Prakash Chapagain
Email: ******************@*****.*** Phone no: +1-562-***-****
LinkedIn: https://www.linkedin.com/in/prakash-chapagain-660420320/
Professional Summary:
7+ years of expertise in analyzing, designing, and developing enterprise applications, specializing in Java, J2EE, and Identity and Access Management (IAM) technologies.
Extensive experience with SailPoint IdentityIQ and IdentityNow, including building custom workflows, connectors, and reports.
Proficient in managing and maintaining IAM action registers using agile scrum methodology for project management.
Hands-on experience in creating and managing custom forms and provisioning user accounts in SailPoint IdentityNow.
Deep understanding of directory services (AD/LDAP) and group structures, and experience in role mining and Role-Based Access Control (RBAC) for enterprise-level applications.
Expertise in Access Governance and Compliance, including engineering Segregation of Duties (SoD) policies and performing access re-certification and remediation.
Proven ability to design and implement RBAC models, reducing access-related incidents and unauthorized access attempts.
Skilled in integrating SailPoint with multiple applications using Java, including Active Directory (AD), Exchange, RDBMS, Flat File, and LDAP.
Experience in developing and executing unit tests, integration tests, regression tests, and user acceptance tests for SailPoint workflows.
Strong knowledge of cloud computing (Azure/AWS) and proficiency in managing access to cloud-based services using SailPoint IdentityNow.
Skilled at gathering requirements, completing attribute mappings, and executing integration testing for onboarding applications in SailPoint IdentityNow.
Extensive experience in developing custom certifications and attestation campaigns, ensuring regular review and approval of access.
Familiar with best practices for using IdentityNow APIs, including rate limiting, error handling, pagination, filtering, sorting, and searching.
Proven ability to monitor and troubleshoot connector-related issues and improve the efficiency and effectiveness of the certification process.
Strong understanding of SDLC phases, from Software Requirements Analysis to Design, Development, Implementation, Unit Testing, Debugging, and Deployment.
Excellent knowledge in developing Web Services using SOAP, WSDL, REST, OAuth, SAML, and XML.
Technical Skills
IAM Tools
SailPoint IdentityNow, SailPoint IIQ v7.x, 8.x, Okta, AWS, Azure
IDE and Tools
Eclipse, IntelliJ IDEA, NetBeans, Selenium, SoapUI, Postman, Putty, WinSCP Apache Directory Studio, Jenkins
Operating System
Windows, Linux
Programming Language
Java, J2EE Unix, Python, Linux Shell Script
Frameworks
TestNG, Junit
Methodology
Agile Scrum, Waterfall
Databases
MS-SQL, MySQL, Oracle 10g,11g,11g XE
Web Technologies
HTML, XML, JavaScript, SOAP, REST, WSDL.
Web Servers
Apache Tomcat, Web Sphere, Web Logic
Project Experience:
Trane Technologies, Davidson, NC Jun 2023 - Present
SailPoint IdentityNow Developer
Participated in stakeholder and higher management meetings to develop strategic planning and advise on optimal solutions and approaches for project success.
Integrated SailPoint IdentityNow with multiple applications using Java, including Active Directory (AD), Exchange, RDBMS, Flat File, and LDAP.
Utilized a deep understanding of directory services (AD/LDAP) and group structures, policies, and frameworks for enterprise-level Role Mining and Role-Based Access Control (RBAC).
Gained expertise in Access Governance and Compliance, with a focus on engineering Segregation of Duties (SoD) policies.
Executed access re-certification and automated/manual remediation for applications managed by SailPoint for both Employees and Contractors.
Collaborated with architects to publish requirements, installation guides, architecture diagrams, Run Books, specifications, solution specifications, and configuration documentation.
Developed new features for the IdentityNow cloud offering, enhancing its functionality and user experience.
Conducted User Access Reviews (UAR) using SailPoint IdentityNow to validate user entitlements and ensure compliance with organizational policies.
Performed Privileged Access Reviews (PAR) to monitor and review elevated access permissions and enforce least privilege principles.
Adhered to best practices and guidelines for using IdentityNow APIs, including rate limiting, error handling, pagination, filtering, sorting, and searching.
Addressed and escalated issues related to the certification process, including self-approvals, revocations, delegations, reminders, and sign-offs.
Monitored and troubleshooted connector-related issues such as connectivity failures, data synchronization problems, and account provisioning errors.
Developed and executed unit tests, integration tests, regression tests, and user acceptance tests for workflows using various testing tools and frameworks.
Vanderbilt University Medical Center, Nashville, TN Jan 2022 – Jun 2023
SailPoint IdentityNow Developer
Managed and maintained the IAM action register using agile scrum methodology for project management.
Customized and configured workflows for provisioning and de-provisioning accounts across various internal and external systems in SailPoint IdentityNow.
Coordinated with network and infrastructure teams to troubleshoot firewall and network issues.
Designed and implemented RBAC models for various business applications, reducing access-related incidents and unauthorized access attempts by 25%.
Set up and responded to standardized alerts, performed regular log analysis, and monitored and maintained systems to identify issues.
Developed custom certifications and attestation campaigns to ensure regular review and approval of access.
Created delegation rules and customized certifications to send email notifications based on client needs.
