Active Directory Java Developer
Resume:
Pravesh Thaiba
SailPoint IIQ Engineer
Professional Summary:
With over 7 years of experience in analyzing, designing, and developing enterprise applications using Java and Identity and Access Management (IAM)
Mainly responsible with maintaining and enhancing SailPoint IdentityIQ installation in large companies. Created and modified many applications and rules within the system. Played major roles in more than one version upgrade.
Experienced in Identity and Access Management tool - SailPoint IdentityIQ Access Governance, in Configuring Connectors, Role Management, Life Cycle Manager Provisioning and Access Certifications, Report generation, Integration with end/target systems and SailPoint IdentityIQ APIs, REST APIs, Custom Connector, Patch up gradation.
Worked on Connectors like LDAP, AD, JDBC, Delimited File, RACF Custom Connector based on Web service APIs, Delimited parse rule, Service now Ticketing system.
Experienced Identity Access Management professional in the implementation of Access Review and Provisioning solution and Application Owner/Role Membership/Role Composition.
Managed projects for design, configuration, and implementation of SailPoint IIQ, including coordinating with vendor leadership, technical services leadership, and end user customers.
Experience in delivering enterprise IAM solutions based on Identity and Access Manager and SailPoint IdentityNow.
Experience in performing Privilege Access Reviews, Compliance Reporting, Access Control Process, and other tasks associated with Privilege User Management.
Diverse experience utilizing Java tools in business, Web, and client-server environments including Java Platform, Enterprise Edition (Java EE), Enterprise Java Bean (EJB), Java Server Pages (JSP), Java Servlets (including JNDI), Struts, and Java database Connectivity (JDBC) technologies.
Understanding of directories (AD/LDAP) and group structures, policies, Frame set up for enterprise level Role mining, Role Based Access Control (RBAC).
Implementing a custom IdentityNow solution for end users to request.
Understanding of directories AD and group structures, policies etc, SAML 2.0, Frame set up for enterprise level Role mining, Role Based Access Control (RBAC), Multi Factor Authentication (MFA), Single Sign on (SSO), PAM (Privileged Account Management)/ (Privileged Identity Management), Entitlement Management and Identity Management.
Hands-on experience in Federation with IdP and SP using SAML, OpenID, OAuth, Open ID based integrations and other industry standard authentication/authorization solutions.
Knowledge with OpenID and OAuth 2.0 for more secure Identity Authorizations.
Established standards, designs and implementation of appropriate identity and access management processes and controls which help improve operations and lower risk.
Technical Exposure:
Operating Systems
Solaris, Windows Server 2012, Redhat-Linux
Tools
SAML 2.0, OpenID Connect, Open SSL, OID,, SailPoint IIQ 7.0p2/6.3/6.4,, Eclipse, JExplorer, Apache Directory Studio, PingId, Okta, Git, RPC, Putty
Databases
Oracle 9i/10g/11g, MS SQL Server 2000/2005/2008, MS Access.
Webserver
SunOne 5.1/6.1, Apache 2.x, WebLogic
Application Server
IBM WebSphere Portal 6.0/6.1,, Tomcat 8.x/9.x/10.x,
Directory-server
SunOne directory server 5.x, Sun DSEE 6.3/6.3.1, Microsoft Active Directory, LDAP.
Scripts/Language
Unix Shell programming, JavaScript, C/C++, HTML, VB Script, Java, Power Shell,
Education: Bachelor of science in Information System. University of Missouri, St. Louis, 2013
Professional Experience:
Capital One, Plano, TX Nov 2020- till date
SailPoint IDM Engineer
Responsibilities
Working on applications onboarding and responsible to develop and modify certification based on client requirements for the project named All Access.
Worked on configuring the Lifecycle events features such as Joiner, Leaver, Rehire, Loa, Mover, Attribute Sync.
Development of Lifecycle Manager Workflows, Lifecycle Events, Certification Events, Custom Email Templates and Task Definitions.
Experienced in database creation and maintenance and thorough understanding of IdentityIQ DB structure and design.
Responsible to execute different certifications like Entitlement Owner, Certifications Manager certifications and Application owner Certifications for all identified applications and roles
Able to configure certifications based on Client requirements and write Exclusion rules and Developed Advanced Certifications for Client.
SSB, SST and SSD Framework usage for the build.
Configured Organizational, Business, and IT roles for various application entitlements. Worked with Client Directly on Business Requirements and deliverables and timelines.
Included the improving Identity and Access Management (IAM) capabilities by controlling access to applications and systems that contain critical and sensitive information.
Responsible for integration of new applications into the automated user entitlement review process.
