Manager Management
Resume:
Venkata K
Thornton,
Colorado
acxeq3@r.postjobfree.com
Career Summary
I have 10+ years of experience in the Software & Enterprise Security Industry. I have extensive skills in implementing the Identity & Access Management solution using various security products as Tivoli and CA suites.
I have been working on CA Suite of products from last 6 years and IBM Tivoli products for more than four years. Have an extensive experience in implementing security solutions using CA suite of products such as CA Identity manager, CA Identity portal, CA Site minder, IBM Tivoli products such as IBM Tivoli Access Manager, IBM Tivoli Identity Manager, LDAP, Directory Servers, Tivoli Directory Integrator (ITDI), Application servers, Clusters, Load Balancers, Virtual Directory Servers, Portal Servers, SSO products, DB2 and scripting languages. Provided design solutions using J2EE Framework, Enterprise Directories and security products for multiple clients. Have strong hands on experience in Java, J2EE and other Internet Technologies.
Professional Summary
Identity & Access Management Proficiency:
End to End design, implementation, upgrades and support of Identity and Access management infrastructure are listed below:
CA Identity Manager R12.x (12.0, 12.5, 12.6)
CA Provisioning
CA identity portal (Sigma)
CA Governance minder
Tivoli Access manager
Oracle Enterprise directory
Tivoli Directory Server
CA Directory Server
Radiant one virtual directory server
Core functional expertise:
CA Identity Manager: End to End design, implementation, migration and upgrades of CA Identity manager Version 12, 12.5, 12.6.
Identity Manager – Installation, Configuration, Administration of CA Identity manager, Directory Server, Provisioning Server/Manager, Admin Tasks, screens, Bulk loader, Policy Xpress policies, Task java scripts, Bulk tasks, BLTH, Event listeners, Invoke SOAP/REST web services from PX policies, Workflows, Mails, Identity policies, Admin Roles, Provisioning roles, Export and Import environment from Identity management console, Logical attributes, Integration of CA IDM with siteminder, Bi-directional password synch.
Provisioning – Provisioning Roles, Account templates, Endpoints, Explore and correlate, ETA UTIL scripts, Provisioning directory, Connector Server, Connector Xpress, custom connector.
Application servers – Websphere application server, Weblogic Application server and Jboss
Directory Server – Oracle enterprise directory server, Oracle internet directory, Radiant one virtual directory server
CA Identity Portal – Connector, Tasks, Forms, Target permissions, Entitlements, Modules, Profiles, UI profiles, Admin configurations
CA Governance Minder: Universe, PDI data analysis, Kettle scripts, Workflow, Campaigns
CA Siteminder: Domains, Affiliate Domains, Realms, Rules, Policies, Active response, Accept/ Reject Rules, Authentication Schemes like Multi-factor/Step-up/X 509 authentication/Custom Authentication Schemes, Agents configuration, Host configuration, User directory and mappings, Password Policies [APS], PKI Signing encryption certifications, SM-Profiling, Backup Strategy, Failover and load-balancing, Policies export, import and xpsconfig
Core Java/J2EE: Core Java, J2ee [JSP, Servlets], Web 2.0, AJAX, Java-Script, Identity management API, JNDI, Database coding
Tivoli Access Manager for e-biz – Installation, Configuration and setup to protect the realms, Configuring ACL’s, Protected Objects, User management.
Web Seal – Installation/ Configuration, Junctions protections, EAI, Authentication methods configurations, Auditing and logging.
Domain Knowledge
Having strong domain knowledge in Identity and Access Management.
Having strong domain knowledge in J2EE technologies.
Having strong domain knowledge in directory services.
Certifications
Tivoli Access Manager for e-Business 6.1
Tivoli Identity Manager 5.0 (ITIM)
Tivoli Directory Server 6.1
Education
Master of Computer Application (MCA)
Bharathi Dasan University (Tamilnadu, India, Passed out 2004 with 79.4 %)
Bachelor of Computer Science (BSC-CS)
Nagarjuna University (Andhra Pradesh, India, Passed out 2001 with 80%)
Board of Secondary Educations (Intermediate)
Nagarjuna University (Andhra Pradesh, India, Passed out 1997 with 78%)
Board of Primary Education (10th class)
Nagarjuna University (Andhra Pradesh, India, Passed out 1995 with 76%)
Working Experience
Worked as a Principal security analyst in Staples, USA from April 2015 to Oct 2016.
