Engineer Manager
Resume:
MITESH B MEHTA
WORK STATUS: US CITIZEN
** ******** ****, ********, ** 02368 Home: 781-***-****
ac6atr@r.postjobfree.com Cell: 732-***-****
Summary of Qualifications
Enterprise Identity and Access Management expert with experience in design, solution architecture, and implementation services. Highly motivated with strong analytical, conceptual, problem solving, leadership skills, and knowledge of deployment best practices that include testing, tuning and troubleshooting Identity Management, Federation and Application Security Solutions.
Areas of Expertise
Identity & Access Management • Data Security • Federation • SSO
Technical Skill set
• Identity Management & Security: CA IMAG Suite (CA SiteMinder r6.x r12.x, CA Federation Manager r12.x, CA Identity Manager R12.x, CA SiteMinder Web Agents, CA Secure Proxy Server, CA CloudMinder, PKI, Kerberos, CA Identity Minder, ADFS 2.0, Ping Federate, Ping One, Ping Identity, IBM TFIM, TIM, TAM.
• LDAP Directories: Ping Directory, Microsoft Active Directory, CA-Directory, Oracle Directory Server (Sun One Directory Server), Symas OpenLdap, Oracle Internet Directory (OID), Postgress.
• BackOffice Software: Database (MS-SQL 2005, 2008, Oracle 11g, MySQL), Webserver (IIS, Apache, IHS, OHS), Application Servers/Containers (WebLogic, JBoss, Tomcat, IIS, Oracle Application Server), Reverse Proxy configurations.
• Operating Systems: Linux, Solaris 9, 10 (x86 &SPARC), Windows 2003, 2008 (SP2 and R2) Enterprise Edition Servers
• Hardware Virtualization: VMware ESXi Sever 3i, 4.1, 5, VMware Virtual Center, VMware Workstation 7,8, Oracle VM Virtual Box, Microsoft Azure VM
• Federation Protocols: SAML 1.1, SAML 2.0, ADFS 2.0
• Cloud Platforms & API: Microsoft Azure, Amazon AWS, Google.
• Programming Tools/IDE/Frameworks: Eclipse 3.x, OEPE, Jxplorer, Apache Directory Studio,
Security :IBM Datapower •CA Layer7 (Trained)
Computer Language or Scripting Tool: Java SE/J2EE • Perl • Java Script •UNIX Shell Scripting • HTML • Oracle Service Bus (Trained)
PROFESSIONAL EXPERIENCE SKILLS
April 2015-Present
Security Consultant and Product Manager – U.S. Public Sector Perspecta.com
153- Taylor Street,
Littleton, MA 01460
Primarily responsible for creating, developing, and maintaining new cloud identity and access management offerings.
Helped manage, develop, and maintain a CA Secure Cloud Identity and Access Management solution hosted in HPE Helion data center.
On-boarded multiple customers for two-factor authentication via radius and SAML.
Created custom Java application hosted in AWS to integrate with multiple cloud IDaaS solutions (CA Identity Service, Okta, and OneLogin) using Java Spark, OpenSAML and OneLogin SDK for testing tasks related to authentication, federation, and various API calls.
•Engineer and maintain HP’s enterprise Single Sign-On environment. Components include:
• SiteMinder policy servers R12.52Cr04 • SiteMinder Proxy Servers • Federation and LDAP directory services • Ping Directory • Symas OpenLdap • ADFS • Postgress • CA-Secure-Cloud 1.54 • Ping Federate 8.00 • Microsoft Azure • Aveksa • NetIQ
Managed multiple cyber security projects within HP Federal to ensure successful delivery of the security control implementations.
Developed the HP Identity and Access Management methodology (IAM) and oversee a number of HP IAM projects.
Provide Pre-sale support and business development on various RFPs and helped to win the projects related to Identity and Access Management, Security Testing, Cloud Security and SOA Security.
Single Sign On (SSO) project for U.S. Government Cloud-Based Infrastructure leverage CA suite of Identity and Access Management.
August 2014 –April-2015
Siteminder Engineer, TekSystems consulting co.
(Project: Ernst & Young), Secaucus, NJ 07094
Installing CA-SiteMinder Policy Server 6.X, and R12.X on UNIX, Linux and IIS O/S.
Migrate and Redesign Global R12.51 infrastructure.
Collaborate with architecture, development, operations, security, engineering teams to ensure quality design, implementation, and performance of enterprise security solutions.
Redesign ACOs, HCOs and Create Standard Policy Store Object Naming convention for Corporation.