Developed Reports on LCM processes, certifications, and manage client requirements and configure SailPoint IIQ connectors for applications and Contactor database
Experienced in SailPoint IdentityIQ Access Governance, in Configuring Connectors, Role Management, Life Cycle Manager Provisioning and Access Certifications, Report generation, Integration with end/target systems and SailPoint IdentityIQ APIs, Patch up gradation.
Understanding of directories (AD/LDAP) and group structures, policies.
Environment: SailPoint IIQ 7.x, 8.x, SSB, SSD, SSF, LDAP, Active Directory, IntelliJ, MySQL, TOMCAT 9, WebLogic 14.x, Oracle 12g, UNIX, Log4j2, Maven 2.0.4, Docker, Visual Studio Code, Bitbucket, Git, REST Web services
M Health Fairview, Minneapolis, MN May 2019- Oct 2020
SailPoint IDM Engineer
Responsibilities
Set-up, configuration, and development of SailPoint IdentityIQ
Worked with SAML 2.0, OAuth 2.0, OpenID link (OIDC), and WS-Federation for SSO and federation.
Migration of user and group information from legacy system to SailPoint IIQ as Centralized governance platform.
Development of Role Based Access Control (RBAC), Governance and Access Certification in SailPoint IIQ for role modelling the
Integration of legacy homegrown applications like HR, FIS, CCO along with RACF into SailPoint IIQ 8.1p2.
Implemented Java Cryptography for ciphering Personal Identifiable Information (PII)
Creation of custom QuickLinks, Forms, Reports, and Audits for out of sync attributes and identity links to troubleshoot any data discrepancy.
Implementing SQL Databases, GitHub process, build and deployments of SailPoint IIQ instances into environments.
Managed source code and builds for compliance reporting. Kept the code repo updated by reviewing the peer developers code into Bitbucket.
Followed software development life cycle and Agile principles & values for code build and deployments.
Working in synchronization with different cross-functional teams like QA Team, BA Team and Middleware Team of IT Infrastructure and IIQ upgrades.
Integrated Ping as SSO in the production environment as well as implemented IWA and native SailPoint Authentication in the lower environments.
Sunsetting of home-grown Enterprise Personal Index Center (EPICenter) and user access and management systems into SailPoint IIQ.
Networking knowledge & exposure to application server clusters as well as Java, Ant, and software build-related technologies.
Development and Implementation of different plugin for impersonation, log level manager and DevSak Console/Client tools.
Environment: SailPoint IIQ 7.x, 8.x, SAML 2.0, OAuth 2.0, OpenID, SailPoint IIQ 8.1p2 SSB, SSD, SSF, LDAP, IntelliJ, MySQL, TOMCAT 9, WebLogic 14.x, Oracle 12g, UNIX, Log4j2, Maven 2.0.4, Docker, Visual Studio Code, Bitbucket.
New York Life Insurance, NYC Nov 2018- Apr 2019
SailPoint Developer
Responsibilities
Designed and monitored day-to-day activities and performance of SailPoint IdentityIQ both in production and non-production environments.
Configuration of roles, policies, and certifications to comply with governance standards, development of custom SailPoint IIQ Rules and Workflows according to business requirements
Worked on custom tasks for aggregation threshold check to manage JDBC application account aggregations.
Build and Configure SailPoint IdentityIQ in-built tasks like aggregation, ID refresh, schedule tasks, correlation, etc.
Responsible to manage Administration functionality of the SailPoint such as loading data, create roles, create policies, scheduling tasks and certifications and reports.
Implemented Access Certification, Automated Provisioning and Governance aspects of IIQ.
Configured event based and continuous certifications for manager and application owner review
Developed custom rules for certifications like Exclusion rules, sign-off approver rules, delegation rules period enter rules.
Worked on logical applications with complex account matching rules.
Worked on custom IIQ connectors to ESB integration and unsupported versions of ticketing systems
Managed service accounts and developed rules around maintaining service accounts in IIQ
Configured the Application using AD, Flat file, JDBC and LDAP connectors to load the Identity Cubes.
Strong working experience with SSO protocol like SAML, OIDC, OAuth and Kerberos etc.
Involved in design and implementation of IdentityIQ solution, configuring Active Directory, and Shared Folders.
Wrote and tested JAVA code for plugins, schedule, transformation, and tasks.
Worked on custom and out of box workflows in SailPoint.
Closely worked with Application team to implement and troubleshoot SSO Authentication and Authorization issues involving IIS web servers and OTD communications using protocols SAML, OpenID and OAuth.
Created the IdentityIQ Quick links, Forms, Rules, and Custom Objects to design the workflows
Conducted interviews with application teams to gather details around connection, usage, and importance to the compliance regulations.
