Active Directory Security Engineer
Resume:
KIRAN ERUKULLA Mob: 214-***-****
EXPERIENCE SUMMARY
Total 18+ years of experience in products Oracle Identity Manager, Sailpoint IIQ, Tomcat server, Oracle Access Manager, Oracle Identity Federation, Oracle Entitlement Server, Oracle enterprise single sign-on, Oracle Internet Directory, Oracle Unified Directory, Oracle WebLogic server, Tivoli Identity Manager.
Around 4+ years of experience in Sailpoint Identity IQ
Worked in Germany on Oracle Identity Manager for Requirement gathering, Design & architecture phases.
Efficient in configuring/developing/deploying applications on Web logic, Web Sphere, JBOSS Servers.
Developing and implementing various custom Approval workflows for business requirement.
Experience developing and using different Sailpoint API's for business requirement.
Integration and configuration of Sailpoint IIQ with Active Directory, Delimited file, Oracle DB connectors
Good knowledge on REST, SCIM API’s and JSON Scripts.
Managed projects for design, configuration and implementation of SailPoint IIQ, including
coordinating with vendor leadership, technical services leadership, and end user customers.
Developed Custom java classes in IIQ.
Experience in Structured Query Language (SQL), Shell Scripting (UNIX commands) and Hyper Text Markup
Troubleshooting production issues and gave UAT support, post production support.
Good domain knowledge in Banking, Telecom, Health Insurance.
Excellent in learning new Technologies, Tools and very good Communication and Interpersonal Skills.
Experience in leading team, onshore co-ordination, customer, client relationship and proficient in handling project.
Strong interpersonal and oral/written communication skills.
EDUCATION / PROFESSIONAL COURSES
M.Tech in Computer Science from Bharath Institute of Higher Education and Research, Chennai with 7.85(CGPA).
EXPERIENCE DETAILS
Working as Senior Info Security Engineer for US Bank, USA from Apr 2018 to till date
Working as IAM Consultant for Tribolatech, USA from Dec 2014 to Mar 2018
Worked as Team Lead for Accenture, Bangalore from April 2011 to Nov 2014.
Worked as Specialist for Wipro Technologies, Bangalore from July 2008 to April 2011
Worked as a Systems Engineer for ILantus Technologies, Bangalore from Dec 2006 to June 2008.
Worked as a Software Engineer for Outworx Solutions Pvt Ltd, Noida from Dec 2005 to Dec 2006
TECHNICAL SKILLS
Technology
Tools
Security Technologies/Tools
Sailpoint Identity IQ 8.x
Apache Tomcat
Oracle Identity Manger 10g,11g R1PS1,11g R2PS2, 11gR2PS3
Tivoli Identity Manager
Oracle Access Manager10g, 11g R1PS1,11gR2 PS2
Oracle Internet Directory 11g
Oracle Unified Directory 11g
Oracle Identity Federation 11g
Security Assertion Markup Language (SAML)
Development/Productivity Tools
Eclipse, TOAD, Clear-Case, SVN, VPN, ITS (Incident Tracking System),Quality Centre, JDeveloper, SOAP UI, Service-Now, Jira, MS SQL server.
Programming Languages
Core Java
Domains
Security, Identity and Access Management, Banking, Telecommunication
Connectors
Active Directory (ICF), Exchange Connector, Database Connector, EBS, Flatfile, Sun Java system (IPlanet), EBS Connector, Unix.
Databases
Oracle 10g, Oracle 11g, MS SQL,
Operating Systems
Windows Server 9x/2000/2003/XP, Linux
Application & Web Servers
JBoss, Oracle Application Server, Oracle Web Logic 10.3,11g
Other Skills
Good Communication Skills, Conducting Interviews
PROJECT EXPERIENCE
Project : US Bank
Role : Senior Info Security Engineer
Duration : Apr’18 to till date
Responsibilities:
Involved in requirement & design and interacted with stakeholeders to migrate OIM product to Sailpoint IIQ solution.
Installation and configuration of Sailpoint IIQ application across all the environments.
Applied the eFixes for the Sailpoint IIQ application across all the environment for few issues.
Strong Development and operational background SailPoint, Java, SQL, Java Bean shell, Unix scripting
Designed and configured SailPoint IdentityIQ 8.2 to manage the identity and deploy the Active Directory and Database connector.
Provide technical leadership in all aspects of IdentityIQ from early phase proposals through,
design, code, test, deploy and maintain the application.
Working on developing different custom rules, custom tasks and forms for business requirements in Sailpoint IIQ
Worked on custom workflows in Sailpoint iiq whenever the user changes between the organizations.