Set up SSO for New On-Board Application (Intranet/Internet Client).
Install/update Siteminder WabAgent on Different O/S (I.e. Linux, UNIX, Apache, and IIS etc.)
Implementing and supporting other SAML-based Federation technologies and/or Active Directory.
March 2014 – August 2014
Sr, SiteMinder Engineer Shared Access Infrastructure Tricare MetLife Insurance Co
5411 Page Road, Raleigh, NC 27703
Provide leadership in the development of system design specifications and deployment.
Research available software, network, monitoring, and/or hardware products, solutions, capabilities and upgrades and selectively recommends implementations.
Supporting in Tier 3 troubleshooting.
Leads the evaluation of vendor proposals & partner with the Capacity Management team to conduct performance studies / benchmarks and prepare reports on findings, as needed.
Assist mid-level management in reviewing overall plans & identifying gaps and needed tasks.
CA SiteMinder v6.x or v12.x policy server and agent installation, configuration, and support.
Installing, configuring, and supporting Apache-based web server software.
Red Hat Enterprise Linux v5.x operating system administration.
Help architect and design future state R12.52 SiteMinder infrastructure.
August 2011 - March 2014
Senior Consultant, CGI Tech and Solutions Inc,
11325 Random Hill Road, Fairfax, VA 2203-06051
Installed, configured and maintained CA SiteMinder Policy Server 12.X on Linux, Windows platforms in Cloud. (In POC, UAT and PROD cloud environments)
Experience in installing, configuring SiteMinder policy server Web agents, ASA agents, Domino Agents, Active Directory server (LDAP) and various Web & Application servers.
Implemented the SAML federated services (Shibboleth) for CGI GSA MSS Portal.
Integrated the Domino server with SiteMinder Domino Agents for SSO.
Configured Shibboleth 2.x for SSO across multiple web based enterprise applications.
Hands on Experience in configuration of SiteMinder Authentication Schemes, Realms, Rules, Responses and Policies
Involved in the SAP upgrade Projects for Site minder Integration.
Hands on experience with configuring IdP initiated and SP initiated SAML profiles with different bindings like POST, Artifact, Redirect as per the custom business and security requirements.
Worked on Configuring the Domains, User directories, Rules, Realms, Responses and Policies for the Policy server.
Worked on Directory Services as per the needs of the business. Involved in the exporting and importing LDIF files.
Worked extensively on creating Custom Password policies and Authentication schemes as per the requirement.
Experience in trouble-shooting the issues by analyzing the trace and TAI logs.
Created, Configured and Administered Profiles, Clusters, Nodes and Node Groups for WebSphere Application Server.
Monitored the Apache servers for Caching and memory usage.
Providing 24x7 production support and on call support.
Experience in installing, configuring (OWSM) Oracle Web Services Manager 11gR1, (OSB) Oracle Service Bus.
Defining web-services, OSB & BPEL flow, designing Low Level Designs.
Setting up OWSM WS-Security policies for CGI-MAHIX project. OWSM protect WebLogic Server JAX-WS Web services and Web service clients.
Worked and Used Oracle OWSM (To Protect Third Party Environments).
Intersecting Identity Management (OID,OAM) and SOA (OBPEL,OSB)
Worked and Implementing Auditing and Oracle Harding documents.
Worked with Senior Architecture members and Client members to create MA HIX/IES Project SECURITY ARCHITECTURE/DESIGN document and Plan as per NIST 800-53
April 2010 -August 2011
System Engineer, TekSystems consulting co
(Project: Cigna Health Corporation), Hartford, CT
Implemented end to end role and policy administration within Identity Management application adhering to least privilege and RBAC methodology
Created best practice documentation documenting these policies within IdentityMinder for auditing purposes and documentation purposes. This documentation was created on a per project basis.
Installing CA-SiteMinder Policy Server 5.X, 6.X, and R12.X on UNIX, Linux and IIS O/S.
Migrate CA-Policy Server From 5.X to R12.X.
Installing CA-Siteminder Web Agent On RedHat, Suse, AIX, SUN, IIS, WebSphere, IBMHttp, iPlanet and Apache Servers
Starting / Stopping / SiteMinder Unix processes, Monitoring SiteMinder environment (e.g. running processes, application errors, etc), Install upgrades / fixes of SiteMinder application
Participate in design and testing, Migration of Policy Data
Create New Domain in SM Policy Server with SM-Policy Objects (i.e. WA, WAGroup, AOC, HOC, Realms, Rules, Responses, User Directory, Password Policy, Authen Scheme, and Policy Etc.)
