Senior IAM Engineer - PingFederate & LDAP Expert
Resume:
Hameed Abdul
***.*********@*****.***
Professional Summary:
12+ Years of experience in development, design, and implementing security using PingFederate, WSO2, and Sun ONE Directory Server (LDAP).
Continuously improving and automating in IAM technologies that consist of PingFederate, PingAcess, PingID, SiteMinder and LDAP directories.
Experience in installation, upgrade and configuration of PingFederate 7.x/8.x/9.x.
Experience in installing PingOne 1.x, WSO2.
Configured SSO on Web/Application Servers to use the Sun One Directory Server for user authentication.
Hands on experience on PingFederate 7.x, 8.x, 9.x and PingOne 1.x.
Perform installation, configuration and maintenance of Access Manager and policy agents.
Worked on PingFederate in conjunction with CA directory, SiteMinder adapters to implement various flows of authentication to provide single sign on (SSO) solutions to various clients in different scenarios.
Work Experience:
Client: Easy Dynamics, Florida (Feb’23 – Present)
Sr. Consultant
Responsibilities:
Proficient in designing and implementing secure single sign-on (SSO) solutions using PingFederate, PingAccess, PingID, SiteMinder, and LDAP directories, ensuring seamless user authentication across diverse applications.
Skilled in configuring adaptive authentication policies in PingFederate to dynamically adjust authentication requirements based on contextual information and risk factors, enhancing security while maintaining user experience & crowdstrike.
Strong understanding of modern authentication protocols including SAML, OpenID Connect (OIDC), and OAuth, enabling seamless integration with a variety of identity providers and service providers.
Experienced in installing, configuring, and maintaining PingFederate, PingAccess, and PingOne solutions on Windows IIS, Apache Tomcat, and Red Hat Linux web servers, ensuring optimal performance and reliability.
Skilled in developing standard operating procedures (SOPs) and technical documentation for PingFederate components, facilitating user training and support activities.
Proficient in working with LDAP directories to generate Identity Provider (IdP) and Service Provider (SP) initiated SSO requests using POST and Redirect Protocols, ensuring smooth authentication flows.
Proficient in implementing JSON web tokens (JWT) to facilitate secure authentication between client applications and Windows/Apache servers, ensuring data confidentiality and integrity.
Client: Dell, Florida (Nov’20 – Feb’23)
Sr. Developer
Responsibilities:
Led the successful implementation of PingFederate and PingAccess solutions to establish secure single sign-on (SSO) and multi-factor authentication (MFA) capabilities across diverse applications.
Collaborated with cross-functional teams to gather requirements, design identity and access management solutions, and configure Ping Identity components to meet business needs.
Integrated PingFederate with external identity providers and service providers, enabling seamless user authentication and authorization flows.
Configured adaptive authentication policies in PingFederate to dynamically adjust authentication requirements based on risk factors and contextual information.
Designed and implemented SSO solutions using PingFederate, simplifying user access to multiple applications while enhancing security.
Established trust relationships between different organizations by setting up federated SSO connections using standards like SAML and OAuth.
Developed custom authentication and authorization plugins to extend PingFederate functionality and integrate with proprietary systems.
Implemented strong authentication mechanisms using Ping and ID Proofing with other MFA solutions provided by Ping Identity to ensure secure access to critical systems.
Configured adaptive MFA policies based on user context and risk assessment to provide an optimal balance between security and user experience.
Collaborated with stakeholders to define access policies, entitlements, and roles within the Ping Identity platform to enforce least privilege access and streamline governance processes.
Client: PWC, Florida
Sr. Software Engineer (Jan’17 – Nov’20)
Responsibilities:
Assigned as SiteMinder Engineer for upgradation, configuration, and deployments of CA SiteMinder policy server and support SiteMinder infrastructure.
Design, develop, deploy, maintain and administer Enterprise wide application security using CA's Siteminder, Oracle Access Manager, Oracle Identity Manager, and Ping Identity.
Develop, Administer, Maintain and troubleshoot Siteminder Policy Server, Siteminder web agents, Oracle Access Manager, Websphere Application server, Ping Federate, Apache, IIS and IBM HTTP Webserver, SunOne Ldap and Active directory.
Federated with SFDC (Salesforce) using Delegated Authentication SSO.
Have done SSO for Webservice based environments and applications using WS-Trust technology.
Configured policies, realms, rules, responses for more than 1000 applications and configuring them to work under SSO environment.
Fine tuned Netegrity SSO products to meet the business and user requirements while maintaining uniform security.
Worked on installing, configuring and administering CA SiteMinder R12, R12.52 and Sun One LDAP 11 (ODSEE) on Windows, and Linux Platforms
Upgrading SiteMinder 12.0.X to 12.52.X, 12.7 for advanced Load balancing, failover configurations and for facilitation of user impersonation.
Discover Financial, IL
Consultant (Sep’14 – Dec’16)
Responsibilities :
Upgrade and built PingFederate on all the environments available.
Engaged in the implementation of new Authentication methodologies like PingID.
Gather the System configurations and Requirements for the SSO Requests by engaging in meetings with the Application team.
Working Knowledge of Open ID connect.
Creating a secure application environment often requires integration of existing user identity information that may be scattered across multiple locations and services. Oracle Virtual Directory, formerly known as OctetString Virtual Directory Engine, provides a single, dynamic access point to these data sources through LDAP or XML protocols.
Experience in configuring PingOne to enable PingID.
Experience Configuring and integrating applications with Single-SignOn (SSO) and SAML
Implemented and configured both IDP & SP connections using PingFederate (SAML).
Working experience with STS/WS-FED. Usage of Username token processor for authentication of email, mobile and other thin clients.
Coca-Cola, Atlanta
IT Support Analyst (July’10 - Aug’14)
Responsibilities:
Integrate applications from development to production, assist development teams in identifying and resolving various issues related to Siteminder. Created Rules, Rule groups, Response, Response groups, Realms and Policies for Directory Server users, implemented SiteMinder policy-based security.
Coordinated with the Service providers and identity providers during the SAML Certificate upgrade and architectural changes. Worked with Siteminder engineering team to document technical specifications and procedures for Siteminder best practices.
Implementation of SSO and authentication services using CA Netegrity Siteminder. Responsible in Performance Tuning for Siteminder to provide better response time, low latency, high availability and maximum throughput.
Created policies, realms, rules, responses in Siteminder Policy Server to protect the applications and validate the users to work under SSO environment. Understand business processes and challenges to supply recommended Identity Management Solutions, educate application teams on how to integrate with Identity & Access Management solutions.
Wipro, Dallas, TX (June’09–May’10)
Software Engineer
Responsibilities:
Configured Open LDAP with UNIX pam, and enabled users to authenticate against LDAP. Installed, configured and integrated Web servers (plug-in file), Siteminder Web agents and LDAP user directory with WebSphere Application Server.
Developed few scripts to update attribute in E-directory using ice import. Scheduled chrono jobs to run LDIF scripts to update attributes. Configured Web servers with SiteMinder Single Sign on (SSO). Migrated user store and policy store data from Active Directory to LDAP
Deployed and configured Directory Server 6.x as User Store and Policy Store in different environments. Involved in designing the directory server architecture according to requirement, Installed and configured Sun Directory proxy Server 6.x in different environments.
Assisted in architecting LDAP schema designs and directory tree structures from Site Minder perspective to merge and migrate authorization groups and external users. Involved in upgrade of directory server 5.x to 6.x
Contact this candidate