Worked as an IDAM Technology Lead in INFOSYS Technologies, USA from September 2009 to Mar 2015.
Worked as a Security Consultant in WIRPO, Hyderabad, India from April 2005 to September 2009.
Worked as software engineer in IBM Global Services, Pune, India (through Infinite computer Solutions) from Oct 2004 to April 2005.
Technical Skills
Technology
Tools
Security Products / Identity Management
CA Identity Manager, CA Identity portal (sigma),CA Siteminder, CA Governance minder, IBM Tivoli identity manager (ITIM), Tivoli access manager, Site Minder.
Directory Servers
Oracle enterprise directory server, IBM Tivoli Directory Server, IBM Tivoli Directory Integrator (ITDI), Sun One Directory Server 5.2 Radinat-One Virtual Directory Server, eTrust Directory Server and iPlanet Directory Server
Application Servers
IBM Websphere, Weblogic, JBoss and Tomcat
Databases
DB2, SQL Server 2000, Oracle
Web Technologies
Java Script, JSP, JDBC, JNDI, Java Applets, Java, Servlet, RMI, Struts, Tomcat, Web logic and Websphere Application server.
Programming Languages
JAVA, HTML
Development/Productivity Tools
Eclipse, Visio and Net beans
Present Job Responsibilities
Principal Security Analyst – Enterprise Security Services
As a Security Domain SME with Enterprise Security Solution domain, is responsible for providing Analysis, Design, Implementation, Deployment, Review and Roll-out of Identity and Access Management Solutions using Directory Management products.
PROJECTS
Principal Security Analyst - Staples – Colorado, US (Apr 2015 – till to date)
The implementation of the Identity and Access Management framework at Staples aims to achieve single sign-on, role base access control, password services, self-service registration, Audit management. The main aim of this project is to migrate existing identity management solution from Sun identity management to CA identity management solution. Implement user request access solution using CA Identity portal. Implement governance and compliance solution using CA governance minder.
Technologies used: CA Identity Manager R12.6, CA Provisioning Server R12.6, CA identity portal, CA Governance minder, CA Directory Server, CA Siteminder, Oracle enterprise directory server, WebSphere application server
Work location: Colorado, USA
Role & Responsibilities:
Installation, Configuration and Administration of CA Identity manager 12.6 SP7.
Installation, Configuration and Administrator of CA Identity Portal
Installation, Configuration and Administrator of CA Provisioning server, CA Provisioning directory and CA Directory
Implemented Requested based access control using Admin tasks, Admin screens, Admin Roles, Provisioning Roles.
Integrated Active directory, AS400, Oracle endpoints
Implemented custom connectors for Oracle enterprise directory server and provisioning users.
Implemented Policy Xpress policies, identity policies and mail policies for various business processes.
Integrated CA Identity manager with CA identity portal
Implemented Tasks, screens, forms, target permissions, security modules and profiles
Integrated CA IDM with Siteminder.
Implemented password synchronized functionalities, Self-Service functionalities using Siteminder and CA IDM
Installed and configured Bulk loader for daily onboarding of users from HR
Implemented kettle scripts for extracting user information, roles information and resource information from applications.
Analyze the application data using CA Governance minder data analysis tool.
Well versed with deployment of IDM functionalities from lower environment to higher environments.
Developed migration scripts for initial on-boarding of existing Identity and access management users from Sun IDM to CA IDM.
IDM Security Lead - Nordstrom Password Management – Seattle, US (Sep 2011 – Mar 2015)
The implementation of the Identity and Access Management framework at Nordstrom aims to achieve single sign-on, role base access control, password services, self-service registration, Audit management. Nordstrom has number of legacy applications. This project is to integrate all legacy applications to authentication frame work. This project is to handle user life cycle management i.e create/modify/transfer and terminate users from the applications. This project is also aim to provide automated access to end user applications based on the end user roles.
Technologies used: CA Identity Manager R12.5, CA Provisioning Server R12.5, CA Directory Server, CA Siteminder, Oracle Internet Directory, Weblogic application server
Work location: Seattle, USA
Role & Responsibilities: IDM Technology Lead
Installation, Configuration and Administration of CA Identity manager 12.0, 12.5 (SP Vx).
Installation, Configuration and Administrator of CA Provisioning server, CA Provisioning directory and CA Directory
Implemented Requested based access control using Admin tasks, Admin screens, Admin Roles, Provisioning Roles.