Manage move up of Siteminder Policy updates (i.e. DEV to UAT to Production)
Co-ordinate LDAP and AD Team for user store updates and installation.
Configuration and maintenance (e.g. patches, upgrades, etc for SM Policy and SM Agent)
Running query and update commands (e.g. updating attribute values for Siteminder records)
Backup & Recovery Policy servers, Policy store etc and 24X7 On-Call Support.
WebSphere Application Server, Configuration and maintenance (e.g. patches, upgrades, security, etc)
Install and configure SiteMinder and related applications (i.e. Secure Proxy Server, Federation)
Aug 2002 - Mar 2009
Systems Security Architect (Officer), State Street Corporation, Westwood MA.
Configuration, tuning, and enhancement of system security middleware design and implementation of solutions to support integrated security architecture.
Configuration and tuning of identity management software (CA/Netegrity Siteminder, RSA SecurID/ACE server, LDAP).
Support the building and maintenance of role based access control roles.
Coordinate efforts that involve other operations departments within CLIENT.
Collaboration with corporate webhosting team on web server configurations to support system security (iPlanet 6, IHS/Apache, Sun).
Development of Perl, TCL and shell scripts in support of enhancements to system security architecture on UNIX Solaris and AIX platforms.
C++, Perl, HTML, JSP and Java programming using Netegrity Siteminder, and RSA SecurID APIs to support various system security initiatives.
Programming of applications using Oracle, Sybase, and MS SQLServer.
Managing the Sun Access manager and Directory Servers (Using Sun One Management Console, JExplore etc.).
Strong understanding of the Architectural Components of SiteMinder (System Security), the deployment and configuration of these components, the implementation of security policies, and the system management tasks related to SiteMinder.
Administered Windows NT, Windows 2000, IBM HTTP Apache and Solaris servers, running Microsoft IIS and Sun iPlanet web servers, WebLogic application servers, with Netegrity Siteminder authentication, and Sun LDAP services.
Installed and maintained applications in separate Development, Test, Production, and Disaster Recovery environments, using change control methods to ensure application consistency and reliability throughout all environments.
Installed and configured Microsoft's Internet Information Services (IIS 5.0) web servers for a secure environment, using custom installation scripts, IIS Lockdown tools, and security patches.
Performed SiteMinder Policy Server and Web Agent installation, and upgrades including Quarterly Maintenance Releases, Service Packs and Solution Modules for SiteMinder. In addition to this I have experience in the performance tuning of SiteMinder Components, based on our business needs (i.e. Setup Apache Module mod_proxy for forward & reverse proxy mode).
Integrated new applications with SiteMinder, including IPlanet Web Server, IIS, and IPlanet Directory Server, across multiple environments including Solaris, NT, and Linux. In addition to this good experience in the Integration of IBM WebSphere into the SiteMinder Environment (Siteminder Tai).
A thorough knowledge of LDAP, it's hierarchical object-oriented data model, it's relationship to SiteMinder, and extensive experience in troubleshooting LDAP and SiteMinder issues.
Integrated new parameters in web agents for cross site scripting and security vulnerabilities.
Used Xampp (containing Apache, MySQL, PHP and Perl.) to create Siteminder policy objects and store all data into MySQL database thru Web GUI Input Page.
Used HTML, PHP, Java Scripts and Perl for creating Logging pages for SSO.
Created Jil files (Autosys) and Shell Scripts for backup and archive Log file.
Created Perl scripts for Daily Policy Server's Authentication, Authorization, Access and Error log file for remotely storage.
Jun 1999 -Aug 2002
Systems Programmer, State Street Corporation, Westwood MA.
Worked 24x7 as part of the Messaging team to support IBM's MQSeries (middleware) and Interchange/MPP's (in-house routing code) on UNIX, OS/390, DEC, Tandem and NT with Solaris and AIX being the primary focus performing upper and lower level support as needed
Programmed in Perl, Bourne, C shell and C to facilitate daily operations, using SCCS and Clearcase (source control) and Bugtrak, promoting code from Development to Production with Tivoli after coordinating with QA
Worked with other groups, customers and outside vendors to troubleshoot problems with the network, Autosys, modelling, VCS (HA), NDC, Disaster Recovery, Sybase and hardware
Managed and supported projects including DNS changes, setup of new MQ environments, beta testing of Qpasa, setup of Clearcase, setup of monitoring programs, Production cutovers, benchmark testing, message archiving and client channel exits
Trained and supported other employees
C/C++ programming of application server objects for business services, SWIFT format and XML format messaging, and MQ Series communications.