Utilized SailPoint IdentityNow features, including user management, password policies, email template modification, service agreements, and security settings.
Collaborated with developers and stakeholders via the SailPoint Developer Community forum to share insights, feedback, and solutions related to IdentityNow APIs.
Analyzed and improved the certification process efficiency and effectiveness by monitoring progress, performance, and outcomes using IdentityNow’s dashboards and reports.
Designed and developed custom connector rules for complex connector-related functions, including modifying provisioning instructions, interacting with connectors, and validating account attributes.
Performed User Access Reviews (UAR) and Privileged Access Reviews (PAR) to maintain compliance and ensure appropriate access levels across users and systems.
Designed and implemented complex workflows involving multiple actions, conditional logic, data flow, and error handling to address various business scenarios and requirements.
Spirit AeroSystems, Wichita, KS Jan 2021 – Dec 2021
SailPoint IIQ Developer
Develop complex workflows and service adapters in the SailPoint Identity IQ configuration interface.
Developed custom forms in the SailPoint UI, enabling admins to manually create and provision Employee/Contractor user accounts.
Ensure requirements gathered, processes defined, and use cases documented follow out of the box configuration vs. customization as much as possible.
Responsible for integration of new applications into the automated user entitlement review process.
Developed SOD Policy rule for the role, entitlement and advance SOD policies.
Hands on experience in translation of business processes into Functional specifications, Workflows, Organizations, Roles, Policies, Resources and Audit reports.
Understand and translate security and risk management needs into business solutions to enable compliance and appropriate risk mitigation.
Established measures, metrics, and goals to drive performance as per business, security, and IT needs.
Developed and implemented before-provisioning rules to move users between organizational units (OUs) in Active Directory using SailPoint IdentityIQ.
Wrote PowerShell scripts to interact with SailPoint IdentityIQ APIs, providing custom functionality not available in the standard UI.
Followed best practices and guidelines for writing and debugging rules in SailPoint IdentityIQ, including using the rule editor, logging messages, handling exceptions, and testing rule outputs.
Proposed innovative ideas and solutions to enhance the transform capabilities and features within SailPoint IdentityIQ.
Identified and reported bugs or defects in the Active Directory connector functionality or SailPoint APIs using the appropriate feedback systems.
Northwestern Mutual, Milwaukee, WI Jan 2019 – Dec 2020
SailPoint IIQ Developer
Managed service accounts and developed rules around maintaining service accounts in IIQ.
SailPoint provisioning via both out-of-the-box SailPoint connectors and custom-written Java code connecting to a variety of systems via mechanisms such as SOAP and REST web services, JDBC, custom APIs, etc.
Aggregated and refreshed data from authoritative and non-authoritative applications to IdentityIQ using Direct Connectors like File Delimiter, JDBC, Active Directory, and LDAP by performing aggregation and refresh tasks.
Created and implemented static/dynamic roles, configured entitlements, and established policies.
Management of certification by creating populations, certifier workgroups, escalation workgroups, and scheduling quarterly user entitlement reviews to control access and prepare materials for audits.
Hands-on experience in translating business processes into functional specifications, workflows, organizations, roles, policies, resources, and audit reports.
Performed technical review of all changes in conjunction with the Change Management team.
Developed and maintained scalable and automated processes using SailPoint IdentityIQ APIs to interact with the IdentityIQ platform.
Created various reports in SailPoint IdentityIQ using search functionalities and custom queries.
Migrated and updated deprecated rules in SailPoint IdentityIQ, such as certification exclusion rules, identity selector rules, and integration rules, to utilize supported product functionalities like certification campaign filters, role standard assignment criteria, and pre-provisioning rules.
Maintained and improved the code quality and readability of the transformations, adhering to SailPoint IdentityIQ coding standards and conventions.
Maintained and improved the code quality and readability of Active Directory connector scripts by following SailPoint IdentityIQ coding standards and conventions.
Customized Lifecycle Manager configuration tailoring options to organizational needs.
Experian, Costa Mesa, CA Jan 2017- Dec 2018
Java Developer
Design patterns like Front Controller, MVC, Singleton, Factory and Façade were used.
Responsible and active in the analysis, definition, design, implementation, management, and deployment of full software development lifecycle of project.
Managed the Subversion with GITHUB.
A generalized component according spring framework to retrieve appropriate service for the required functionality.
Implemented the presentation layer using JSP, JavaScript, HTML, AngularJS, CSS and AJAX.
Involved client-side validation with Java coding and applied server-side validation as well to the web pages.
Developed numerous UI (User Interface) screens using JSP and HTML, CSS, JavaScript.
Extensively used AJAX for developing the application.
Coordinate with project manager to prepare timeframe for all projects and provide require enhancements to all programs and design all specifications for all programs.
Deployed the application on Web logic Application Server, which includes archive (JAR, WAR, and EAR) files.
Implemented various Design Patterns in the project such as Data Transfer Object, Data Access Object (DAO) and Singleton.
Worked in Agile Methodology.
Education:
Master’s degree, California State University Long Beach
Bachelors in Mechanical Engineering, Tribhuvan University
Certification:
1.SailPoint Identity Security Leader Credential from SailPoint
2.ISO/IEC 27001:2022 Lead Auditor Certification from Mastermind