Information Security Engineer
Resume:
Karthik Reddy Mendu
Senior Information Security Engineer
Email: ***********@*****.***
Phone: +1-234-***-****
Professional Summary:
· Over 7+ years of hands-on experience in the field of Information Security and Identity & Access Management (IAM).
· Expert in designing, implementing, and managing security solutions for enterprise applications and infrastructure.
· Proficient in integrating IAM systems, including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Self-Service Password Reset (SSPR).
· Extensive experience with ForgeRock, OKTA, Active Directory, LDAP, and Azure SSO for securing identity management solutions.
· Skilled in Identity Federation and the use of protocols like SAML 2.0, OAuth 2.0, and OpenID Connect.
· Strong background in integrating third-party applications and cloud services into IAM solutions across hybrid environments.
· Led migration projects from legacy IAM systems like SiteMinder to modern solutions such as ForgeRock and OKTA.
· Hands-on experience with ForgeRock AM (Access Management) and ForgeRock IDM (Identity Management) for enterprise-level deployments.
· Expertise in deploying and maintaining highly available IAM environments, including load balancing and reverse proxy configurations.
· Proficient in managing Active Directory (AD) configurations, Group Policy Administration, and AD migrations.
· Experienced in deploying and managing cloud IAM solutions, particularly with Azure, AWS, and GCP.
· Knowledgeable in implementing API-based integrations for identity management across multiple systems and platforms.
· Strong understanding of security best practices and compliance regulations, including GDPR, HIPAA, and PCI DSS.
· Experienced in creating and automating security and user authentication policies through scripting (Shell, Groovy, Python).
· Adept at troubleshooting IAM-related issues, providing user support, and maintaining service-level agreements (SLA) for incident resolution.
· Skilled in working with ticketing systems such as ServiceNow and JIRA to track and manage IAM-related issues.
· Proven track record in enhancing user authentication processes with MFA, SSPR, and Social Authentication.
· In-depth experience with deploying password sync solutions between Active Directory and third-party IAM platforms.
· Worked with cross-functional teams to define security policies, conduct audits, and ensure security compliance across various environments.
· Committed to continuous learning and staying updated on emerging security trends and technologies to enhance overall IAM security posture.
Technical Skills:
· Identity & Access Management (IAM): ForgeRock, OpenAM, OpenDJ, Azure SSO, OKTA
· Protocols: SAML 2.0, OAuth 2.0, OpenID Connect, LDAP
· Security Solutions: MFA, SSPR, Identity Federation, SSO, Active Directory, ADFS
· Monitoring & Analytics: Splunk, Dynatrace, ServiceNow, JIRA
· Automation & Scripting: Python, Shell, Groovy
· Cloud Security: AWS, Azure, GCP
· Operating Systems: Red Hat Linux, Windows, Ubuntu
· Web & Application Servers: Apache Tomcat, WebLogic
· Compliance: GDPR, HIPAA, PCI DSS
Professional Experience:
Role: Senior Information Security Engineer Oct 2023 - Present
Client: Providence Health and Services
Environment: ForgeRock AM (13.5, 6.5, 7.0.1, 7.3), ForgeRock IDM (4.0, 7.0, 7.3), Splunk, Dynatrace, SSO, LDAP, Apache Tomcat, Red Hat Linux, Azure SSO, OKTA, AD
Responsibilities:
Led a team to provide comprehensive support and troubleshooting for IAM-related issues, ensuring timely resolution and high service availability.
Integrated ForgeRock IAM solutions with Splunk and Dynatrace for enhanced monitoring and real-time alerting of the security environment.
Collaborated with infrastructure teams to integrate applications with ForgeRock, optimizing security configurations across multiple environments.
Deployed ForgeRock solutions for Single Sign-On (SSO) and external user management, ensuring secure and seamless access for all users.
Used OAuth 2.0 and SAML protocols for SSO integrations, improving user access and simplifying authentication.
Implemented OpenIG as a proxy solution for secure application integration, enabling smooth communication between applications and identity providers.
Coordinated deployment and patching activities for ForgeRock components, ensuring minimal downtime and impact on end users.
Provided on-call support to resolve high-priority security incidents and escalated issues.
Worked on implementing best practices for change management processes for onboarding new applications into production environments.
Planned and executed the migration strategy for external user management from SiteMinder to ForgeRock, ensuring no disruption to services.
Coordinated identity federation with multiple service providers to streamline user authentication processes.
Ensured high availability of ForgeRock services by setting up load balancers and reverse proxy configurations.
Created and managed the operational documentation for system configurations, deployment processes, and troubleshooting guidelines.
Enhanced the security posture by deploying multi-factor authentication (MFA) and self-service password reset (SSPR) features for external users.
