| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateJaideep KrishnanPHONE NUMBER AVAILABLE (C)EMAIL AVAILABLESummary:Several years in Application Security domain, with specialization in devising integration solutions in Identity and Access Management.Working as Security Consultant have been involved in streamlining design and implementing solutions in Oracle Identity and Access Management space for reputed organizations in North America and other regions around the world.Worked with several Federal and State Governmental agencies, and as us-citizen qualified to work independently without support or sponsorship.Proven technical leadership skills include the ability to manage teams, earn the respect of its members, lead by example, and thrive in an entrepreneurial environment.Persuasive verbal and written communication skills complement a proven ability to multi-task, maintain an organized approach, and ensure success even when faced with high-pressure or high-risk situations.Intricate understanding of Identity and Access Management Systems on the functional and operational sides.Experienced in designing and deploying Identity and Access Management Solution to improve user experience, meet compliance and reduce costs.Good working implementations of Identity and Access Management technologies involving User Management, Password Management, Account Management, Entitlement Management, and Role Management.As part of a robust security program, have ensured coverage of all IAM packages, components, and services, such as Authentication Services, External Single sign-on, Internal Single sign-on, Credential Service Provider, Desktop Integration Support, among others.Developed strong working relationships with management to understand the corporate business perspectives and requirements to provide best practices for IAM implementations.Advised the senior and junior Professional Services, Non-Technical Staff and Application Developers in integrating solutions into the IAM infrastructure.Delivered a modern and very secure environment that was fully SSO-enabled on the endpoint side, backed by Oracle Identity and Access Management.Standardized on Access and Identity Management (IAM) protections, enforcing IAM policies such as requiring access from corporate devices, requiring specific device posture/health levels, ensuring the application of MFA, etc.Addressed challenges of planning complex transitions and coexistence by examining the benefits, risks, and potential impacts when making decisions.Ensured each system would fit within the new environment, built out the new version, and performed the cutover.Having hands on experience in LDAP Directories, Provisioning/Identity Workflows, Access Management and JAVA/JSP ProgrammingExtensive experience in implementing and supporting with accreditation Oracle Identity Manager (OIM), Oracle Identity Federation, Oracle Unified Directory, Oracle Internet Directory, Oracle Virtual Directory, Oracle Access Manager (OAM), LDAP SDK, Sun /i Planet and MS Active Directory.Installation, Configuration, App Integration of stereotypic and legacy applications scenarios with existing Oracle IAM stack.Developed and consumed web services with RESTful and SOAP.Experience with OAuth ConnectionsExperience with setting up of custom adapters.Strong background in Middleware technologies (Application Servers, Web Servers, Clustering, High Availability, Disaster Recovery)Experience in implementing AD, Exchange, PSFT and Flat File Connector in OIM.Experience in identifying and applying the OIM, SOA, WebLogic & Oracle BIP patches for bug fixes and enhancement.Research and resolve the tickets within the SLA to always meet the deadline for the enhancement requests.Expertise in identifying bugs in OIM and performing detection/enhancement tasks, performing root cause analysis, and exercising overall system improvement.Performed On-call responsibility and worked overtime for any high severity ticket or any major issues.Excellent understanding of full project and software development lifecycle.Expertise in theoretical and practical aspects of relational databases with a focus on Oracle PL/SQL, Stored Procedures and SQL Plus.Demonstrated success in efficient collaboration across organizational boundaries.Self-motivated, an innovative thinker, dedicated, and ability to learn new things.Possess excellent interpersonal and communication skills.Provided subject matter expertise in the integration and administrtation of Oracle Identity Manager, Oracle Access Manager, Oracle Federation in standard IdM project lifecycle, associated to a wide variety of business applications in corporate sectors.Implementing and deploying Identity Management, LDAP Directories, Single/Reduced Sign-On (SSO), Provisioning and Provisioning/Identity Workflows, Access Management, RBAC (Role-Based Access Control), Compliance and Auditing Technologies, Federated Identity/Federation, Enterprise System Architecture, Security Infrastructure Design, Authentication and Authorization technologies, as well as custom-built security and technology frameworks.Facilitated solutions like cross