P Bindu

  • IAM Consultant
  • Bentonville, AR
  • Member Since Apr 15, 2023

Candidates About

 

P Bindu

IDENTITY AND ACCESS MANAGEMENT CONSULTANT

 

Summary:

·         Over 7 years of Experience in software industry in an Identity & Access Management working on IAM technologies including CA SiteMinder Identity Manager, Auth Minder, Risk Minder, Ping Federation, Ping Access Manager with providing SSO, Federation and User Access Management Solutions to multiple clients.

·         Hands on experience in Design, Installation, Configuration, Administration and Maintenance of CA SiteMinder Components like the Policy Server, Web Agent, Policy Store, User Store and Key Store on Windows, UNIX and Linux platforms.

·         Worked on migration project of SiteMinder Policy Server, Policy Store, Admin UI, Web Agents from 12.5r2 to 12.6r1 on Redhat Linux 7.1 clustered servers.

·         Experienced in LDAP based directories like CA Directory Server, ODSEE, Active Directory & IBM Tivoli Directory Server, Unbound Id directory server.

·         Ability to understand and fulfill business requirements for achieving Single Sign On in Portal integrations. 

·         Good understanding of LDAP protocol, designing of schema secure for system architecture, planning the directory data according to the enterprise needs. 

·         Sound knowledge in LDAP v3 commands/ search strings to manage and troubleshooting user issues. 

·         Worked on upgrading Ping Federate from Version 7.0 to 8.0. 

·         Configuring and troubleshooting Webservers like Apache, IHS, OHS, IIS, iPlanet, and Application servers like JBoss, WebSphere and WebLogic

·         Extensive experience in designing and configuring Federations Access for the Partner Applications using SAML, setting up Identity Provider and Service Providers in SiteMinder Policy Server. 

·         Good Knowledge with Install, Deploy, Configure Oracle products, servers and domains related to OIM such as the Web Logic server, RCU, SOA, OIM, OAM OID, OIF and ODSEE.

·         Configured CA SiteMinder System objects like Agents, Agent Conf Objects, Host Conf Objects, User Directories, Domains, Administrators and Schemas.

·         Privileged Access Management (PAM) project which includes implementing CyberArk Password Experience with performance tuning of policy servers and associated components and generating performance reports using customized crystal reports.

·         Experience in deploying CyberArk's Privileged Account Security Solution involving Enterprise Password Vault, Session Manager, and Application Identity Manager.

·         Used SiteMinder tools like smobjexport, smobjimport to export and import Policy Stores respectively, smreg to change the SiteMinder super user password.

·         Worked on creating the Identity access to the employees and managing the certifications and provisioning accordingly with the Sailpoint Identity IIQ.

·         Experience in developing applications using Java, J2ee and using databases oracle 10g. 

·         Experience in Sailpoint tool customization, Report Generation, Integration with end/target

Systems, SailPoint APIs application development directory server 11g.

 

 

Work Experience:

 

Walmart – Bentonville, AR                                                            Jan 2017 – Present

SSO Ping federate Consultant

 

Responsibilities:

·         Provided solutions for complex application using SiteMinder and Ping Federate. 

·         Hands on experience on ping Federate, CA single sign-ON, CA advance authentication, CA secure proxy server, ping access, and ping cloud.

·         Experience in SAML based authentication 1.1 and 2.0 using Ping Federation, SiteMinder Federation and integrate with SiteMinder authentication and other adapter. 

·         Migrated SAML Based SSO partners from CA Single Sign-On federation to Ping Federate 7. 

·         Used Ping API to deploy and create SAML changes. 

·         Configured both Ping Access Proxy Gateway to decode the JWT tokens and also installed the agent on application server to communicate with ping federate server.

·         Customizations in OIM UI like adding new UDF's, task flow implementation using custom beans and adding/modifying features of OIM UI.

·         Extensively worked on configuring Identity Provider 'IDP' and Service Provider 'SP' on Tivoli Federated Identity manager (TFIM) and configured SSO using SAML 2.0.

·         Have effectively handled IDM administrative tasks including password policies, bulk account actions, creating, defining and editing IDM objects and IDM approval. 

·         Worked closely with the production team for daily monitoring and stabilizing of production issue related to OIM 11.1.2.2, AD, ED, RAS and RACF.

·         Worked on Open ID Connect for the user Authentication using Ping Access. 

·         Configured and supported SAML based Identity & Service Provider connections 

·         Created Custom Adapter replacing SiteMinder 3.0 Ping Federate Identity Provider adapter. 

·         Written custom active responses to extend the capabilities of SiteMinder and to support the client requirement. 

·         Designed transitioning strategies around Access Management systems and accordingly performed migration of application policies, risk, rules from Siteminder.

·         Provided Impersonation, SharePoint, HR Services, Sales Force solution using PingFederate and SiteMinder.

·         Hands on Experience on other Single Sign-On products like CA SiteMinder.  Implemented and Designed Access Management Solutions. 

·         Successfully supported to migrate/Build all the infrastructure to a new environment. 

·         Upgraded SiteMinder from R6 to R12.52, R12 To R12.52. 