Technical support and trouble shooting of Development and QA environments on Unix (AIX 5.1, Solaris 8) and NT platforms Unix system administration.
Remote technical support of client site installations.
Created Daily batch Autosys Jobs for Message and Data engine.
Dec 1995 - June 1999
Sr. Mechanical Quality Controller, Hologic Inc. Bedford, MA
Insured Quality of incoming material from suppliers. Read and interpreted blueprints using geometric tolerance. Use precision inspection tools including Optical Comparator, Brown & Sharpe validator and Microhite.
. Designed vendor history files and inspection plans to be used for incoming material.
. Developed and maintained inspection criteria for incoming inventory.
. Created First Article reports.
. Designed Sampling plan for Quality Control and collect all data for creating statistic techniques.
. Supported floor for any interface during part assembly, new product design and any manufacturing engineering.
Oct 1990 June1994
Sr. I.Q.A Technician (System Manager), CibaCorning Diagnostics Co. Medfield, MA
Duties included the inspection of purchased items to assure that they conformed to Ciba Coming specifications. Assisted product design and manufacturing group by providing inspection and measurement support on first piece and prototype parts. Wrote new programs for the coordinate measuring machine according to Engineering specifications and requirements for the more sophisticated Ciba Coming parts. Updated and maintained all Program changes. Skills include a working knowledge of geometric dimensioning and tolerance. Maintained and operated Brown & Sharpe Coordinator Measuring Machine, Programmable Height Gage, Optical Comparator, Smart Scope, and other precision measuring equipment used for mechanical testing.
April 1990- Oct 1990
Design Drafter. Granutec Inc. East Douglas, MA
Duties included the primary layout and detailing for drawing of granulating machinery including cutter drive, feed conveyors and regrind removal system. The duties would start with a typical written order from the Sales department outlining the type of machine as to size, drives, feed and evacuates system. A completed package of drawings with order lists and a summary "Construction" list was then given to the chief engineer for review.
Sept 1988 - April 1990
Mechanical Quality Controller, M/A Com. Omni Spectra Inc. Waltham, MA
Duties included the inspection of manufactured microwave connectors in both the In-process and final ship Stage. Reviewed performance/specification requirements to meet customer needs and maintain products / process Reliability. Reviewed S.P.C requirements and processed compliance to established midrange level. Equipment used during day-to-day activities included but not limited to Optical Comparator Insulator resistance, Dielectric Withstand Voltage testing equipment, and other precision measuring instruments.
April 1984 - Nov 1984
JR R & D (Mech.) Engineer, Systronics Electronics Inc, India
Responsible for production designs of medical and scientific instruments.
Sept 1981 - April 1984
Mechanical Quality Engineer. Textile Eng. Pvt Ltd., India
Responsible for the fabrication and assembly of textile processing machinery.
Aug 1980 - Aug 1981
Quality Control Engineer, Indequip Engineering Ltd., India
Responsible for the production and quality control of textile machinery parts.
EDUCATION
Government Polytechnic College. India. Diploma Mechanical Engineering 1981
Government Polytechnic College. India. Diploma Electrical Engineering 1985
L.D. Engineering College. India. Post Diploma in Air Conditioning & Refrigeration Engineering 1986
College of Computer Science
Bachelor of Science in Computer Science candidate. Currently a senior with 149 of 178 credits.
TECHNICAL TRAINING
Computer Systems Specialist Certificate, Northeastern University Boston, Massachusetts. 1998
Computer Network Security Certificate, Northeastern University Boston, Massachusetts. 2000
Part time, intensive, hands-on training in C and C++ programming and software development tools, UNIX system administration, system installation, account management, and TCP/IP networking.
CORPORATE SPONSORED TECHNICAL TRAINING
Covering various subjects, including:
Database design
MQSeries, Siteminder. LDAP, CA identity Manager, CA CloudMinder, CA Auth/RiskMinder
RSA Server (FOB, WebExpress)
Webserver administration and /or support experience (IBM Client, Apache, and IIS etc.)
Knowledge of IBM WebSphere Application Server, WebLogic, OWSM, OSB
UNIX shell scripting, Knowledge of SAML
Java programming knowledge, networking background
MISCELLANEOUS EVENING CLASSES
Perl, PHP, MYSQL, Xampp, NetBeam IDE, Jdevloper SOAPUI.
Contact this candidate