application Server6.1, Tivoli Access Manager 6.1, IBM DB2 9.1

Secure Sign on Framework provides single sign on, centralized authentication, audit logging and secure role and policy based access control to across various applications in an enterprise

Architected, Design and managed secured sign on framework project for Bharti infratel Pvt. Ltd. with the 3 members’ team size.

Deployed and configured Tivoli Identity Manager 5.0, TDS 6.1, TDI 6.1.1, WAS 6.1 and TAM 6.1 on clustered environment.

Implemented HRMS oracle based connector for employee feed, TAM combo customized adapter, GIS Oracle based Adapter, Real time Change log connector for customer creation.

Nov 2008 – Jan 2009 IBM India Pvt. Ltd. (client: Bharti Retail India Pvt. Ltd.)

Sr. Advisory Consultant (Role: Team Lead)

Environment : Server OS: AIX, Microsoft Windows 2003 Server

Software : Tivoli Identity Manager 5.0, Tivoli Directory Server 6.1, Tivoli Directory Integrator 6.1.1, WebShere Application Server6.1, IBM DB2 9.1

Bharti Retail Pvt. Ltd. is an organization from Bharti group of companies. It falls in retail industry sector. This project is for the purpose to integrate the entire user lifecycle management of Bharti Retail users and to provide secure access control to the applications in the Framework. This implementation includes IBM portal, ITIM, ITAM for completing the cycle of user provisioning, de-provisioning and Re-provisioning from the authoritative source i.e. HRMS to the OSI (i.e. my access HRMS application), ITAM (i.e. IBM SSO Solution), ITIM (i.e. IBM IDM solution for resource and role management), Active Directory.

Architected, Design and implemented the project with the help of 2 Team members.

Integrate Password Change in IBM Portal to call ITIM API to synchronize the password across all application integrated with ITIM which reduce support cost to change password for customers and employees.

Reverse Password synchronization implementation with Active Directory.

Apr 2008 – Jan 2009 SDG Software India Pvt. Ltd. (client: Max Newyork Life, Gurgaon, India)

Technical Architect (Role: IAM Architect)

Environment : Server OS: Solaris 10 Sparc, Microsoft Windows 2003 Server

Software : Access Manager 7.1, Sun One Web Proxy server 4.0.5, Sun Directory Server 6.2, WebShere Portal Server 6.0, Sun One Web Server 7.0

This execution involves the enhancement of current SSO setup of MNYL via Sun Access Manager implementation with Session Failover, Sun Directory Server (MMR), Sun Web proxy Server. MNYL has categorized their web applications (My-Lead, My-Passport, Portal, Dashboard and IFTIS) into internal and external. We need to configure internet Applications via Web Proxy Server as MNYL has the requirement not to expose their individual Application URL’s. The whole setup is high availability.

Architect and design the solution for Max New York Life Gurgaon, india to implement sun access manage in HA mode with session failover.

Uses the best practices in the implementation.

Guided the team of three people for any technical requirements to implement the solution.

Nov 2006 – Mar 2008 SDG Software India Pvt. Ltd. (client: Tata Tele Services Ltd., India)

Technical Architect (Role: IAM Solution Architect)

Environment : Server OS: Sun OS, Linux, Microsoft Windows 2000/2003 Server

Server Platform : Microsoft® Active Directory

Terminal Server : Citrix® MetaFrame 1.8 with Citrix MetaFrame XP Presentation Server

Client OS : Citrix Win32 ICA Client V.6.00.905, Windows 2000 and XP version 4.7

Software : ActivID SecureLogin6.0, SUN IdM 6.0 SP1, Access Manager 7.0

The scope of this Sun Java Enterprise Identity Manager (IdM) & SSO implementation will ultimately result in the provisioning/de-provisioning of all TTSL applications in-scope. The first phase of the implementation is to create an Identity Manager Workflow implementation that will allow for the shutdown of eProcess along with digital provisioning, de-provisioning & re-provisioning of 10 applications. ActivId Secure Login and Sun Access Manager implementation will result in seamless access to the applications for user without entering userid & password multiple times. The Access Manager has been configured via ActivID secure login, as the user needs to be authenticated only once into the system and can access thick client as well as web applications without second time authentication.

Responsible for Architecting and Designing the solution of IAM implementation including Sun Identity Manager, Sun Access Manager and ActivID secure eLogin for the whole TTSL organization.

Responsible for installation and configuration of ActivIdentity Server, configuration files, installation of Access Manager Server and policy Agent.

Written the adapter for ActivId secure eLogin, Metasolv, Kenan FX, Oracle CRM, FIS and Dealer portal.

Jul 2007 – Sep 2007 SDG Software India Pvt. Ltd. (client: Reliance Infocomm, India)

Technical Architect (Role: Solution Architect)

Environment : Operating Server: Solaris X86

Software : Sun One Communication Suite 2005Q4, Sun One Web Server, Sun one Directory Server, Messaging Server, Calendar Server, Portal Server, Communication Express, Java Web Services.

Configuration of Messaging Express, Calendar Express, Communication Express.

Configuration of Communication Express and Messaging Express for multiple domains.

Implementation of Java Web Services for Admin web application.

Feb 2006 – Aug 2006 SDG Software India Pvt. Ltd. (client: L&T Ltd., India)

Sr. Software Engineer (Role: Team Lead)

Environment : Operating System: Solaris X86

Software : JDK1.5, Sun IdM 6.0, Sun One 8.1, Sun One Directory Server, Mysql 4.1.10, LDAP SDK, XPRESS, Access Manager, Lotus Domino 6.5, Oracle 8.1, MS SQL Server 2000, MS Windows 2003, SAP R/3, Netware NDS (GroupWise) 6.0, Windows Active

Responsible for client interaction for requirement gathering.

