
Himaja Himaja
- CyberArk Security engineer
- Bentonville, AR
- Member Since Apr 14, 2023
Himaja
CyberArk and Aveksa Security engineer
Summary:
· 7 years of experience as a security professional in installing, managing and monitoring of CyberArk and aveksa privileged account security tool modules.
· 1.4 years of Experience in the field of Information Security.
· Experience in Cyber-Ark Implementation and Installation on CyberArk 8.1.0 and latest Implementation on CyberArk 9.2.1 and CyberArk 9.3
· Extensive experience with Cyber-Ark's security products such as Enterprise Password Vault, Privileged Identity Management, Application Identity Management including design and implementation of Disaster Recovery hot-site and development of the BCP plans using LDRPS
· Hands on experience with understanding of policies in Cyber Ark Components like CPM, PVWA, PSM and experienced in implementing and/or administrating Cyber-Ark (Password Vault).
· Exposure in design and architecture of PIM using Cyber-Ark.
· Good experience in Implementation and Installation on Cyber Ark 7.0 and latest Implementation on Cyber-Ark 8.1.0.and Cyber-Ark 9.2.1 Privileged Identity Management (PIM) Suite.
· Performed Manage, Resume, Release Privileged Credential using Cyber Ark Privileged Management Vault Administration, configuration, troubleshooting and installation of Windows 2003, 2008, 2012 R2.
· Day to day operational support in Active Directory such as creating security groups, creating users, assigning policies, maintaining password complexity rules. Commissioning and decommissioning computer objects, creating and maintaining service accounts.
· Efficiently Managed Active Directory implementations across multiple domains.
· Deployed and managed Windows 2008 R2 Domain Controllers in Active Directory.
· Successfully managed active directory objects, Users, Groups, Computers and Organizational Units.
· Good knowledge in IAM and experience in installation of various Operating systems such as Solaris, Red Hat (LINUX) and Windows.
· Configured Sync server to load live data from Directory servers to Data Base for audit purposes.
· Expertise in Exporting and importing data in Directory servers, initialize a broken instance in replicated mesh and restoring it to normal stage.
· On-boarding of Privilege Accounts to Cyber-Ark.
· Developed and implemented processes and procedures for on boarding users and Privilege Accounts to Cyber-Ark.
· Identified and tested vulnerabilities and conducted research in the areas of information system and network security.
· Proficient in SQL programming - Stored Procedures, Functions, Packages, SQL tuning, and creation of Oracle Objects - Tables, Views, Materialized Views, Triggers, Sequences, Synonyms, Database Links, and User Defined Data Types
· Managed networks performance, maintained laptops, servers, Active Directories, information security, network security, wireless security, firewalls, and backup systems.
· Troubleshooting LAN/WAN issues, establish and implement systems policies, procedures, standards, and ensure conformance with information systems objectives used malware analysis to develop IDS signatures (Snort), and create reports for specific threats.
· Involved in migration and implementing Security and Infrastructure solutions using RSA Aveksa 6.x/7.x, Netegrity/CA SiteMinder […] CA IDM […] and Sun Directory Server 5.x/6.x
· Experience in Enterprise Security Domain. In-depth knowledge of Identity and Access management products - CA Siteminder Access Manager, Oracle Access Manager
· Hands on experience working with RSA Aveksa Multi App Collectors, Identity and Account Collectors for custom application integrations in both Production and Non-Production environments.
· Expertise in IBM WebSphere Application Server […] WebSphere Portal Server […] WebSphere MQ 5/6, WebLogic 10.x, IBM HTTP Server (IHS), Sun One Web server, Apache, iPlanet and IIS on UNIX and Windows platforms.
· Expertise in Installation, Configuration, Deployment and Maintenance of RSA Aveksa 6.x/7.x
· Experience in implementation of Security Management tools in enterprise wide Applications to achieve Authentication, Authorization and Accountability.
· Expertise in using RSA Aveksa Role Manager for creation of Roles, Role Sets and Role Catalog.
· Experience in analyzing the logs (trace logs, logs) and troubleshooting issues in integration of other applications using CA SiteMinder (Access Management) and Identity Management tools along with LDAP and Web-server agents and SiteMinder federation services.
· Good knowledge and experience working with RSA Aveksa Collectors, Connectors and Roles.
· Working experience in the development of CA-SiteMinder Single sign-on Services with SiteMinder configurations (setting up policies, realms, rules and responses).
· Experience in administering LDAP based directory servers like iPlanet/Sun ONE Directory Server and Microsoft Active Directory.
· Strong knowledge and expertise using RSA Aveksa AFX (Auto Fulfillment Express) and Workflows.