Integrated Active directory, RACF, Oracle endpoints
Implemented Policy Xpress policies, identity policies and mail policies for various business processes.
Integrated CA IDM with Siteminder.
Implemented password synchronized functionalities, Self-Service functionalities using Siteminder and CA IDM
Installed and configured Bulk loader for daily onboarding of users from HR
Upgraded the IDM environment from 12 to 12.5 and also from 12.5 various versions. .
Well versed with deployment of IDM functionalities from lower environment to higher environments.
Implemented functionalities using IDM API’s such as BLTH, Event listeners and Logical attribute handlers.
Optimize the IDM task execution performance by migrating the Identity policies to Policy Xpress policies.
Developed migration scripts for application on-boarding
IDM Technical Lead – e-Channel Portal – CPR, CANADA (Aug 2010 – Sep 2011)
Canadian Pacific Railway (CP hereafter) is reviewing the opportunity to source the replacement of the current production suite MyCPR Web program with a set of transactional Web Applications developed to satisfy the customer facing portions of CP’s e-Channel vision. CP’s vision includes development of applications to achieve the following: Simplified and standardized process for customer interactions, Customer self Service for all lead to cash transactions by delivering new and improved business functions on the Web, Single, Unified, end to end processes across all channels and all customer interactions.
Technologies used: Tivoli Access Manager, Tivoli Identity Manager (ITIM), Tivoli Directory Integrator (ITDI), Web-Sphere portal server, Web-Sphere application Server, DB2 and Tivoli Directory Server
Work location: Calgary, CANADA
Role & Responsibilities: IDM Technology Lead
Designed and implemented security solution using Tivoli suite.
Installed & Configure Tivoli suite on Linux environment in Dev, Test, Stage & Production environments.
Implemented self-Service modules using Tivoli product.
Implemented SSO b/w Tivoli and WebSphere portal server.
Involved in all phases of software life cycle includes requirement gathering, Design, Implementation, Testing and production Roll-Out.
Designed & Implemented e-Channel Portal security solution.
Successfully integrated e-Channel portal application with legacy applications.
Developed security services for fine grained authorization control using Tivoli security policy manager.
IDM Technical Lead – Global Vendor Identity Management - Wal-Mart, USA – Sep 2009 – Aug 2010
Current vendor employee identity request processes in Wal-Mart are mostly manual, cumbersome, time-consuming and inconsistent resulting in negative impact on productivity and security. Wal-Mart has undertaken an initiative to implement identity management provisioning tools and processes capable of automating current manual efforts while shortening the request process. Wal-Mart wants to extend identity management to non-supplier vendor employees contracted to it and to integrate its Vendor life cycle management into automated provisioning system.
Technologies used: CA Identity Manager (r12), Websphere Application Server6.1, eTrust Directory Server, Windows and UNIX operating System.
Worked location: INDIA
Role & Responsibilities: IDM Technology Lead
Involved in all phases of software life cycle includes requirement gathering, Design, Implementation, Testing and production Roll-Out.
Designed & Implemented Vendor Identity Management solution.
Successfully integrated Global Vendor IDM solution with backend endpoint servers.
Actively involved in System testing and UAT.
Developed scripts for deploying Global Vendor Identity Management solution into production.
Developed initial onboard scripts for Contractors into IDM System.
Deployed Global Vendor Identity Management solution into Production.
Security Consultant – ING-Viking Identity and Access Management – Amsterdam – Jan 2009 – Sep 2009
ING-Viking Identity Access management project will migrating ING Bank and Post Bank operations. ING-Viking IDAM will provide single sign-on solutions from ING Bank to Post Bank. It will provide Access Management features as Web Access Management, Protecting all ING-Viking application portals and Role Based Access Control to ING and Post Bank operations. ING-Viking will provide Identity features as Customer Maintenance, User Maintenance, Provisioning and User Self maintenance etc.,.
Technologies used: IBM Tivoli Identity Manager (ITIM), IBM Tivoli Identity Integrator (ITDI), IBM Tivoli Access Manager 6.0, Websphere Application Server6, Tivoli Directory Server, Websphere Portals, HACMP Clusters, Session Management Server, Sun-One Directory server and AIX operating System.
Work Location: Amsterdam, Netherlands
Role & Responsibilities: Security Analyst/ Deployment Engineer
Had been actively involved in the Installations and Configurations of the all Security Products.
