Sukumar Epari
857-***-**** ac3rga@r.postjobfree.com
Professional Summary
Implementation Plan for Network management and automation Tools & Qualys compliance module
Network Security, Network Zoning, Qualys guard Implementation and configuration.
Evaluate, Design, Test / Review, Validate Access Control / Devices.
Firewalls Hardening, Network Management Product Evaluation
Analysis of identified gaps and formulate a mitigation plan
Functional/Technical Standards on Network devices hardening / Access control
Identity and Access Governance - technical leadership for Identity & Access Management (IAM) systems
Public Key Infrastructure includes issue, modify and termination of External/SSL/SMIME certificates using Symantec tools. Infrastructure maintenance working with Application Server, Database and Wintel teams co-ordinating patching waves to ensure security updates are up-to-date.
Authoring Standard Operating Procedures, Known Error Database, Knowledge Base articles.
Security & Risk Management includes identifying Security threats, assessing the applicability, prioritizing the risks by rating and impact, classifying the type of risk and drive closure based on the company's security policies.
Identifying the Non Compliance based on the Information Security Policies provided by the client with periodical checks with the individual teams. Working on them with the teams to drive closure.
Working on Non Compliance Extensions in case of complications/ High priority production impacts from the Vendor/Administrative teams.
Monitoring and Managing infrastructure and system performance by performing regular Health checks.
User Access Management in different environments like Windows, UNIX, AS400, BASE24, Midrange
Systems and other Client specific applications.
Experience in Authentication & Access Control administration and infrastructure maintenance. Worked on Tools like Tivoli Access Manager, Tivoli Security Policy Manager, and Active Directory. Infrastructure is managed on Windows/UNIX Platforms.
Privileged Identity and Access Management using Hitachi Privileged Access Manager
Work and resolve directory and LDAP issues via ticketing process.
Working on Reports using excel, documentation through Microsoft Word.
Working on Change management processes and Incidents as per the processes involved using various tools like Service Now, HP Service Manager and BMC Remedy.
Major Incident Management – Business Unit Security Operations.
Managing a team of 10 for client technical issues, escalations and Internal activities like Performance monitoring, Performance reviews, Leave Tracking, Providing required approvals for New onboarding access creations etc.,
Configuring Centralized Log Consolidation to Splunk and integration with Ansible.
Application and health monitoring in AppDynamics, Manage Engine, & New Relic Server.
Education
BACHELOR OF TECHNOLOGY MAY 2006 BERHAMPUR UNIVERSITY
Certifications
INDUSTRY CERTIFICATIONS: ITIL
VENDOR CERTIFICATIONS: IBM FEDERATED TIVOLI IDENTITY MANAGER, WEBSPHERE APPLICATION SERVER
SKILLS & ABILITIES
Qualys Guard
PKI and Access Management
LDAP
Tivoli Identity Manager
Tivoli Access Manager
Hitachi Privileged Access Manager
Active Directory
Public Key Infrastructure
Information Security Compliance
ADFS 2.0
AS400 User Management
Steel Belted RADIUS
ITIL
Infrastructure Maintenance
WINDOWS/UNIX Platforms
Experience
Syntel, Inc.
John Hancock Financial Services, Boston
Platform Engineer, Shared Web & Platform Services 6/2017 to Present
Network device Hardening/Access Control Technical Specification
Network management platform Deployment
802.1x, Network Zoning Implementation
Qualys Guard Compliance Module Implementation.
Documentation of VPN and Third Party Connectivity.
Automate monitoring of Security with New Relic.
Documentation and review of knowledge base and providing standard operation procedures, known error databases, maintaining configuration management database in ServiceNow.
Author, Review and provide sign-off for Known Error Data Base and Standard Operating Procedures.
Network architecture document both logical and physical
Detailed walkthrough of network architecture including 3rd party connectivities
Current security policies and procedures templates
Access to Network LAB devices (VPN)
New Relic Configuration for Infrastructure, Synthetics and APM metrics.
Tasks, Priority Incidents and Change Approval Workflow in ServiceNow.
Request, Incident and Change Management, adhering to defined SLA.
