Sukumar Epari

857-***-**** ac3rga@r.postjobfree.com

Professional Summary

Implementation Plan for Network management and automation Tools & Qualys compliance module

Network Security, Network Zoning, Qualys guard Implementation and configuration.

Evaluate, Design, Test / Review, Validate Access Control / Devices.

Firewalls Hardening, Network Management Product Evaluation

Analysis of identified gaps and formulate a mitigation plan

Functional/Technical Standards on Network devices hardening / Access control

Identity and Access Governance - technical leadership for Identity & Access Management (IAM) systems

Public Key Infrastructure includes issue, modify and termination of External/SSL/SMIME certificates using Symantec tools. Infrastructure maintenance working with Application Server, Database and Wintel teams co-ordinating patching waves to ensure security updates are up-to-date.

Authoring Standard Operating Procedures, Known Error Database, Knowledge Base articles.

Security & Risk Management includes identifying Security threats, assessing the applicability, prioritizing the risks by rating and impact, classifying the type of risk and drive closure based on the company's security policies.

Identifying the Non Compliance based on the Information Security Policies provided by the client with periodical checks with the individual teams. Working on them with the teams to drive closure.

Working on Non Compliance Extensions in case of complications/ High priority production impacts from the Vendor/Administrative teams.

Monitoring and Managing infrastructure and system performance by performing regular Health checks.

User Access Management in different environments like Windows, UNIX, AS400, BASE24, Midrange

Systems and other Client specific applications.

Experience in Authentication & Access Control administration and infrastructure maintenance. Worked on Tools like Tivoli Access Manager, Tivoli Security Policy Manager, and Active Directory. Infrastructure is managed on Windows/UNIX Platforms.

Privileged Identity and Access Management using Hitachi Privileged Access Manager

Work and resolve directory and LDAP issues via ticketing process.

Working on Reports using excel, documentation through Microsoft Word.

Working on Change management processes and Incidents as per the processes involved using various tools like Service Now, HP Service Manager and BMC Remedy.

Major Incident Management – Business Unit Security Operations.

Managing a team of 10 for client technical issues, escalations and Internal activities like Performance monitoring, Performance reviews, Leave Tracking, Providing required approvals for New onboarding access creations etc.,

Configuring Centralized Log Consolidation to Splunk and integration with Ansible.

Application and health monitoring in AppDynamics, Manage Engine, & New Relic Server.

Education

BACHELOR OF TECHNOLOGY MAY 2006 BERHAMPUR UNIVERSITY

Certifications

INDUSTRY CERTIFICATIONS: ITIL

VENDOR CERTIFICATIONS: IBM FEDERATED TIVOLI IDENTITY MANAGER, WEBSPHERE APPLICATION SERVER

SKILLS & ABILITIES

Qualys Guard

PKI and Access Management

LDAP

Tivoli Identity Manager

Tivoli Access Manager

Hitachi Privileged Access Manager

Active Directory

Public Key Infrastructure

Information Security Compliance

ADFS 2.0

AS400 User Management

Steel Belted RADIUS

ITIL

Infrastructure Maintenance

WINDOWS/UNIX Platforms

Experience

Syntel, Inc.

John Hancock Financial Services, Boston

Platform Engineer, Shared Web & Platform Services 6/2017 to Present

Network device Hardening/Access Control Technical Specification

Network management platform Deployment

802.1x, Network Zoning Implementation

Qualys Guard Compliance Module Implementation.

Documentation of VPN and Third Party Connectivity.

Automate monitoring of Security with New Relic.

Documentation and review of knowledge base and providing standard operation procedures, known error databases, maintaining configuration management database in ServiceNow.

Author, Review and provide sign-off for Known Error Data Base and Standard Operating Procedures.

Network architecture document both logical and physical

Detailed walkthrough of network architecture including 3rd party connectivities

Current security policies and procedures templates

Access to Network LAB devices (VPN)

New Relic Configuration for Infrastructure, Synthetics and APM metrics.

Tasks, Priority Incidents and Change Approval Workflow in ServiceNow.

Request, Incident and Change Management, adhering to defined SLA.

Toronto Domino Auto Finance

Team Lead, Security Platform 5/2013 to 5/2017

Understand and evaluate current TDAF infrastructure of TDAF with respect to Network Access Control/Devices

Understand and evaluate network management Tools

Understand and evaluate Qualys Guard requirements

Evaluate the current configuration baseline of network devices

Test the 802.1x implementation parameters

Test the network management platform on evaluated parameters

Review the functional and technical specification documents

Review & Test the hardening policies on LAB devices

Test the Network Zoning feasibility

Certificate Administration, expiring certificates updates, import and configuration of new certificates.