·         Migrated Web Authentication solutions from CA Single Sign-On (SiteMinder) to Ping Access 3. 

·         Configured application agents on PeopleSoft, WebSphere, WebLogic and OBIEE. 

·         Worked on internal application like Splunk, Service-now, Wily to customize to our team and management requirements. 

·         Created scripts to monitor Apps, dashboards, backup LDIF and generated reports. 

·         Supported production environment without missing any SLA's and supported TIAA-CREF environment 24 X 7

Environment:

Windows Server 2003/2008, SiteMinder R12.5X/R12SP3/R6SP6, PingFederate 6/7, CA Directory 11, Oracle Directory Service 11g, Splunk, CA Wily Enterprise Monitor, WebLogic 8/10, JBoss 5, Apache 2.x, IIS 6,7,7.5.

 

 

 

Tenneco Inc – Lincolnshire, IL                                                     Feb 2015 – Dec 2016

IAM Consultant

 

Responsibilities: 

·         Worked on ping federate both inbound and outbound calls using SAML 2.0. 

·         Worked on Browser SSO using SAML and webservice SSO using WS-Security. 

·         Worked on OAUTH to allow access to Protected API's for OAuth Clients by getting Access Token from Authorization Server using various Grant Types. Used OAuth play ground to retrieve access token and refresh token. 

·         Worked on Ping Access POC to authenticate the users using Ping Federation Session. 

·         Enabling services and applications with ADFS and SAML using CA API Gateway. 

·         Design, Implement and troubleshoot Layer 7 application API Gateways for Company wide application services. 

·         Developed a new environment and deployed Novell Access Manger 3.1 for implementing SAML. 

·         Configuring SSO via OKTA to login into Azure Directory and AWS as an application. 

·         Configured SAML 2.0 in NAM to integrate with different external applications. 

·         Worked with different teams in implementing OAuth for different applications. 

·         Installation /Configuration of CA Identity Manager platform, provisioning servers and connectors. 

·         Performed installation and configuration of SailPoint identity IQ.

·         Work closely with Sailpoint architect and engineers for design and solution architecture.

·         Implemented Password Vault for securing, managing, rotating the privileged passwords for sensitive applications and integrating with Identity Manager to secure hard coded credentials in the application codes to be secured in CyberArk Digital Vault securely. 

·         Configured CyberArk Enterprise Password Vault (EPV) to secure, manage, automatically change and log all activities associated with all types of Privileged Passwords.

·         Configured CyberArk Password Vault Web Access (PVWA) to end User as well as Admin Console for managing all the service accounts. 

·         Administrating Active Directory Domain Services and Implementing Group policy objects. 

·         Worked on upgrading 6.4, 7.0, 7.1, 7.2 and patching of 6.4, 7.0, 7.1 versions of Sailpoint.

·         Build and configure Sailpoint in-built tasks like aggregation, ID, refresh, Schedule tasks, Correlation etc.

·         Worked on Identity Access Management, and used it effectively in the design and implementation of Sailpoint.

·         Managed client requirements and configure Sailpoint connectors for various applications.

·         Worked on Ping Access Gateway to send all the traffic through a proxy server and get the JWT token. 

·         Implemented Tivoli Directory Integrator adapters using Java and Java Script.

·         Worked on Custom Authentication Schemes in Ping Access based on Business needs. 

·         Upgraded Policy Server version from R12 to R12.52sp1. 

·         Worked on CA Secure Proxy Server to intercept the request and redirect to policy server. 

·         Configuring User Authentication Stores and Policy Authorization Stores on LDAP. 

·         Installed and configured WebAgents on IIS Web Server which is using IIS7, IIS7.5 and also Linux server with Apache 2.2, 2.3. 

·         Upgraded agents from R6qmr3 to R12sp3 and registered them to talk to R12 Policy Servers. 

·         Upgrade some of our environments Policy Server from R12 to R12.5sp1 to use federation services.

·         Converted from Sun IDM in production to OIM and add a TAM LDAP Java plugin. 

·         Installed, configured and maintained Netegrity/ CA SiteMinder Policy Server 6.X/12.X, CA IDM r12.x and Sun ONE Directory Server 5.2 on distributed platforms. 

·         Installed Sun one LDAP Directory server and also upgraded to 11g. 

·         Provided 24/7 on call support for solving Tickets on a rotating basis with other team members.

Environment:

Windows Server 2003/2008, SiteMinder R6 SP6, R12 SP3, R12.5sp1, IPlanet Web Server 6.0, MS SQL 2005/2008, IPlanet Directory Server 5.2, Active Directory, SAP, JBoss 5.2, Apache 1.x/2.x, IIS 6,7,7.5 JDK

 

Optum – Minneapolis, MN                                                  Oct 2013 – Jan 2015

CA Consultant

 

Responsibilities:

As a CA consultant, I am part of CA Remediation team, we are assigned the task to create Application Inventory for all 2000 application, to upgrade SiteMinder Policy Server from SP5 to SP6, to create LDAP scripts, to change the User Directory from SunOne LDAP to CA Directory Server, Host Configuration transformation, clean up Policy Store, identify difference in Policy Servers 

Responsibilities: 

·         Created application Inventory for 2K applications with Application Name, URL, Agent Name, Agent Group name, Host Configuration Object name, Agent Configuration Object name, and Trusted Host name. 

