Active Directory Access Management
Resume:
Shantan Jonnalagadda
+1-571-***-**** ***********@*****.*** Sr IAM Security Engineer
www.linkedin.com/in/shanthan-j-2871b717
Summary:
Having around 10 years of working experience in Supporting and Implementation on Identity & Access Management Solutions (IDAM) like Azure Active Directory (entra id), Novell identity & Access Manager (NetIQ), Active directory, Novell e-Directory.
Providing Support for Single-Sign on (SSO) using Azure active directory, Novell Access Manager.
Providing Support for DEV, QUA and Production environment.
Good understanding on Installation, configuration and upgradation of IDAM products like Novell Access Manager (NetIQ), NetIQ IDM, e-Directory.
Experience in application integration and providing SSO in Azure ad and Novell IDAM.
Troubleshooting Azure Active directory and Novell IDAM (NetIQ) issues and providing Access management solutions to the Application team.
Specializing in Azure Identity and Access Management (IAM), with extensive work on Azure AD, MFA, Conditional Access Policies, and Privileged Identity Management (PIM).
Migrated mismatched users between e-Directory and Active directory.
Providing the L2 and L3 support and meeting the SLAs for the issues reported by the application teams or customers.
Experienced in cloud security solutions, focusing on SSO protocols (SAML, OAuth, OpenID), Role-based access control, and user lifecycle management.
Adept in advanced Azure AD functionalities such as tenant management, custom domain settings, and Azure AD Connect.
Demonstrating client, the benefits of using Azure ad and NetIQ IDAM for Centralizing Authentication and Authorizing user Access and their Privileges and achieve Single Sign On.
Providing disable user report and user report daily and weekly basis to client.
Good experience in troubleshooting various issues in Entra id (Azure AD) and NetIQ IDAM
Providing the role based access control (RBAC) to the users in UNIX end points.
Configuring single sign on (SSO) for applications integrated with the Azure ad and Novell Access manager.
End user support for the applications integrated using LDAP for authentication.
Importing and extending the schema on newly created instances.
Excellent communication and interpersonal skills.
Technical Expertise
Operating systems: Windows 2008, 2012, 2016 SUSE Linux (11.x), SUSE 12 sp4,sp5,Tomcat, Red hat, Linux.
IAM Product Tools: Azure Active directory, Novell Access Manager (NetIQ),
NetIQ IDM, Novell e-directory (LDAP), Active Directory (AD),
Remote Loader, Novell Sentinel, Apache WebServer2.2.3,
Tools: Winscp, putty, LDAP viewer, J-explorer, Apache browser, Http Fox, VNC Viewer, X-Manager, SAML Tracer.
Education
Bachelor of Technology in EIE from Jawaharlal Nehru Technological University
Professional Experience
WORK SUMMARY
Sr. Active Directory Engineer Infosys/Truist India/USA 02/2023 to 12/2024
Responsibilities:
Collaborated with senior leadership to work on SAML based authentication.
Implemented Strong Authentication for MFA (multi-factor authentication).
Supported production environment without missing any SLA’s.
Designed RBAC policies to enforce least privilege access across cloud and on-prem environments.
Experience in analyzing IAM logs to troubleshoot various authentication related issues.
Experience in analyzing document and recommend process improvements for Identity Management processes.
Experience in tenant administration.
Integrated RBAC with LDAP and PAM to enforce secure authentication and authorization for vulnerability management processes.
Designed and implemented IGA solutions for user lifecycle management, role-based access control (RBAC), and compliance enforcement.
Experience in hybrid environments including Azure AD and Azure AD Connect.
Creating service principles and providing secret value details to application team.
Communicated with stake holders of the project in gathering business requirements.
Excellent multi-tasking and establishing priorities skills.
Designed least privilege access controls using PAM to restrict elevated permissions based on role-based policies.
Knowledgeable in Azure Active Directory security.
Managed LDAP authentication and authorization for enterprise applications, integrating with IAM solutions.
Designed and implemented OAuth 2.0 authorization framework to enhance secure access control across applications and APIs.
Deployed and managed CyberArk Privileged Access Security (PAS) solutions for securing privileged accounts.
Worked on Incidents and Tasks which are raised by users.
Worked on bulk operations for user and group management (creation, deletion, and invitations).
Creates CR (change requests) for Activities.
Integrated ServiceNow IAM workflows with Azure AD for automated access requests and approvals.
Integrated OpenID Connect (OIDC) for user authentication and single sign-on (SSO) across enterprise applications.
Worked on User provisioning and user life cycle management in IDM environment.
Configured OAuth scopes and permissions to ensure least privilege access in IAM policies.
Configuring single sign-on for the azure ad SAML based applications and providing metadata to the application team.
Configured Multi-Factor Authentication (MFA), Conditional Access Policies, and SSPR, significantly improving security
Configured CyberArk Vault, PVWA, PSM, and CPM to protect enterprise credentials.
Integrated IGA solutions with Azure AD, ServiceNow, and enterprise applications for seamless identity governance.
Excellent understanding of Governance, Risk and Compliance.
Conducted RBAC audits and reviews, identifying and mitigating excessive privileges to reduce security risks.
Demonstrating UAT to the client on different life cycle events.
Developed ServiceNow catalog items for user provisioning, access reviews, and security requests.
Configured user roles, entitlements, and access policies in OIM to streamline identity lifecycle management.
Creating and updating the knowledge articles and process documents.
Consistently met deadlines and requirements for all projects and request.
Senior Consultant Wipro limited Hyderabad 01/2021 to 02/2023
Responsibilities:
Hands on experience as Azure Cloud Support Engineer, handled various critical issues simultaneously, and unblocked customers within no-time.
Troubleshooting and resolving access management, provisioning workflow errors, and creating security roles.