Developed the High level design and low level design for the whole project.

Configured the following connectors: Access Manager, Lotus Domino, NDS GroupWise, Oracle, MS SQL Server, Windows Active Directory, Windows 2003, SAP R/3, SAP HR

Designed and developed user self-service and Admin level service.

Aug 2005 – Feb 2006 SDG Software India Pvt. Ltd. (client: GE CIS, US)

Sr. Software Engineer (Role: Team Lead)

Environment : Software: JDK1.3, Sun IdM 5.0, WebSphere 5.0.1, Oracle 9i, Tomcat, MySQL, ANT 1.5, LDAP SDK, XPRESS, SPML, ssosdk1.6, SiteMinder APIs. Etc.

Using IdM, GE CIS wants to synchronize the Passwords of all the Modules they have developed in IdM Like SyncMail, VPN, E2K, W2K, Lotus Domino, and SSO from one Point. All administrative-interface transactions should be authorized against the security model of IdM. The user performing synchronizing the password of their account of VPN, E2K, W2k, SyncMail, SSO etc. can be done from one point. There are two modules in this project one is self-service module and Distributed API Module.

Responsible for client interaction.

Requirement gathering.

Coding of change password screen and SPML functionality.

July 2004 – July 2005 SDG Software India Pvt. Ltd. (client: GE CIS, US)

Software Engineer (Role: Team Lead)

Environment : Software: JDK1.3, JSP, Waveset Lighthouse 4.1(IdM), WebSphere 5.0.1, Oracle 9i, Tomcat, MySQL, ANT 1.5, LDAP SDK, SunONE (4.x) directory server, XPRESS, SPML.

Using Sun IdM, GEC wants to provision the VPN accounts to GE workers. One or more VPN accounts can be provisioned for a GE worker. All administrative-interface transactions should be authorized against the security model of IdM. The admin performing the transaction must have access to both the business unit of the worker that they are administering as well as the specific operation that they are performing.

Developed the high level design and low level design.

Developed the VPN module and SPML functionality.

Responsible for client interaction.

May 2004 – July 2004 SDG Software India Pvt. Ltd. (client: GE CIS, US)

Software Engineer (Role: Developer)

Environment : Software: VAP 7.01, Java, JSP, Servlet, HTML, and JavaScript, XML, Oracle 9i, Windows 2000 Server, Tomcat

This Project is about to Implement the Vignette For Inside GE Portal.

Dec 2003 – May 2004 Synergy Software Ltd, New Delhi (client: Bonanaza International Pvt. Ltd., Mumbai, India)

Software Developer (Role: Java Developer)

Environment : Software: JSP, JDBC, HTML, JavaScript, Oracle 8i, Apache1.3

E-Stock is a product that manages electronic transaction of share market.

Worked as a team member.

Developed Different modules like dos Printing, Web Printing, Scanner, Client Non-House Individual

Jul 2002 – Dec 2003 Osprey Software Technology Pvt. Ltd., Noida, India

Software Developer

As a software developer I was involved in development of java technology i.e. JSP, Servlet, EJB, JNDI, Java Mail, Java (comm. API), etc. Osprey Software technology has expertise on mobile technology. They have their own product called MFlash which is used to flash the messages in one go.

Education

MCA (Master of Computer Application) from Amity School of Computer Sciences, Noida

B.Sc. (Bachelor of Sciences) from DAV College Dehradun, Uttrakhand

Certification and Value Additions

IBM Tivoli Directory Server 6.3 implementation Certified.

IBM Security Systems Sales Mastery Certified.

IBM Tivoli Identity Manager 5.0 Certified but expired

IBM Tivoli Access Manager 6.1 Certified but expired

Training on Sun Identity Manager and Access Manager.

Training on Power of Ownership and Drive for Achievement.

Training on Microsoft Forefront Identity Manager 2012 R2

Advanced training on ActivIdentity (Secure Login and Card Management System).

Technical Expertise

IAM Products : IBM Tivoli Identity Manager 5.X, IBM Tivoli Access Manager 6.X, IBM Tivoli Directory Integrator 6.1.1, 7.X, IBM Tivoli Federated Identity Manager 6.2.2, ActivIdentity Secure Login (ESSO) 6.0, Passlogix (ESSO), Sun Identity Manager 4.6, 5.X, 6.0, Sun Access Manager 7.X.

Directory servers : Tivoli Directory Server 6.X (MMR), Sun One Directory Server 5.X, 6.X (MMR), MS Active Directory

Application/Web/

Web-proxy servers : Web Sphere Application Server 6.X, 7.0, Sun One Web Server, Sun One Application Server, Sun One Web Proxy Server, Messaging Server, Calendar Server, Portal Server, Communication Express, Tomcat, Oracle9iAS, Apache1.3, JBoss, WebLogic 5.1,

Databases/

Applications/

Languages : IBM DB2 9.5, Oracle 8i, Mysql, JAVA, Servlet, JSP, JDBC, JavaMail, JNDI, ANT1.5, Java Web Services PL/SQL, WML, XML, DOM and SAX Parsers, CDO, ASP, XPRESS, SPML, WSDL

Tools : JDK1.4, JDK1.5, TOAD, Fiddler 2.0, 4.0, Wireshark

Other Technology : LDAP, GSM, SMTP, POP3, IMAP, SOAP, SAML 2.0

Personal Particulars

Marital status: Married

Nationality: Indian

VISA H1B

Contact this candidate