·         Configured and Optimized Identity and Access Management for Users using Advanced Password Services (APS) 

·         Identified the production Policy Servers difference in registry settings and implemented the changes. 

·         Administered the RSA/ACE servers for issuing the Soft tokens for the VPN purpose as well as the applications which uses RSA Token authentication. 

·         DSML framework was implemented for non LDAP applications to integrate with Enterprise SSO through web services over HTTP/SOAP. 

·         Involved in SiteMinder Policy Server upgrade from R6SP5 to R6SP6. 

·         Configured IDP initiated and SP initiated SAML profiles with Different bindings like POST, Artifact and redirect as per the custom business and security requirements.

·         Created Network Monitoring scripts which checks the 3DNS name, and connectivity with Network Latency and alerts the SiteMinder Admin group. 

·         Created the LDAP scripts which monitors the LDAP connectivity and alerts the Admin Group if connection is closed. 

·         Implemented Scripts on Policy Servers in order to stabilize the environment. 

·         Analyzed and documented the Policy Store objects to clean up the policy Store. 

·         Analyzed how application utilizes Host Configuration Objects and documented changes needed for Host Configuration Object.

Environment:

Sun Solaris 5.8/5.9/5.10, Windows Server 2003/2008, SiteMinder R6 SP5/SP6, iPlanet Web Server 6.0, Sun One Directory Server 5.2/6.3, CA Directory Server, CA Wily Enterprise Monitor, WebLogic 8/10, JBoss 5, Apache 1.x/2.x, IIS 6, JDK 1.6, J2EE, EJB, JSP, Oracle 11g.

 

 

 

Citrix Systems Ind Pvt Ltd – Bangalore, India              May 2010 – Aug 2013

SiteMinder and LDAP Consultant

Assigned as SiteMinder /IDM and LDAP engineer to administrate and support Novell eDirectory servers and wide variety of SiteMinder servers like R6SP1, R6SP5, R6SP6, R12SP12 and customized IDM. Provided 24/7 support infrastructure support. 

Responsibilities: 

·         Upgraded the SiteMinder Policy Server from R6 SP1 to R6 SP6, R6 SP5 to R6 SP6. 

·         Installed Policy Server R12 SP2 against Novell eDirectory user store. And created POC for R6SP6 to R12 SP2 upgrade 

·         Configured policies on CA SOA Security Gateway Server R12 against R12 SP2 Policy Server. 

·         Configured CA Wily Enterprise Monitoring tool against Apache webserver, WebLogic Server and Policy Servers. 

·         Involved in upgrade of Novell eDirectory server from 8.8.1 to 8.8.5 SP5. 

·         Installed Option pack for Policy server and Web agent for configuring the Federated Security Services and User Identity between partner sites. 

·         Experience in SAML federation using CA SiteMinder R12 Federation Security Services SAML 2.0 Affiliate Agents. 

·         Migrated SiteMinder protected environment from Unix Solaris 10 to Linux SUSE 10. 

·         Implemented SSO across multiple domains, and created two level of authentication for additional security. 

·         Migrated large amount of LDAP data across the environment to create a identical production environment to support load testing. 

·         Integrated and configured web agents to protect and manage resources with SiteMinder Policy Server and assisted applications teams. 

·         Performed dib clone operations to recover the LDAP data, and added servers into replication tree and created new tree into the environment.

·         Modified schema by creating custom object classes and custom attributes according to requirement. 

·         Implemented new techniques to support priority syncing for replication of important object. 

·         Supported production environment for resolving the high severity tickets without missing any SLA's and supported environment 24 X 7 

·         Executing Backups and Recovery strategies for directory data (DIF), resolving backup and recovery issues in a High availability environment.

Environment:

Windows Server 2003/2008, SiteMinder R6 SP1/SP5/SP6, R12 SP2/SP3 iPlanet Web Server 6.0, Novell eDirectory server 8.8.1/8.8.5, CA SOA Server R12 SP2, CA Wily Enterprise Monitor, WebLogic 8/10, JBoss 5, Apache 1.x/2.x, IIS 6, JDK 1.6, J2EE, EJB, JSP, Oracle 11g.

 

Technical Skills: 

Operating System: Linux, Unix, Windows, Solaris
Programming languages: Java, HTML, JavaScript
Directory Server: Active Directory, Novel eDirectory , Oracle Directory Server 11g. Servers: WebSphere, SunOne/iPlanetWebServer, BEA WebLogic, JBoss, SunOne application server
Databases: Oracle 10g/11g, MySQL and MS SQL Server 2008. 
Single Sign-On: Ping Federate, Ping Access 4.0, 4.2, SiteMinder, R6, Web Agent, CA secure proxy Server

 

Education:

 

Bachelors in Electronics and Communication Engineering from JNTU