Performed Identity and access management activities extensively.
User management: creation, adding/updating resources, lock/unlock -enable/disable and deletion of user accounts.
Help organizations in managing the organizational devices by creating the policies within the organization to limit the access depending on the user roles.
Integrated OAuth & OpenID with Identity Providers (IdPs) such as Azure AD, Okta, Ping Identity, and Auth0 for seamless authentication.
Integrated CyberArk with Azure AD and IGA platforms to enforce least privilege access principles.
Help organizations in creating the conditional access policies in restricting the access to the unmanaged devices from accessing company information.
Monitored and audited sign-in logs, audit logs, and identity secure scores for compliance.
Setting up (SSO) Single-sign-on to the applications which are cloud and on-premises so that users can sign-in once to access the enterprise applications securely and seamlessly. Have also enabled MFA and Conditional access policies to provide secure application process.
Implemented multi-factor authentication (MFA) for privileged access in PAM to enhance security and prevent unauthorized access.
Automated user provisioning and deprovisioning in vulnerability management systems using IAM and RBAC policies.
Integrated RBAC with Single Sign-On (SSO) and Multi-Factor Authentication (MFA) to strengthen identity security.
Automated incident and request management for IAM operations using ServiceNow workflows.
Designed and implemented CyberArk Privileged Access Management (PAM) architecture for enterprise-wide security.
Configured LDAP groups and roles to align with RBAC models, ensuring secure access management.
Integrated IGA solutions with HR systems (Workday, SAP, etc.) to automate identity provisioning.
Using application proxy, integrated on-premises web applications to the Azure AD to support single sign on
Implemented AD Connect tool to integrate on-premises directories with Azure AD to make users more productive by providing a common identity for accessing both cloud and on-premises resources.
Developed automated vaulting processes for privileged credentials using CyberArk REST APIs.
Automated privileged account onboarding and lifecycle management using RBAC within PAM tools.
Trained end-users and administrators on MFA, SSO, and new security measures for policy adherence.
Integrated single sign on (SSO) for new enterprise applications via ADFS and Azure.
Conducted IGA system audits and remediation plans to ensure compliance with SOX, HIPAA, and GDPR.
Help organizations to administrate Active Directory Federation Services (ADFS) to include creation, maintenance and troubleshooting of relying party trusts.
Designed and maintained OAuth 2.0 authorization servers to manage token issuance, validation, and expiration.
Guided customers to create device compliance-based CA policies.
Senior Administrator Wipro Limited Hyderabad 01/2018 to 01/2021
Responsibilities:
As a Team Member responsible for Supporting and Implementation on IDAM infrastructure which includes NetIQ Identity Manager, Novell Access Manager (NetIQ), e-Directory, Active directory, SSPR, User application, Remote loader, Reporting server, Novell Sentinel.
Upgraded NetIQ Identity manager (e-Directory, IDM engine, I-manager, User application, Designer) in Environment.
Worked on upgradation issues, User application issues with vendor and resolved issues.
Doing Daily checks and make sure IDM environment working fine, Managing IDM Drivers and checking servers and connections between the servers in prod environment.
Providing support for users, Contractors and vendors in all three environments.
Worked on User provisioning and user life cycle management in IDM environment.
Managing the users in the e-Directory and Active directory.
Creates CR for Activities.
Developed custom LDAP queries to automate role assignments and access audits for compliance monitoring.
Monitored and analyzed RBAC logs and access patterns, detecting unauthorized privilege escalations.
Providing Internal and External user reports for monthly cycle.
Implemented ServiceNow reporting and dashboards to monitor identity-related incidents and compliance.
Modifying/ Deleting bulk Inactive user data by using script.
Migrated mismatched data from Identity vault to Active directory
Monitoring Employee data and CTV user data which comes from HR system, Inform/ Correct The data and monitor mail alert and error alerts.
Worked on MS SQL database which connects to IDM.
Worked on Incidents and Tasks which are raised by users.
Installed Pass sync filter in new domain controller.
Resolved Password and Driver related issues in IDM.
Creating Drivers in Designer and Driver deployment and supporting driver related issues in IDM.
Make sure IDAM system and connectivity after patching activity on weekends.
Providing the role based access control to the users.
Providing support for the applications which are using the e-Directory.
Assigning bulk user roles as per the client requirement.
Integrating business application with SSO to enable the security.
Integrating applications and importing metadata in azure AD and resolving application related issue in azure ad.
Providing support to sentinel to catch all the events from IDAM for auditing.
Extending the schema with the new object classes and attributes based on the application team request.
Working with end users through service management process & helping them to resolve their issues.
Troubleshooting the issues reported by application teams and Customers.
Senior Administrator Wipro Limited Hyderabad 04/2015 to 01/2018
Responsibilities:
As a Team Member responsible for Supporting the entire IDAM infrastructure which includes Novell Access Manager (NetIQ), e-Directory, Netiq Identity Manager (Metadirectory Engine, Role Based Provisioning Module), Novell Sentinel.
User data and office data creation and updating in identity manager
Migrated mismatched data from Identity vault to e-Directory
Driver deployment and supporting driver related issues in identity manager
Assigning bulk user roles as per the client requirement
Providing the role based access control to the users in UNIX servers.
Integrating various business application with SSO to enable the security
Providing support to sentinel to catch all the events from IDAM for auditing.
Providing support for the applications which are using the e-Directory
Managing the users in the e-Directory
Designed and developed ServiceNow Access Governance workflows for automated identity lifecycle management.
Extending the schema with the new object classes and attributes based on the application team request.
Troubleshooting the issues reported by application teams and Customers
Working with end users through service management process & helping them to resolve their issues.
Reviewing the SLA’s every week and work on priority issues.
Contact this candidate