Developed custom plugins and custom tasks in sailpoint iiq for the workitem closures for Glance and Fuse box application teams to meet the business requirements.
Worked on the Transfer Based user access review (TBUAR) in the certification and few other certifications in Sailpoint IIQ
Worked with Ping federation team for the Sailpoint iiq SSO integration.
Integrated Sailpoint IIQ with AppDynamics application for the monitoring the Sailpoint IIQ application and setting up the alerts mechanism for the health of the servers.
Worked with Sailpoint support to create the support tickets and work on the bug fixes/issues.
Worked in Change management team to create and manage the change ticket approvals in service-now and move the artifacts/code to the higher environments.
Worked day-day high priority incidents from the service-now platform and co-ordinated with end-users to fix the issues during pre-pilot phase of the project.
Attended meetings with external audit teams to facilitate SOX audits for the bank and provided the necessary documentation, evidence for successful compliance.
Worked on the OIM adapters to provision the QID information to the end-users.
Developed pre-process and post-process Event Handler, Custom Schedulers in Oracle Identity Manager 11g
Developed a validation event handler to validate few of the user form fields in Oracle Identity Manager 11g
Interacted with oracle and worked on Performance tuning of the Oracle Identity Manager.
Developed and configured custom SOA composite for Database application for multi-level approval process.
Developed custom schedulers for ad-hoc reset the passwords for users and sending email notification.
Developed different schedulers to get the roles & entitlements from the CSV file and updating in OIM incrementally.
Implemented and deployed the required changes whenever the OIM database is upgraded to Exadata.
Raising oracle support SR’s and interacting with support engineer for the issues.
Extensively worked on applying patches for OIM and SOA using OPatch.
Project : Identity and Access Management
Company : Tribolatech Inc
Role : IAM Consultant
Duration : Nov’14 to Apr’18
Responsibilities:
Troubleshooting disable, termination issues with OIM – EBS connector.
Developed and deployed custom scheduler for adding and removing custom OBIEE roles for the bulk OIM users.
Working on troubleshooting OBIEE login issues
Developed and deployed custom schedulers for discrepancies report between Active directory, OIM and EBS systems.
Interacting with DBA team for the migration to the higher environment.
Developing and implementing the External Users to Active Directory.
Provisioning different hub group applications and assigning different group memberships in OIM
CRUD operations using SCIM Api’s in OIM.
GUI customization for the self-service functionalities (Forgot User Login, Forgot Password, Self-Registration) in OIM
Developed custom schedulers for ad-hoc reset the passwords for users and sending email notification.
Developed Custom OTM Registration form for the self-registration of drivers with approval workflow and notifications.
Raising oracle support SR’s and interacting with support engineer for the issues.
Interacting with B&R team for the migration to the higher environment.
Developing and implementing the External Users to Active Directory.
Provisioning different hub group applications and assigning different group memberships in OIM
CRUD operations using SCIM Api’s in OIM.
GUI customization for the self-service functionalities (Forgot User Login, Forgot Password, Self-Registration) in OIM
Developed Custom OTM Registration form for the self-registration of drivers with approval workflow and notifications.
Enhancements for the existing event handlers for the Job Family Alignment(JFA).
Involved in the design and requirement gathering for the Payment Credit Information (PCI) domain
Provisioning & Reconciliation using OIM API’s to a new AD domain based on the business requirements.
SSL Configuration for OIM with PCI domain.
Developed and configured custom SOA composite for PCI AD application for multi-level approval process.
Configured different time intervals (Reminders, Escalation, Expiration) for the approval tasks and email notifications in SOA composite for PCI AD application
Developed different kinds custom plugins for the Access Request Approval/Denial based on request operation.
Developed different kinds of custom schedulers for the Rejecting the tasks based on the days of expiration at approval level of the requests.
Integrated Risk Management Information System (RMIS) application with OIM using out-of-the-box Database table Connector.
Developed and configured custom SOA composite for RMIS application for multi-level approval process.
Configured custom notifications for Risk Management Information System (RMIS) application.
Developed custom SOA composite for on-boarding contractors into OIM.
Customized Beneficiary Manager OOTB SOA composite to on-board privileged accounts into OIM.
Closely worked with QA team to fix the issues.
Worked on Catalog customization for AD entitlements using OIM API’s.