Ensured compliance with internal security policies and regulatory requirements (e.g., GDPR) during the migration process.
Provided timely reports on security operations and application onboarding status to senior management.
Trained junior engineers on ForgeRock components and IAM best practices, ensuring the team was well-prepared for the support and maintenance phases.
Managed the security posture of external user accounts by establishing auditing and monitoring protocols.
Assisted in the integration of cloud services, enabling secure access and management of identity data across hybrid environments.
Conducted post-deployment reviews to identify opportunities for process improvements and security enhancements.
Role: Information Security Analyst Sep 2019 - Nov 2022
Client: Flipkart, Hyderabad, India
Environment: OKTA, ForgeRock IDM (4.0, 6.0), OpenDJ, Active Directory, LDAP, Shell Scripting, ServiceNow, JIRA, Red Hat Linux, Apache Tomcat
Responsibilities:
Integrated internal applications with OKTA as the Identity Provider (IDP) for seamless SSO and authentication processes.
Installed and configured OKTA AD Agent to sync user data between Active Directory and OKTA, streamlining user management.
Enabled MFA and self-service password reset (SSPR) for critical applications to enhance security measures.
Assisted in importing users via CSV file and assigned them to appropriate groups, ensuring accurate role-based access control (RBAC).
Configured restricted access to applications by applying zone-level and IP range-based policies.
Led the onboarding process for new clients to access the applications, providing tailored authentication and SSPR services.
Installed password synchronization plugins between AD and ForgeRock, ensuring smooth password management across directories.
Configured SSL certificates and ensured secure communication between client domains and ForgeRock IDM.
Conducted regular infrastructure monitoring, ensuring system availability and responding to incidents within agreed SLA timelines.
Enabled automated password synchronization using P12 certificates and shell scripts to ensure consistent updates across systems.
Worked on enhancing APIs to automate identity management processes, ensuring scalability and robustness.
Configured and managed LDAP integrations for secure and efficient identity management.
Provided direct support to end users by troubleshooting and resolving authentication and access issues, ensuring minimal disruption.
Monitored and reported on system activities, providing detailed reports to clients and internal teams.
Led the deployment of new ForgeRock features and updates in a controlled manner, minimizing system downtime.
Ensured compliance with internal and external audits by maintaining accurate documentation and implementing necessary security controls.
Client: Matrix Solutions May 2017 – Aug 2019
Role: Associate Information Security Engineer
Environment: ForgeRock IDM (4.0, 6.0), OpenDJ, Active Directory, LDAP, Shell Scripting, ServiceNow, JIRA, Red Hat Linux, Apache Tomcat
Responsibilities:
Assisted in the design and deployment of Identity and Access Management (IAM) solutions, focusing on user identity management and application access security.
Supported the integration of Active Directory (AD) with internal systems for identity management, ensuring seamless user authentication and authorization.
Participated in configuring and maintaining ForgeRock IDM for user provisioning, role-based access control, and application access management.
Assisted in the integration of Single Sign-On (SSO) using protocols such as SAML 2.0, OAuth 2.0, and OpenID Connect to enable secure and seamless user access.
Contributed to LDAP-based solutions, ensuring identity synchronization and secure access control across enterprise applications.
Supported the deployment and configuration of Multi-Factor Authentication (MFA) for enhanced user access security.
Created and maintained user roles, permissions, and policies to ensure compliance with access control standards and security best practices.
Assisted in troubleshooting IAM-related issues, such as failed logins, authentication errors, and integration challenges.
Helped configure password synchronization between Active Directory and ForgeRock IDM, ensuring accurate and consistent credentials management.
Assisted with the implementation of API integrations to automate user provisioning, de-provisioning, and access management tasks.
Assisted in rolling out security patches, system updates, and ensuring that IAM systems remained compliant with security policies.
Created detailed documentation on IAM configuration, security policies, and user management processes to streamline operations and ensure consistency.
Utilized ServiceNow and JIRA for managing incident tickets, change requests, and IAM-related issues to meet service-level agreements (SLAs).
Participated in security audits and compliance checks, assisting in gathering evidence and identifying areas of improvement for IAM security controls.
Supported senior engineers in developing security solutions and refining existing policies to improve the organization's IAM posture.
Developed basic shell scripts for automating routine tasks such as user import/export, certificate management, and system backups.
Assisted in configuring SSL certificates for securing communications between ForgeRock IDM and external applications.
Contributed to user access reviews and helped identify potential security risks by reviewing user roles and permissions.
Provided support for client onboarding, including application integration and setting up access policies in the IAM environment.
Participated in security awareness training sessions to understand emerging threats and security practices relevant to IAM.
Contact this candidate