Involved in designing the application for SailPoint Security Forms, SailPoint IIQ 7.0/8.0 Installation and Configuration in both Production and Non-Production
Implemented user provisioning from Sailpoint and aggregating users into SailPoint from connectors like Active Directory.
Onboards new AWS accounts with LDIF files in Linux to add configuration changes to Sailpoint.
Created rule for aggregation of different applications to change the status on links to match the actual status of the application account.
Created rules for data manipulation and data cleanup.
Experience integrating IIQ with ITSM tools like ServiceNow.
Designed and developed SOD policies and advanced policies to accommodate the requirements for access requests.
Environment: SailPoint IdentityIQ 7.X, LDAP, Active Directory, Java 1.8, IntelliJ, My SQL, XML, WebSphere 8.0, UNIX, Log4J, Maven 2.0.4, REST Web services.
GM Financial, Arlington, TX Nov 2016– Nov 2018
SailPoint Engineer
Responsibilities:
Implemented Agile Methodology with Sprint teams in a highly dynamic environment.
Developed custom rules and workflows using Beanshell and Java.
Actively involved in gathering Business requirements and recommending the best approach.
To accommodate the company's changes, restructured existing rules and developed new rules to accommodate processing tasks, applications entitlements, and certifications, among other activities.
Provided SailPoint application consulting and development support to consumer applications as required.
Deployed several out-of-box SailPoint connectors to connect various client Systems (JDBC, LDAP, AD, RACF etc.)
Experienced with using IDP initiated and SailPoint initiated SAML profiles with different binding methods like POST, Artifact, and Redirect to deliver a custom SSO environment.
Rewriting the workflows to encompass the new way of provisioning. Restructured the entire product to reflect direct provisioning across a large number of applications. In the process of upgrading the IdentityIQ product from SailPoint 6.3 to SailPoint 7.0.
Involved in CyberArk Vault Maintenances, building CyberArk safes and adding different applications/portfolios in the safes.
Managing CyberArk Security that offers any enterprise a wide range of services and support options to making digital vault solution a success, these services include implementation, consulting, training, maintenance, online support, and vault scripting, SIEM, and Digital Certification supporting.
Involved in knowledge sharing sessions for SailPoint Compliance Manager component and involved in creation of design documents, code reviews.
Designed SailPoint deployment and solution architectures.
Participated in all SailPoint deployment activities – connector configuration, custom rule development, workflow configuration and development, third party system integration.
Implemented Workflow (Joiner, Leaver), custom rules.
Implemented custom solution for end users to request IdentityIQ
Customized the User Access request portal.
Worked with SAP system and developed a BAPI functionality.
Customized User Self-service Request and triggering custom email notifications to manager when company or department or manager of an Identity updated in IdentityIQ.
Customized the OOTB quick links and populations.
Responsible for publishing requirements, installation, architecture, run-book, specifications, and configuration documentation.
Guidance and instruction to help business make the most of their deployments by informing, instructing, and educating them.
Environment: SailPoint Identity IQ 7.0, LDAP, Active Directory, Java 1.8, IntelliJ, CSS, HTML, My SQL, XML, WebSphere 8.0, Rational Application Developer 10, UNIX, Log4J, Maven 2.0.4, REST Web services.
Fannie Mae, Reston, VA July 2014- Oct 2016
SailPoint Implementation Engineer
Responsibilities:
Supported 100+ business applications and databases hosted in AWS and VMware Cloud utilizing Configuration, Asset, Change, Incident, Request, Problem, Financial, Risk & Knowledge Management.
Designed, executed, and documented a cybersecurity program and governance structure to manage and remediate NVA, DAST & SAST information security vulnerabilities on servers, workstations, and applications
Solidified capabilities for managing privileged access across servers, databases, and middleware. The primary goal was to implement access on a least-privilege basis using platforms such as Quest Authentication Service (QAS), SailPoint, and CyberArk to enforce and verify access rights.
Also developed a capability to govern logical access to unstructured data across 30 global file servers to ensure only authorized users had access.
Reduced the amount of manual editorial effort, the associated printing and editing costs, and product delivery time by integrating content delivery applications via web, email, and FTP.
Supported production environment without missing any SLA's and supported environment 24 X
Using Log4J API for logging in development, testing and production environments, configured to send email notifications and used JUNIT framework for Unit Testing of application.
Provided knowledge transfer and postproduction support activities, as necessary.
Maintained Service accounts in CyberArk and aggregated them into IIQ for access reviews.
Integrated SailPoint IdentityIQ with Splunk for logging and monitoring. Created Custom Quick Link for creating workgroup in IIQ to meet client’s requirements.
Installed and configured CyberArk and setup password vault for Safes and Server addresses.
Worked on generating test scenarios and involved in QA validation.