Configured and Integrated OIM, OAM OOTB reports for BI Publisher
Project : Identity Services
Client : Educational Testing Service(ETS), Bangalore, India
Role : Security Team Lead
Duration : May’13 to Nov’14
Description : External user authentication, authorization and provisioning are centralized at ETS with the deployment of EIAS (External Identity and Access Services). Three separate sets of services are offered - OAM, OIM_EXT & OIF. This set of services is offered to provision external users - OIM_EXT (Oracle Identity Manager). External users are those users of ETS applications that are not employees that access the ETS network, such as test takers and raters. This enabling technology offers a web service interface with which applications can integrate. The OIM User Interface enables end-users to use Forgot User Name and Forgot Password functionality.
Responsibilities:
Provide support, configuration, and development of Oracle Identity Manager, Access Manager and Identity Federation components
Configure and Implement Role and Attribute Based Access Control Policies using Oracle Access Manager
Configure and implement Oracle Identity Manager for its various forms of reconciliation, synchronization and data replication
Configure and Implement Federation solution with partner applications like Service Now and Synegen.
Co-ordinate and work with other ETS vendors to deploy new builds/releases
Escalate found issues/risks to dependent/associated teams
Efficiently identify and solve project issues that were identified during support activities
Provide knowledge transfer and hands-on training to other team members
Project : PCEHR
Client : Nehta (Australia), Bangalore, India
Role : SME
Duration : Sep’11 to May’13
Description : A Personally Controlled Electronic Health Record (PCEHR) is a secure, electronic record of your medical history, stored and shared in a network of connected systems. The PCEHR will bring key health information from a number of different systems together and present it in a single view. Information in a PCEHR will be able to be accessed by you and your authorized healthcare providers.
Responsibilities:
Involved in Installation and Configuration of Oracle Access Manager 11g
Involved in implementation of Form based authentication in Oracle Access Manager 11g for the TSP, ASP modules
Import and export of Oracle Access manager policies
Creation of dynamic groups in Oracle Internet Directory
Involved in integration of OAM-OBIEE and OAM-Webcenter
Design and development of different web-service interfaces to meet the customer requirement (eg: gainPCEHRAccess, getRepresentativeList)
Testing the web-services using the SOAPUI tool.
Worked on Bulk loading of users in OIM11g using custom java code.
Project : VF IAUM R3
Client : Vodafone (Germany), Bangalore, India
Role : SME
Duration : Aug’09 to April’11 (2 months Onsite)
Description : IAUM R3 is a part of the initiative at Vodafone to have an enterprise level framework for user management and access management across the various OpCo applications that will be integrated onto the platform. The primary purpose of the initiative is to automate and manage lifecycle events of users from various OpCos across various applications and services to be integrated with this solution, hereafter known as Release 3 (R3). The scope of this project is to migrate the existing of HP-SI functionalities into Oracle Identity Manager. The solution bears significance from the standpoint of various compliance laws applicable. The solution is based on the set of processes defined in the blueprint with the objective of more effectively managing user access across Vodafone systems and directories.
Responsibilities:
Involved in Requirement gathering and Design Phase for the Project at Onsite.
Involved in implementing the different Business processes for On-Boarding and Off-Boarding employees, contractors.
Involved in On-Boarding of the Users data from the Database using Oracle Database Connector.
Involved in Reconciliation of OU and Routing Data from the Database.
Developed the Unique Random numbers like VFUID, PURN Data using Blowfish Algorithm
Involved in Upgrading the OIM version 9.1.0.2
Developed the Customer Scenario’s for Off-Boarding the Users/OU/Routing data from the Database.
Developed the Approval Process for the Self Registered Users using Task Assignment Adapters.
Developed Entity, Process Task, pre-populate and Task Assignment Adapters to support workflows
Developed custom reports to meet client requirements which involves writing stored procedure, writing XML files, updating labels in properties file & including a row for the custom report
Involved in UAT support and Bug fixing.
Project : Implementation of Oracle Identity Manager
Client : NCB (National Commercial Bank), Bangalore, India
Duration : July ‘08 to Aug’09
Description : Identity Management Implementation for NCB is an initiative to implement and integrate solution that would automate identities/accounts management across various applications and platforms, within the legal and policy context. IDM would also provide enhanced capabilities like workflow, delegated administration.
The requirement from this system is to be able to manage complete user life cycle in terms of account provisioning, capability for audit logging and reporting.
Responsibilities:
Involved in setting up the environment OIM with OOTB connectors like AD, MS Exchange, Oracle DB Connectors.
Involved in developing the custom adapter to provision the user to OU in the NCB Organization Structure
Developed custom reports to meet client requirements which involves writing stored procedure, writing XML files, updating labels in properties file & including a row for the custom report
Involved in developing the scheduler to closing the Open Provisioning tasks
Involved in integrating the applications like AOC, HPSD
Involved in developing the workflow for the adding user to AD Group and sending mail to a Group.