AppDynamics familiarity with functions, monitoring, and usability.

Auto discovery configuration on ServiceNow of Servers and Appliances to capture CMDB details.

Streamline manual ID Admin processes to a fully automated Identity & Access Management solution, improves performance, reduction in manpower costs, reliability, auditability, and reporting.

ISAM Consultant 1/2011-5/2013

Architecture Requirement gathering.

Configure WebSphere Application Server IMS Server Cluster.

Upgrade Access Agent - Centralized deployment for different operating systems across enterprise.

Upgrade IMS Server TAM ESSO v6 to ISAM ESSO v8.

Onboarding Application to create Web Application Profiles.

SQL queries to analyze and provide customized reports from Audit Logs.

DB2 build and support, running queries to generate timely usage reports.

Patni Computer Systems Ltd. (Now Capgemini)

Security Administrator 6/2010-12/2010

Upgraded CA IDM 12.5 environment to 12.6 SP4

Designed and Implemented new architecture for CA IDM 12.6 SP4

Implemented new Provisioning for AD Groups

Implemented enablement of Encryption across all of CA IDM 12.6 SP4 infrastructure

WebSphere Clustering with 4 Nodes and Deployment Manager

Implemented CA Directory Server Replication and Load Balancing

Wipro Technologies

CIGNA Global Advisory

Security Administrator 1/2009-5/2010

RBAC Entitlement Authoring - Job Role and Sub Role mapping Local, Global groups.

DSC NT Administration -

Developed RFP Process for new Identity Governance Tool, including pre-evaluation of all tools available.

Conducted onsite evaluations of 4 different vendor’s tool sets and offerings.

Produced analytics as results of the Tools RFP evaluation process.

Ability to consume data from ISIM or other repositories, Role Cleanup entitlement views, Risk Level to Roles, Identity aware profiling, integration with Stealth-bits for unrestricted data components, and a proposed Role discovery.

Leading team of 8 Technical consultants for the new design of Day 1 automated provisioning.

Stellar technical writing, documentation development, process mapping, and visual communication skills.

Excellent interpersonal and verbal communication skills, customer interaction skills.

Extension of ITIM LDAP to support custom attributes where needed.

Requirements Analysis for Solution design to resolve current existing issues along with enhancement of their current deployment under ISIM 7.0

ITIM Testing Cycle Support for each environment (UAT/Staging/Production)

State Street Global Advisory

Security Administrator 05/2008-12/2008

Deployed and Integrated with Latest IBM TIM RMI Adapter's, TAM Adapters with TIM Provisioning Policies, Adoption Polices, workflows, etc.

Extension of ITIM LDAP to support custom attributes where needed.

Requirements Analysis for Solution design to resolve current existing issues along with enhancement of their current deployment under ITIM 5.0

TAM/ITIM Testing Cycle Support for each environment (UAT/Staging/Production)

Stellar technical writing, documentation development, process mapping, and visual communication skills.

Excellent interpersonal and verbal communication skills, customer interaction skills.

Deployed and Integrated with Latest IBM TIM Active Directory Adapter's, with ITIM Provisioning Policies, Adoption Polices, workflows, etc.

Extension of ITIM LDAP to support custom attributes where needed.

Requirements Analysis for Solution design to resolve current existing issues along with enhancement of their current deployment under ITIM 5.1

ITIM 6.0 Proposal and cost analysis with correct ROI statistics for currently deployed solution for downtime resolutions, manual reporting switching to automated reporting mechanisms, improved efficiency for Compliance and Audit remediation of accounts.

Wipro Technologies

Security Administrator 05/2006-04/2008

Installation/Configuration of TAM 6.0 Policy Servers. (UAT/Staging/Production)

Installation/Configuration of TAM Webseal Servers (UAT/Staging/Production)

Installation/Configuration of TSPM Internal, External, Proxy Servers with SSL (UAT/Staging/Production)

Installation/Configuration of SSL for all TAM Components (UAT/Staging/Production)

Apply Fix packs to all TAM components. (UAT/Staging/Production)

Excellent interpersonal and verbal communication skills, customer interaction skills.

Contact this candidate