Manager Management
Resume:
SAI ASHISH REDDY BOGGULAPALLY
**B Buckley St, Quincy, MA 02169 Phone: 617-***-****
Linkedin: https://www.linkedin.com/in/ashish-reddy-0b039ba4/ Email: *************@*******.***
mailto:*****-**************@*****.***
EXPERIENCE
November 2018 – December 2018
Role: Access Engineer
Mastercard, O'Fallon, MO
Worked as a team in understanding the client’s federated infrastructure for SAML 2.0
implementations for the various business stacks (B2B, B2C, B2E).
Created implementation plans for the onboarding SAML 2.0 based applications and worked with business operations team to implement changes complying with separation of duties.
Learning through IBM access Management technologies TFIM and ISAM version 9.0.0.3 and trained in creating federation SAML 2.0 configurations as an Identity Provider and Service Provider in the development environments.
Learnt the way of creating and updating federation configurations through automation framework using IntelliJ IDEA by branching the automation code based on stacks and pushing new changes to the endpoint.
Assisted and worked on troubleshooting sessions for the configured federated applications as an IdP with Junior Engineers on the team and thereby training them with SAML 2.0 protocol and creating Azure RBAC configurations.
Environment: IBM Tivoli Federated Identity Manager, IBM Security Access Manager, LDAP, Microsoft Azure, IBM webSEAL, Key Management Systems, Intellij IDEA, Fiddler.
January 2018 – October 2018
Role: Experienced Associate, One Cyber Team,
PricewaterhouseCoopers Advisory Services, Boston Office, MA.
Worked with PwC associated clients responsible in Implementing and testing the Cloud IdaaS solutions i.e; Okta and integrating the solution for Single-Sign On access and implementing group based and RBAC solutions for users accessing Salesforce and Google Suite of applications.
Assisted client in leveraging Azure Multi-Factor Authentication for office 365 suite of Applications with implementing Conditional access policies and adding additional step of authentication for users accessing the Office 365 applications off the corporate network.
Create tangible documentation on the name of “Deliverables” for the client Administrators as Admin guide. Additionally, worked on creating operational and support guides for the technologies implemented and shared with the client in resolving the incidents and problems that may arise in the support basis.
Testing the solutions implemented and validating by creating Test Cases to validate all the requirements and submitting the Test results for the key stakeholders.
External to Identity and Access Management, we worked with team in conducting Risk Assessment for confidential clients based on developed Risk Methodology and providing client with the current Actual Risk and Residual Risk taking into consideration the control effectiveness that are already implemented in mitigating the risk.
The actual deliverable being the reports created helping clients make crucial decisions and meet regulatory requirements.
Creating the Engagement documentation from the initial phase to the end of the consultation.
Work with Directors, Mangers and attend client meeting to understand the requirements, noting meeting minutes and also creating weekly presentations to demonstrate the past, present and future progress of work as phases.
Learnt Privileged Access Management (PAM) using Cyberark solution implementations for securing enterprise user, service and admin accounts by implementing Vault, CPM and PVWA collectively known as Enterprise Password Vault (EPV) Solution.
Environment: Okta, Azure AD, AD FS, LDAP, Active Directory, Ping federate, Forgerock Access Management, Duo security for MFA, Cyberark Privileged Access Management, Cyberark EPV Solution, SAML 2.0 protocol, Oauth OpenID Connect, MFA, RADIUS Integration.
August 2016 – January 2018
Role: Systems Administrator
Client: Northwestern Mutual, Milwaukee, WI
Discuss the business requirement with multiple application teams in the organization and build a technical and implementation plan on configuring secure access control to the applications that are hosted with in the intranet/internet based on Role Based Access control and Group access protocols using the technologies CA SiteMinder, AD FS and Azure AD.
Created Policies, Realms, Rules and Responses in CA SiteMinder policy server to protect the applications by installing CA Web Agents and configuring Agents and Agent Configuration Objects.