Had integrated all ING-Viking applications portals with Access Manager.
Had implemented custom adaptors for ING-Viking resource provisioning.
Had installed session management server on a clustered environment and maintained single session per user across the environment.
Had implemented External Authentication Interface for all the users who will access the system from outside of ING network.
Had implemented password policies all the ING-Viking application users.
Had configured various target resource provisioning workflows.
Had installed and configured Websphere Portal and applications servers on a clustered environment.
Security Consultant – BP Identity and Access Management System – British Petroleum – Jul 2006 – Jan 2009
IDAM Authentication and Access Management will provide a common set of services for account management and access control for applications being used across the enterprise. These services will provide a mechanism for compliance to rules and regulations regarding identity protection and access control defined by the organization and entities external to the organization such as the government and compliance auditors.
Technologies used: IBM Tivoli Access Manager 6.0, Web sphere Application Server6, Tivoli Directory Server, Tivoli Directory Integrator (ITDI), Radiant One Directory Server, Windows 2003 server, Solaris10, IBM HTTP Server6.0.
Work Location: London, UK
Role & Responsibilities: Security Analyst/ Deployment lead / Security Engineer
Had been actively involved in the requirement gathering and Design of BP IDAM Solution.
Had designed and developed TAM automated deployment scripts using PERL and shell scripts.
Had deployed the entire TAM Framework in the BP different data centers AMDC (American Mega Data Center), EMDC ( Europe Mega Center) and MMDC ( Middle east Mega Data Center )
Had been actively involved in the requirement gathering and Design of BP Disaster Recovery Solution.
Had designed and implemented BP IDAM Cross Domain Single Sign on solution.
Had been actively involved in the requirement gathering and Design of BP Disaster Recovery Solution.
Had been actively involved in the requirement gathering and Design of BP delegated Administration Solution.
Had been actively involved in the requirement gathering and Design of BP 3PD Password Synchronize Solution.
Had designed and implemented BP IDAM Branding and Internationalization.
Had designed and implemented BP IDAM Delegated Administration.
Had designed and implemented BP IDAM Disaster Recovery Solution.
Security Developer and Tester – Cardinal Identity Access Management – Dublin, USA – Jun 2005 – Jul 2006
Cardinal Health is undertaking the implementation of an Identity Management and provisioning system which will allow users to manage a single identity across numerous application environments, as well as provision access to applications based on defined workflow rules. The primary drivers for this solution are to establish a centralized security practice that provides assistance in Sarbanes compliancy, reduces security administration costs, and improves the users experience with applications and to Increase Cardinal.com stability, scalability, and reliability through a distributed web authentication and authorization process and provide an infrastructure to support web services. Contractor Creation Process is associated with Exchange reconciliation Process.
Technologies used – Sun One Directory Server, Web logic, J2EE, CA Site Minder, Identity Minder and e-Provision
Work Location: INDIA
Role & Responsibilities
Integration of Identity Management with Web access Management (detail design, Coding, implementation, Configurations in Site Minder) and Infrastructure ( Maintenance of Sun One Directory Server & Support for the existing Infrastructure)
Troubleshoot integration of the Identity Management system with various end user Systems.
Report any functional gaps in Identity Management system integration and suggest business process improvements
Work with the on-site technical lead and off-shore team for functional enhancements & application interface development and delivery
Compilation of the User Manual and hands on training to the users using Identity management System
Security Developer – Weyerhaeuser Identity and Access Management - Weyerhaeuser, USA
Identity Management Solution for Weyerhaeuser that provides assistance in regulating their user’s across their networks thereby reducing security administration costs and improved user experience across its various business units. I was the member of the module Self Service of external user implementation.
Self service modules provide the users to maintain their accounts easily. External users can access this application through internet under secure domain. Self service module is user friendly module. User can access various resource accounts using SSO configuration. Users can use single encrypted password to login to various resource accounts. Self service is an Identity Management application. Self service application used by all users such as International contactors, International employees and Vendors. User is created by manager, and then manager sends an email with user’s user-id and password. Self service application maintains hierarchical structure of the organization.
Environment – Sun One Directory Server, Active Directory IIS Web Server, J2EE, CA Site Minder, Identity Minder and e-Provision
Work Location: INDIA
Role & Responsibilities
Involved in self service design and implementation.
Involved in functional testing.
Contact this candidate