Performed Integration with multiple applications such as AD, RDBMS, Flat File and LDAP. Upgraded SailPoint from 7.3 to 8.1.
Experience with SSO flows for both SP initiated and IdP initiated.
Environment: Active Directory, BuildMap, Java, JSF, JML, Hibernate, Sailpoint, Oracle, Apache Tomcat, XML, Linux.
Citi Group, Irving, TX June 2013- June 2014
SailPoint Engineer
Responsibilities
Worked as a SailPoint Consultant which entails giving out suggestions for best practices, doing development work with SailPoint IIQ and working with design documents.
Development of Lifecycle Manager Workflows, Lifecycle Events, Certification Events, Custom Email Templates and Task Definitions.
Integrate SailPoint IIQ technologies with in-house and third-party applications for birthright provisioning, access request approval and fulfillment, provisional, custom workflows.
Involved in designing and implementing AD connectivity to pull data from AD.
Responsible for design and implementation and Testing of SailPoint IdentityIQ.
Implementation and configuration of out-of-the-box ("OOTB") connectors between IdentityIQ and in-scope applications.
Worked on Access Certification, Automated Provisioning and Governance aspects of IIQ.
Provided use cases and business processes for support groups on role, entitlement, provisioning and deprovisioning.
Responsible to manage Administration functionality of the SailPoint such as loading data, create roles, create policies, scheduling tasks and certifications and reports.
Implemented Self-service feature, Password management feature, Provisioning feature
Review non-functional requirements to ensure that appropriate details were provided in order to prepare test scripts Understand test schedule for each iteration, including when test conditions, test cases, scripts and verification results must be delivered.
Integration configuration for third party application integration.
Experienced in working with Application server such as Apache Directory studio 2.0.0
Performed SailPoint Migration and upgradation from IIQ version 6.4 to 7.1
Assisting business and end internal users to understand the functionality of the applications, providing them a walk through, and defining UAT test cases.
Review test condition and cases with the project team, verify fixes, enhancement prior to launching to production.
Environment: SailPoint IIQ 7.x, 8.x, SSB, SSD, SSF, LDAP, Active Directory, IntelliJ, MySQL, TOMCAT 9, WebLogic 14.x, Oracle 12g, UNIX, Log4j2, Maven 2.0.4, Docker, Visual Studio Code, Bitbucket, REST Web services
Wells Fargo Bank–St Louis, MO April 2012- April 2013
JAVA Developer
Responsibilities:
Involved in the various stages of the Software Development Lifecycle (SDLC) of the application, including Requirement gathering, Design, Analysis, and Code development.
Implemented web interface (UI) for end users using Angular JS, which has migrated from the existing Backbone JS application.
Used HTML5, CSS, jQuery, Ajax and performed client-side validations using JavaScript.
Created two way binding Angular JS Components and provide access to the server-side through Backbone's API from Backbone. Model and Backbone. Collection.
Developed user interactive web pages using jQuery UI plugins like Draggable, Resizable, Autocomplete, AJAX, JSON, Angular JS.
Developed responsive UI modules using Backbone.JS, Handlebar JS.
Used Backbone JS to utilize its rendering functions and create controllers to handle events triggered by clients and send request to server.
Developed RESTful services based on Spring REST using Jersey framework.
Utilized Core Java concepts like Collections, Multithreading and Exception handling to develop business components.
Performed Installation, Configuration and Maintenance of production Cloud Environments such as Tomcat, Apache, Jetty, and JIRA.
Implemented persistence layer using Hibernate that uses the POJOs (which do not have the business processes) to represent the persistence database tuples.
Hibernate Session Manger used to configure multiple data source and provide independent database connectivity.
Performed Load testing of SOAP Web Services using SOAP UI and Apache JMeter tools.
Designed and developed various UI features using Backbone JS, performed routing using Backbone Router.
Designed application to meet international market standards using Spring MVC Internationalization and spring core modules.
Server-side validations are achieved using Spring Validation framework.
Deployed and monitored web services using Spring Cloud Foundry Managed Domains and Routes with Spring Cloud Service Registry. Communicated with TSYS using Spring JMS MQ for getting Declined card transactions
Consumed C3P application SOA Web service to fetch Available credit limit from TSYS.
Constructed DOM XML file to send Emails using ED’s server.
Involved in production support, deployment, supported in warranty period and in some major go-lives’ at Wells Fargo.
Environment: Java, J2EE, Spring, Angular, MVC, JDBC, SQL, MySQL, Hibernate, Spring Core, Spring AOP, Spring DAO, Node.js, ext.js, Java SOAP, REST Web services, JAX-WS, JAX-RS, JSP, HTML, CSS, JavaScript.
Contact this candidate