Involved in the user profile customization using AJAX
Developed the workflow for moving the users into Disabled Accounts after disabled by the Administrator.
Involved in JSP customization for Manager workflow
Involved in Exchange provisioning workflows to trigger approval process.
Project : Implementation of Oracle Identity Manager
Client : Midwest ISO(Canada), Bangalore, India
Duration : Sep'07 to Jun ‘08
Description : The main objective of this project was to create a centralized Identity and Access management store to onboard and to terminate the employees on to the various systems thereby strengthening access control and improving the end user experience associated to access control. Various Active Directory accounts like Service Accounts, UNIX accounts and Admin accounts associated with the users were integrated with the OIM solution. Various adapter customizations, workflows and reports were generated out of this system enabling the client for meeting the industry audit requirements such as NERC and SAS-70.
Responsibilities:
Integration and customizing OOTB Reconciliation jobs like AD, UNIX, Oracle Database, MS Exchange, ldap to handle rogue accounts/change in the target system for generating exceptional reports and to run the reconciliation on all the targets based on IT Resource Type Definition
Developed Schedule Task for closing of all open provisioning Tasks depending on the MIL_Key
Developed custom reports to meet client requirements which involves writing stored procedure, writing XML files, updating labels in properties file & including a row for the custom report
Involved in updating the IT Resource parameters by reading from the csv file
Involved in developing a bulk import scheduler which populates a lookup
Involved in customizing jsp pages, To view the user profile on the Request Details page.
Project : Implementation of Oracle Identity Manager
Client : Entology (USA), Bangalore, India
Duration : June'07 to Aug'07
Description : Developing Identity Management solution to Entology using Oracle Identity manager The Implementation included several custom connector developed and also the solution included reconciliation customizations provisioning, Role Based Access Management
Responsibilities:
Involved in developing the Custom Reconciliation Interface to link the events to users that don't match the reconciliation matching rules
Developed people soft role task to add the child table data depends on the roles assigned for that user like employee status, pay group etc
Project : Implementation of Oracle Identity Manager
Client : Mphasis BPO,Bangalore, India
Duration : Jan'07 to May'07
Description : This is an identity management solution based on the Oracle identity Manager. The implementation required an end-to-end provisioning solution from the HRMS system to Microsoft Active Directory and Microsoft Exchange. The Project is implemented in two phases. The phase one of the project includes the Reconciliation of 10000 employees and provisioning them to AD and Exchange. The phase two is ongoing and includes the Reconciliation of 12000 employees and their provisioning
Responsibilities:
Setting up of Development environment which includes Oracle Identity Manager Installation, adapter configuration for AD and Exchange.
Involved in the creation of tasks for lifecycle management of users
Involved in the setting up the production environment
Involved in the merging of the parent and child domains
Resolved issues in production environment like ADDLOC and Exchange Server.
Provided post production support for phase I
Project : Oracle Identity Management
Client : Oracle, Noida, India
Duration : Dec’05 to Dec’06
Role : Support Engineer
Description : Oracle Identity Manager formerly known as Oracle Xellerate Identity Provisioning is a powerful and flexible enterprise identity management system that automatically manages users’ access privileges within enterprise IT resources. Its flexible architecture easily handles the most uncompromising and rigorous IT and business requirements—without requiring changes to existing infrastructure, policies or procedures. Oracle Identity Manager is designed from the ground up to manage user access privileges across all a firm’s resources, throughout the entire identity management lifecycle—from initial creation of access privileges to dynamically adapting to changes in business requirements. Because of Identity Manager’s innovative design, enterprises can elegantly incorporate necessary business
Responsibilities:
Interaction and coordination with the client for the smooth execution of the project
Enhancements and post implementation support for the application
Setting up the customer’s environment
Replicating the issues and resolving the issues related to functionality.
Keep tracking the Bug report status and interact with developer for the follow-up.
Certification and Achievements
Got “Feather in my Cap” award for Significant Contribution for conducting and mentoring team on Identity Management by Vice President of ESS
IBM Certified Deployment Professional – Tivoli Identity Manager V4.6
EC Council Certified Ethical Hacker (CEH v7)
Personal Details
Name : Kiran Erukulla
Email Id : ad3fcj@r.postjobfree.com
Contact Number : 214-***-****
Linkedin ID : https://www.linkedin.com/in/kiran-erukulla-79021214/
(Kiran)
Contact this candidate