strong experience in Identity and Access management. This includes extensive work in Installation, Configuration, Deployment, Administration, Trouble Shooting and Migrating of CA/Netegrity SiteMinder, Okta, Azure AD, IDCS, Ping Identity, SunOne Directory Server, Forgerock, Web security, network security, database systems, and Enterprise Document Management.
Proficient in installation, security & performance design and configuration of ForgeRock policy server and web agents in a SSO Environment.
Extensive knowledge of creating policy domains, realms, policies and rules, configuring access to User directories, setting up response attributes and cookie variables, defining authentication schemes in a SSO Environment.
Experience in Directory Server Configuration/Administration (Sun One Directory server 5.x/6.x, MS Active Directory). Good understanding of LDAP protocol, designing of schema, planning the directory data according to the enterprise needs.
Excellent knowledge in Azure Identity & Access Management.
Experience in setting up federation agreements in Microsoft Azure and ADFS.
Configured various applications in azure where Azure is Identity provider and service provider as well.
Installed, configured and maintained Okta AD agents, Okta LDAP Agents, Okta IWA agents and Okta Radius Agents on Windows platforms.
Created Customized Okta Sign on Policies, MFA Policies, Password Policies and MFA Enrollment Policies.
On Boarded 100 Plus SaaS Based application from Okta Application Network (Okta Verified Apps)
Experienced in Enterprise Security Strategy, Architectures, Implementation and Production Support.
Experience in LDAP server Replication Management to make sure the directory services in the enterprise are accessible in highly available mode.
Experienced in designing, implementing LDAP architecture which includes DIT, schema, replication (single/multi-master and consumer configuration), and chaining and data synchronization.
Installed and configured shibboleth as an SP for one of the client’s application and integrated with IDCS for Single Sign On.
Experience Required
10-12 YRS
Roles & Responsibilities
Key resource on IAM team who manages ForgeRock & Ping Identity & access management.
Work with clients to gather requirements for doing sso where apps are configured using federation, agent based sso, openid connect or OAuth
Responsible for exchanging metadata and setup federation agreements using saml and WS federation protocols
Collaborate & Work with clients, business and operation team to make sso go live smoothly.
Key resource in Migration of applications from siteminder to ForgeRock access management.
Install and configure Siteminder Federation security services on Jboss and Tomcat servers on various platforms.
Configure applications with Ping where Siteminder acting as Service Provider and Ping Federate acting as Identity Provider using SAML 2.0 in IDP initiated method.
Configure applications with Ping where Siteminder acting as Resource Partner and Ping Federate acting as Account Partner using WS-Federation.
Installed and configured ForgeRock web and application J2EE agents on various platforms with web and application servers.
Implemented and configured both IDP & SP connections using PingFederate (SAML).
Configure apps with Ping using OpenID connect profile where Ping is OP and Microsoft dynamics is Replying party.
Setup of Multi-Factor Authentication on ForgeRock with different applications based on an attribute driven base using SMS or EMAIL or Radius OTP Authentications.
Migrated around 60 plus SAML based applications from CA Siteminder federation gateway to ForgeRock platform.
Migrated around 100 plus apps from siteminder to ForgeRock platform.
Installed and configured ForgeRock OpenAM in Linux servers.
Generic Managerial Skills
Good communication, Presentation, Analytical and problem solving skills