· Worked with RSA Authentication Manager 6.x/7.x for user self-services, work flow management, delegated administration, and token based, form based authentications as part of the security solution.
· Configured CA SiteMinder System objects like Agents, Agent Conf Objects, Host Conf Objects, User Directories, Domains, Administrators and Schemas. Created both custom and out of the box connectors for RSA Aveksa application integrations.
· Used SiteMinder tools like smobjexport, smobjimport to export and import Policy Stores respectively, smreg to change the SiteMinder super user password.
Work Experience
Walmart – Bentonville, AR Oct 2016 - Present
CyberArk Security engineer
Responsibilities:
· Worked on Cyber Ark Enterprise Password Vault and PVWA
· Experienced in day to day operational support in adding and deleting accounts, applying policies, assigning safes, synchronizing failed accounts, Password rotations.
· Installed and configured Private Ark to Client to manage Vault server.
· Managing, monitoring and Supporting systems hardware, software, and applications
· Resolved CyberArk issue's in CPM communicate with host to reconcile credentials
· Researching, recommending, and implementing new solutions in support of project and business requirements with focus on security and privacy.
· Used AIM to remove hard coded password from application and stored those credentials in Vault.
· Integrated Active Directory to the Vault Server to discover devices using bind account.
· Efficiently Managed Active Directory implementations across multiple domains.
· Worked on administering of User accounts, Group memberships, and Organizational Units using Active Directory.
· Coordinating efforts with vendors for upgrades and system maintenance.
· Managed failed accounts synchronization and password rotations.
· Confirming that all projects and infrastructure are properly documented.
· Cyber Ark integration with SIEM tool Arcsight.
· Managed sessions in Privileged session management (PSM).
· Generated reports of the account and devices inventories in the Cyber Ark
· Perform system, security, and application log and reports reviews following established procedures.
· Good understanding of policies in Cyber Ark Central Policy Manager (CPM) and (PSM).On boarding windows and Linux accounts.
· Fallback from DR vault server to production in case of production vault server failure.
· Performed real-time proactive security monitoring and reporting on various security enforcement systems, such as NITRO (SIEM), Anti-virus, Internet content filtering/reporting, malcode prevention, Firewalls, IDS & IPS, Web security, Anti-spam, etc.
· Analyzed output from network vulnerability assessments and recommend mitigation strategies. Reviewed and provided feedback on security plans and procedures regarding all aspects of LAN, WAN or MANs as applicable
· Worked with Cyber Ark utilities, PAR explicate, PACLI and PAR client.
Environment: RSA Aveksa, CA SiteMinder 5.X/6.X/12.x, Identity Manager 12.5, Web Agents 5.x/6.x/12.x, IBM WebSphere Application Server 5.x/6.x/7.0/8.0, J2EE, JDBC, XML, SAML 2.0, Sun ONE Directory Server 5.X/6.X, CA Identity Manager r8/r12, Apache 2.x, IIS 5.0/6.0/7.x, Solaris 8/9/10, Windows 2000/2003/2008, Oracle 10g/11g, SQL Server 2005, DB2 8.X.
Commonwealth of Massachusetts – Seattle, WA Feb 2015 – Sep 2016
RSA Aveksa Security Administrator
Responsibilities:
· Experience in installing, configuring RSA Aveksa 6.x/7.x, SiteMinder policy server, Web Agents, Netegrity Transaction Minder, Active Directory server (LDAP) and various Web & Application servers.
· Installed, configured and maintained RSA Aveksa, CA SiteMinder Policy Server 6.x/12.x, CA IDM r12.5 and Sun ONE Directory Server 5.2 on Solaris, Windows platforms.
· Configured and Defined the Policy Domains, User directories, Rules, Realms, Policies and Responses in SiteMinder and configured SiteMinder Web Agents, Affiliate agents and RADIUS agents to provide federation of webservices in the SSO environment.
· Expertise in writing Java Script blocks and JQuery for RSA Aveksa custom Request forms for both Out of the Box applications and Custom applications developed within the Company.
· Updated Corporate User store with the expanded user base as a result of new business acquisitions by directory acquisition and Correlation schemas using custom attributes. Extensively used web services variables to facilitate federation of web services.
· Configured custom alerts and e-mail notifications based on the business needs for RSA Aveksa
· Installation, Configuration and Administration of RSA Aveksa on IBM WebSphere Application Server 5.x/6.x, Oracle Weblogic Application Server on Linux Operating System.
· Experienced in SiteMinder policy server logs for troubleshooting SiteMinder environment.
· Installed, configured and integrated Web servers (plug-in file), SiteMinder agents and LDAP user directory with Weblogic Server V10.
