Identity and Access Management Architect/Engineer

Rinku Kirit Patel

Email: **********.****@*****.***

Phone: 210-***-****

PROFESSIONAL SUMMARY:

Over 10 Years of experience in development, design, and implementing security using AWS Federate, WSO2, and Sun ONE Directory Server (LDAP).

Experience in installation, upgrade and configuration of PingFederate 7.x/8.x/9. x.

Experience in installing Ping One 1.x, WSO2.

Configured SSO on Web/Application Servers to use the Sun One Directory Server for user authentication.

Developed standard operating procedures and technical documentation of PingFederate components for user training and support.

applications Troubleshooting application integration/migration issue with respect to Ping SSO.

Experience in implementing SSO and Multi Factor Authentication using Ping Federate and Ping ID, migrate Junction based application from IBM to Ping Access.

Designed, implemented, and managed Ping ID Proofing solutions to enhance identity verification processes.

Integrated Ping ID Proofing with enterprise IAM frameworks to enable seamless identity verification and onboarding.

Developed custom React-based user interfaces for self-service IAM portals eg password reset, access requests, MFA enrollment.

Delivered end-to-end IAM-enabled web applications using React (frontend) and Node.js (backend).

Implemented fine-grained access controls across frontend (React) and backend (Node.js) with IAM integration.

Developed and enforced IAM policies, role-based access controls (RBAC), and least privilege principles using Delinea and Ping solutions.

Led the end-to-end design and implementation of Ping DaVinci orchestration flows for seamless CIAM journeys across multiple business units.

Integrated Ping DaVinci with third-party identity providers, e.g Ping using REST connectors and pre-built DaVinci nodes.

Led migration of enterprise SSO from legacy SAML/OAuth systems into PingFederate for multiple applications.

Configured SAML 2.0, OAuth 2.0, and OpenID Connect (OIDC) flows in PingFederate for secure authentication.

ForgeRock Identity Management (IDM), Access Management (AM), Directory Services (DS), Bash, JavaScript, React.js, HTML5.

Implemented Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Adaptive Authentication using ForgeRock, Ping.

Professional Experience

SMBC, NY July 22 - Present

Sr. Software Developer

Responsibilities:

Designing and implementing application integration with PingFederate/ Ping Access /Ping ID in both Non-Production and Production. Working with the application's business and technical teams to gather requirements to integrate the application with PingFederate/Ping Access/Ping ID for Single Sign On.

Design and Administer J2EE applications using single-sign-on tools Ping Federate and LDAP across all the environments Migration of critical 200+ applications that are secured to Ping Federate version 7.1/7.3 Providing support to internal and external teams for integration of applications with Ping Federate.

Enterprise Document Management in large scale organizations Ping Federate and Ping ID.

Troubleshooting application integration/migration issue with respect to Ping SSO. Identify security gaps through Ping.

Integrated PingFederate, PingAccess, and PingID with Delinea Secret Server to enhance identity security and privileged account management.

Configured and managed users, groups, and roles in Entra ID.

Utilized AWS Systems Manager (SSM) and AWS Config for inventory, compliance management, and secure automation.

Implemented role-based access control (RBAC) in React apps, showing/hiding UI components based on user entitlements from IAM systems.

Consumed REST/SOAP APIs from IAM platforms Ping with React frontends.

Built React dashboards for identity governance (certifications, provisioning requests, audit logs).

Used JWT (JSON Web Token) handling in React for session validation and secure API communication.

Created custom user registration & onboarding flows (React + Node + IAM APIs).

Handled SSO session token encryption/decryption and secure cookie lifecycle management.

Experience with ForgeRock OpenIDM Cloud Applications.

Configured and optimised Kubernetes clusters to support ForgeRock components, ensuring efficient resource utilisation and resilience.

Assisted in developing detection mechanisms for new threats, including signature-based and behavioral detections across IDS/IPS, firewalls, endpoint tools, and cloud security platforms.