Responsible for configuring Seamless access to the client-external vendor applications using industry standard protocols SAML 1.1, SAML 2.0, WS-Fed.
Exchanging Organization metadata, plan on executing and test the access post configuration, troubleshooting with issues in the build process which includes coordinated work with Applications and external vendors.
Working with Single Page Application (SPA), WAS application teams for configuring the secure access to the applications with the latest trending concepts on Authenticating and Authorization using oauth 2.0 Open ID Connect(OIDC) protocol.
Configuring Multi-Factor Authentication (MFA) using RADIUS (Remote Authentication dial-in User service) authentication for applications that has high scalability to build additional secure layer of authentication and configuring MFA and SSO to the external vendor applications.
Coordinated with vendor applications during SAML certificate upgrade and architectural changes migrating SSO Apps from CA Siteminder to Azure Cloud.
Work with Incidents and Problems that are caused due to technical issues, Bugs, update failures and documenting resolution steps for tracking and Knowledge Management purposes.
Working with Splunk for Monitoring and analyzing logs for resolving issues related to user Authentication and troubleshooting.
Working with Okta for end client application access management.
Worked on certificate upgrades for CA SiteMinder policy store to policy server configurations and communication over SSL.
Worked on updating certificates for Riskminder Tomcat Servers to enforce encryption of data.
Support 24/7 on call rotation for high priority issues.
Worked with Assertion Governing and Provisioning team to implement MFA as a birthright for all the NM users by configuring provisioning policies in Identity Minder.
Prepare the documentation and KT (Knowledge Transfer) sessions to the low level support/help desk and application/business teams.
Environment: CA SiteMinder R12.52, Windows 2008, Windows 2012, IIS 7.0/7.5, Apache web server 2.0/2.4, CA Directory, Oracle Directory, SiteMinder Federation, Okta, Azure AD, AD FS, LDAP, Active Directory, CA Identity Minder.
RESEARCH/TECHNICAL/COMMUNICATION SKILLS
Good knowledge in Identity and Access Management Domain.
Good understanding about provisioning and de-provisioning users, Identity Governance.
Good knowledge on SSL communication, Certificate Authorities and encrypting/decrypting algorithms.
Good knowledge in working with implementation, installation and configuration of CA Web agents on IIS, Linux with different flavors of web servers for protecting access to applications.
Troubleshooting issues with CA Siteminder and performing RCA on incidents and problems.
A very good understanding on ADFS, Azure AD, Okta (SAML and MFA working procedures.
Experience in identifying and troubleshooting SAML issues related to IdP and SP configurations.
Good understanding of load balancing concepts, Split DNS and firewall ports for communication.
Good knowledge of Control Systems, Wireless Communication, Communication protocols.
Proficient with Windows and Linux operating Systems.
Basic knowledge of programming in C language and JAVA.
EDUCATION
Florida International University (FIU), Miami, FL August 2014- May 2016
Master of Science in Computer Engineering
(GPA: 3.77 out of 4)
SRM University, ABET Accredited, India August 2009- May 2013
Bachelor of Technology in Electronics & Communication Engineering
(CGPA: 6.385 out of 10)
ACADEMIC PROJECT
Project Title: Anti-Theft System for Electronic Equipment using Inertial MEMS Sensor and
Zigbee.
An Anti-Theft System with the MEMS sensor which is controlled by a Remote Control Unit.
Zigbee protocol is used as a communication medium and accomplished it successfully.
LEADERSHIP & VOLUNTEERING EXPERIENCE
Treasurer for AARUUSH’12- A National Level Techno- Management Fest in SRM University.
Committee head for AARUUSH’11- A National Level Techno-Management Fest held at SRM University.
Volunteered for Sobefest - The Food Network & Cooking Channel South Beach Wine & Food Festival in Miami Beach held by Florida International University for two consecutive years.
Contact this candidate