· Expertise in setting up RSA Aveksa Multi-App Collectors, Account Collectors, Identity Collectors and Role Collectors in both Production and Non-Production environments.
· Working knowledge in installation and configuring Roles, Role Sets and Role Catalogs for custom applications using RSA Aveksa Role Manager in both Production and Non-Production environments.
· Creating Open SSL Certificates and using the same for Federation of external Services to achieve the purpose of maintaining confidentiality, message integrity and bilateral Authentication.
· Experience with performance tuning of policy servers and associated components and generating performance reports using customized crystal reports. 24x7 production support.
· Excellent communication and interpersonal skills. Highly motivated, detail oriented and organized with the ability to multi-task projects, maintaining a high degree of proficiency
Genentech – South San Francisco, CA Oct 2013 – Jan 2015
Security Administrator
Responsibilities:
· Worked on defining various RSA Aveksa, SiteMinder Policy Server System objects and Domain objects, Password Services and associated different realms, rules, responses and policies with it.
· Installed, Configured and administered RSA Aveksa, SiteMinder 5.x/6.x and Sun One Directory Server.
· Installed and Configured IBM WebSphere Application Server 5.0 on Solaris.
· Involved in the upgradation of SiteMinder Policy Servers from version 5.5 to 6.0 and SiteMinder Web Agents from version 5.5 to 6.x
· Experience in implementing LDAP security models. Utilized Resource Analyzer and Log Analyzer for performance testing and troubleshooting and Knowledge on managing LDAP Policy Store.
· Good knowledge and experience working with RSA Aveksa Workflows in Production and Non-Prod.
· Implemented FTP infrastructure that uses LDAP for authentication and supports virtual domains. Created custom LDAP schema to support infrastructure.
· Developed a system that uses data from LDAP and local templates to dynamically provision and re-provision virtual domains. Worked on user& group profile auditing using Sun Java Identity Manager 7.0.
· Installed, Configured, Administered and Monitored RSA Aveksa on windows platforms.
· Worked on Load balancing the SiteMinder for high performance.
· Implemented password policies for all the applications using SiteMinder.
· Monitored Applications and WAS performance through Tivoli Performance Viewer and tuned the system caching, queuing, JVM parameters, DB Connection Pooling.
· Created Open SSL Certificates and used them to maintain confidentiality and two way authentication while integrating with third party applications.
· Created IBM Problem Management Records (PMR) to report WebSphere Application Server problems. Analyzed log files to solve problems using debugging tools like Log Analyzer, First Failure Data Capture and Collector Tool.
· Implemented a strong authentication and authorization framework for the good maintenance of the SSO environment by defining user policies and rules.
Environment: RSA Aveksa, Netegrity SiteMinder 5.x/6.x, Sun Identity Manager 7.x, Web Agents 5.x/6x, IBM WebSphere Application Server 5.x, Apache 2.x, IIS 5.0/6.0, Solaris (10), iPlanet 6.0, Unix shell scripts, Python, Struts, Hibernate, Java/J2SE 1.4, J2EE 1.3, Eclipse, SOAP, JDK 1.5/1.4, J2EE, JSP, Servlets, EJB, JDBC
Great Logics Inc – Hyderabad, India Jul 2010 – Aug 2013
CyberArk Consultant
Responsibilities:
· Involved in CyberArk implementation projects including all components like Vault, PSM, CPM, PVWA, OPM, PSM SSH Proxy (PSMP), Application Identity Management (AIM).
· Involved in CyberArk major upgrades from 7x to 8x versions for domestic and global customers.
· Acting as a L1 support and SPOC for L1 troubleshooting for existing customers.
· Having onsite experience for planning, solution designing and implementation of CyberArk PIM infrastructure.
· Architectural designing of CyberArk 8.2 solution to cover almost all privileged accounts.
· Involved in information gathering and understanding existing system of the organization and creating solution blueprint for solution and creating approach to onboard privileged entities.
· Heavily involved in creating all the process and transitioning documents.
· Worked extensively in implementation and deployment of On demand privilege manager(OPM), PSMP for UNIX servers and AIM for database servers.
· Wrote new enterprise control standards and policies for SSH keys.
· Wrote/Maintained utilities to 1exchange encryption keys between storage systems (LDAP, SSH).
· Uploaded multiple password objects to the Privileged Account Security solution using Password Upload Utility.
· Creating BYOC to support existing IT framework.
· Involved in writing test cases and conditions.
· Troubleshooting the technical issues in the project during implementation.
· Customizations Cyber-Ark for supporting out of box application e.g. HP ILO, DRAC.