Toronto Domino Auto Finance
Team Lead, Security Platform 5/2013 to 5/2017
Understand and evaluate current TDAF infrastructure of TDAF with respect to Network Access Control/Devices
Understand and evaluate network management Tools
Understand and evaluate Qualys Guard requirements
Evaluate the current configuration baseline of network devices
Test the 802.1x implementation parameters
Test the network management platform on evaluated parameters
Review the functional and technical specification documents
Review & Test the hardening policies on LAB devices
Test the Network Zoning feasibility
Certificate Administration, expiring certificates updates, import and configuration of new certificates.
AppDynamics familiarity with functions, monitoring, and usability.
Auto discovery configuration on ServiceNow of Servers and Appliances to capture CMDB details.
Streamline manual ID Admin processes to a fully automated Identity & Access Management solution, improves performance, reduction in manpower costs, reliability, auditability, and reporting.
ISAM Consultant 1/2011-5/2013
Architecture Requirement gathering.
Configure WebSphere Application Server IMS Server Cluster.
Upgrade Access Agent - Centralized deployment for different operating systems across enterprise.
Upgrade IMS Server TAM ESSO v6 to ISAM ESSO v8.
Onboarding Application to create Web Application Profiles.
SQL queries to analyze and provide customized reports from Audit Logs.
DB2 build and support, running queries to generate timely usage reports.
Patni Computer Systems Ltd. (Now Capgemini)
Security Administrator 6/2010-12/2010
Upgraded CA IDM 12.5 environment to 12.6 SP4
Designed and Implemented new architecture for CA IDM 12.6 SP4
Implemented new Provisioning for AD Groups
Implemented enablement of Encryption across all of CA IDM 12.6 SP4 infrastructure
WebSphere Clustering with 4 Nodes and Deployment Manager
Implemented CA Directory Server Replication and Load Balancing
Wipro Technologies
CIGNA Global Advisory
Security Administrator 1/2009-5/2010
RBAC Entitlement Authoring - Job Role and Sub Role mapping Local, Global groups.
DSC NT Administration -
Developed RFP Process for new Identity Governance Tool, including pre-evaluation of all tools available.
Conducted onsite evaluations of 4 different vendor’s tool sets and offerings.
Produced analytics as results of the Tools RFP evaluation process.
Ability to consume data from ISIM or other repositories, Role Cleanup entitlement views, Risk Level to Roles, Identity aware profiling, integration with Stealth-bits for unrestricted data components, and a proposed Role discovery.
Leading team of 8 Technical consultants for the new design of Day 1 automated provisioning.
Stellar technical writing, documentation development, process mapping, and visual communication skills.
Excellent interpersonal and verbal communication skills, customer interaction skills.
Extension of ITIM LDAP to support custom attributes where needed.
Requirements Analysis for Solution design to resolve current existing issues along with enhancement of their current deployment under ISIM 7.0
ITIM Testing Cycle Support for each environment (UAT/Staging/Production)
State Street Global Advisory
Security Administrator 05/2008-12/2008
Deployed and Integrated with Latest IBM TIM RMI Adapter's, TAM Adapters with TIM Provisioning Policies, Adoption Polices, workflows, etc.
Extension of ITIM LDAP to support custom attributes where needed.
Requirements Analysis for Solution design to resolve current existing issues along with enhancement of their current deployment under ITIM 5.0
TAM/ITIM Testing Cycle Support for each environment (UAT/Staging/Production)
Stellar technical writing, documentation development, process mapping, and visual communication skills.
Excellent interpersonal and verbal communication skills, customer interaction skills.
Deployed and Integrated with Latest IBM TIM Active Directory Adapter's, with ITIM Provisioning Policies, Adoption Polices, workflows, etc.
Extension of ITIM LDAP to support custom attributes where needed.
Requirements Analysis for Solution design to resolve current existing issues along with enhancement of their current deployment under ITIM 5.1
ITIM 6.0 Proposal and cost analysis with correct ROI statistics for currently deployed solution for downtime resolutions, manual reporting switching to automated reporting mechanisms, improved efficiency for Compliance and Audit remediation of accounts.
Wipro Technologies
Security Administrator 05/2006-04/2008
Installation/Configuration of TAM 6.0 Policy Servers. (UAT/Staging/Production)
Installation/Configuration of TAM Webseal Servers (UAT/Staging/Production)
Installation/Configuration of TSPM Internal, External, Proxy Servers with SSL (UAT/Staging/Production)
Installation/Configuration of SSL for all TAM Components (UAT/Staging/Production)
Apply Fix packs to all TAM components. (UAT/Staging/Production)
Excellent interpersonal and verbal communication skills, customer interaction skills.