IAM Technical Lead

Relevant Experience  

(in Yrs) 

• strong experience in Identity and Access management. This includes extensive work in Installation, Configuration, Deployment, Administration, Trouble Shooting and Migrating of CA/Netegrity SiteMinder, Okta, Azure AD, IDCS, Ping Identity, SunOne Directory Server, Forgerock, Web security, network security, database systems, and Enterprise Document Management. 
• Proficient in installation, security & performance design and configuration of ForgeRock policy server and web agents in a SSO Environment. 
• Extensive knowledge of creating policy domains, realms, policies and rules, configuring access to User directories, setting up response attributes and cookie variables, defining authentication schemes in a SSO Environment. 
• Experience in Directory Server Configuration/Administration (Sun One Directory server 5.x/6.x, MS Active Directory). Good understanding of LDAP protocol, designing of schema, planning the directory data according to the enterprise needs. 
• Excellent knowledge in Azure Identity & Access Management. 
• Experience in setting up federation agreements in Microsoft Azure and ADFS.  
• Configured various applications in azure where Azure is Identity provider and service provider as well. 
• Installed, configured and maintained Okta AD agents, Okta LDAP Agents, Okta IWA agents and Okta Radius Agents on Windows platforms. 
• Created Customized Okta Sign on Policies, MFA Policies, Password Policies and MFA Enrollment Policies.  
• On Boarded 100 Plus SaaS Based application from Okta Application Network (Okta Verified Apps) 
• Experienced in Enterprise Security Strategy, Architectures, Implementation and Production Support. 
• Experience in LDAP server Replication Management to make sure the directory services in the enterprise are accessible in highly available mode. 
• Experienced in designing, implementing LDAP architecture which includes DIT, schema, replication (single/multi-master and consumer configuration), and chaining and data synchronization.  
• Installed and configured shibboleth as an SP for one of the client’s application and integrated with IDCS for Single Sign On.  

• Key resource on IAM team who manages ForgeRock & Ping Identity & access management. 
• Work with clients to gather requirements for doing sso where apps are configured using federation, agent based sso, openid connect or OAuth  
• Responsible for exchanging metadata and setup federation agreements using saml and WS federation protocols 
• Collaborate & Work with clients, business and operation team to make sso go live smoothly. 
• Key resource in Migration of applications from siteminder to ForgeRock access management. 
• Install and configure Siteminder Federation security services on Jboss and Tomcat servers on various platforms. 
• Configure applications with Ping where Siteminder acting as Service Provider and Ping Federate acting as Identity Provider using SAML 2.0 in IDP initiated method. 
• Configure applications with Ping where Siteminder acting as Resource Partner and Ping Federate acting as Account Partner using WS-Federation. 
• Installed and configured ForgeRock web and application J2EE agents on various platforms with web and application servers.  
• Implemented and configured both IDP & SP connections using PingFederate (SAML). 
• Configure apps with Ping using OpenID connect profile where Ping is OP and Microsoft dynamics is Replying party. 
• Setup of Multi-Factor Authentication on ForgeRock with different applications based on an attribute driven base using SMS or EMAIL or Radius OTP Authentications. 
• Migrated around 60 plus SAML based applications from CA Siteminder federation gateway to ForgeRock platform. 
• Migrated around 100 plus apps from siteminder to ForgeRock platform. 

Installed and configured ForgeRock OpenAM in Linux servers.