Strong practical experience with Linux administration, network security tools, L2/L3 firewalls, VPN technologies, and application-layer protections; familiar with intrusion detection/prevention, anti-malware, DDoS mitigation, anomaly detection, wireless security, and VoIP security controls.

Conducted continuous monitoring of network traffic using IDS/IPS, SIEM tools, and anomaly detection systems to identify suspicious activity and respond to security events.

Implemented secure network architectures, including DMZ setups, VLAN segmentation, and zero-trust network controls to minimize lateral movement risks.

Performed regular vulnerability assessments and penetration testing on network components, identifying misconfigurations and deploying remediation strategies.

Secured remote access environments using IPSec/SSL VPN, multi-factor authentication, and strict access control policies.

Deployed and managed DDoS protection, anti-malware gateways, and application-layer firewalls to safeguard against volumetric and targeted attacks.

Maintained strong security hygiene by updating firewall rules, reviewing access lists, applying patches, and validating network hardening configurations.

Synchrony Financial, FL Aug 18 - July 22 Sr. Software Engineer

Responsibilities:

Developed and implemented AUTH 2.0 with different Grant Types on Ping Federate acting as Authorisation Server to support Web service-based SSO and Mobile-based apps.

Architect and built the Federation infrastructure and set up SSO for more than 100 Partners using SAML versions 1.0, 1.1, 2.0, WS-Federation, WS-Trust.

Federated with SFDC (Salesforce) using Delegated Authentication SSO.

Have done SSO for Webservice-based environments and applications using WS-Trust technology.

Have done SaaS provisioning to Salesforce CRM.

Configured policies, realms, rules, and responses for more than 1000 applications and configured them to work under an SSO environment.

Worked in the PingFederate Upgrade from 7.0 to 8.3.

Experience with application configuration with Ping Access and defining Ping Access Sites, Site Authenticators and Rules.

Workforce and Client identity management system (Ping Federate and Ping Access).

Created policies, realms, rules, and responses to protect the applications and configure them to work under the CA SSO and Ping Access environment.

Managed password hash synchronisation (PHS), pass-through authentication (PTA), and ADFS federation for hybrid authentication.

Configured federation between on-prem and cloud IdPs during the migration phase.

Worked with stakeholders and development teams to update application integrations, streamline access management, and enhance security with MFA and adaptive authentication.

Optiv Healthcare, FL June 16 - July 18

Sr. Software Engineer

Responsibilities:

Upgrade and build PingFederate on all the environments available.

Engaged in the implementation of new Authentication methodologies like Ping ID.

Gather the System configurations and Requirements for the SSO Requests by engaging in meetings with the Application team.

Working Knowledge of Open ID Connect.

Experience in configuring Ping One to enable Ping ID.

Experience configuring and integrating applications with Single-Sign On (SSO) and SAML

Exported metadata files from all the environments as per client requirements and implemented on the Service provider end.

Experience in both SAML-based and Agent-based configurations in Ping Federate.

Orchestration of Docker images and Containers using Kubernetes by, Net application to Microsoft Azure Cloud Service Project a part of cloud deployment.

Accenture, Orange Beach, Alabama November 14 - May 16

Software Engineer

Responsibilities:

Designed, developed, and supported highly available and scalable PingFederate infrastructure in on-premises that provides SSO, SAML, WS-Fed, and WS-Trust federation service for internal and external users.

Migration and configuration of PingFederate from 7.x to 8.x and 8.x to 9.x on Linux servers.

Worked extensively on creating custom password polices and authentication schema as per the requirement.

Continues high-level support on developed Single Sign-on applications.

Provide SSO and support for Partner Reverse Proxy environment to protect external-facing applications.

As a part of high-level support, worked on escalated tickets on authentication and SSO.

Worked on DEV, ITG, and PROD environments extensively to develop, and support Applications.

Working with Ping ID setup using PingFederate for MFA (Multi-Factor Authentication)

Testing on Modern Auth development.

Working on Multi-Factor Authentication integrations and engaging in the usage of other protocols like OAuth.

Educational Information:

Bachelor of science in Business Administration

Columbia Southern university (03/2012 - 09/2015)

Contact this candidate