domain Single Sign-On, SaaS based Identity and Access Management, Multi-tenancy, Trusted Authentication, and others.Tied Oracle Identity and Access Management to wide set of LDAP directories.Integrated and supported Single Sign-On technology within heterogeneous application landscape involving mix of Java and .NET applications.Responsibilities have spanned Feasibility Study, Requirement Analysis, Proof of Concepts, Solution Architecture Design, Pre-implementations, Implementations, Testing, Deployments, Production Migrations and Support.Very good documentation skills.CISM, CGEIT certified with intent to understand how Business requirements translate to IT operations.Naturalized, or accepted citizenship in the US, and eligible for security clearance.Technical Skills:Security Products: Oracle Access Manager, Oracle Identity Governance / Oracle Identity Manager, Oracle Unified Directory, Oracle Internet Directory, Oracle Virtual Directory, Oracle Identity Federation, Oracle Identity Cloud Services, Entrust, CA Site Minder, Imprivata One SignDatabases: Oracle 19c, 12c, 11g, Sybase, MS SQL Server, MySQL, Informix, IngresMiddleware: WebLogic, JBoss, WebSphereWebservers: Apache HTTP Server, IIS, Oracle I PlanetDevelopment / Productivity Tools: Eclipse, JDeveloper, IntelliJ, Ant, Python, Unix Shell scripts, PL/SQLWeb Technologies: JSP, Java Servlets, JDBC, Core Java, JavaScript, JNDI, othersFunctional Areas: Identity Management, Solution Architecting, Retail Solutions, Insurance, Banking, HospitalityProgramming Languages: Java, C/C++, HTML, XMLOperating System: Linux, Solaris, HP-UX, WindowsConfiguration Management and Version Control: CHEF, Bitbucket, GIT, ClearCase, SourceSafe, CVSContent Management: SharePoint, ConfluenceAssisting Methodologies/Tools: OOAD, Rational Rose, VisioProfessional Experience:LA Care State of California originated publicly operated health plan, Los Angeles, CA Mar 2018 PresentProject: Oracle IDAM implementation for LA CareDescription:Facilitating centralized Oracle identity and access management solutions and services for security of members, providers, and internal staff of LA Care for the Health Care system landscape that subsidizes the Obama Care implementations.Responsibilities:Developed Scheduler Tasks and Event Handlers using OIM APIs and involved in design and development for enhancements and change requests.Involved in development of Pre-Populate and Process Task Adapter to integrate the Process Form and Process Definition to the user operations.Developed and deployed plugins for bulk load and security for updating the user memberships and modifying the password polices.Involved in development and configuration of Trusted Reconciliation Schedule Tasks to sync the users from authoritative source to OIM.Performed identity management operations for users including Application Onboarding, Reconciliation, Provisioning, de-Provisioning.Installed pre-built connectors, worked with lookup configurations, sandboxes, application instances, users, organizations, and resource form creation.Involved in development of OOTB connectors such as DBAT, ACF2, PeopleSoft, REST and Webservices and Custom connectors. Experience with OOTB connector customization such as creation of custom process task adapters.Integrated Oracle Identity Management with multiple source and target systems including SAP Success Factors, Sales Force, Active DirectoryWorked on custom connector development, Approval Workflows, Event Handlers, Custom Scheduled Tasks and Reconciliation.Developed using OIM REST APIs/Java APIs and assisting business application integration with these APIs.Customizing (Oracle) SOA composites for IDM workflowsWorked on the automation of builds and Code Deployments into multiple environments.Subject Matter Expert for all the IAM integration activities.Strong understanding and experience with user provisioning, authentication, access management and de-provisioning.Custom Scheduled tasks and Workflows. OIM and LDAP, AD, Database Integration Experience.Oracle Identity Manager (OIM), ADF UI Customization, Custom ICF connectors, Custom BI reportsOIM set up IAM configuration, implementation, and management of IAM solutions including user provisioning, Single Sign-on, directory services, RBAC, App onboarding, Access Certification, etc. Integrating or on-boarding applications using disparate authentication and/or authorization services.Experience Identity/Compliance Management Solutions, Lifecycle Manager and User Provisioning.Hands on experience in working with building workflows, OIM related objects, customization to OIM user/admin screens and customizing workflows to meet business requirements.Actively involved in building custom workflows, rules, policy, provisioning and deprovisioning for JML Events in IAM.Designing, installing, configuring, implementing, and upgrading identity and access management applications.Integration experience of OIM with source systems HR systems, Databases, Custom stores, and different target systems Databases, LDAP Directories, Legacy systems.Implementation of SOA composites, custom workflows, and approval policies.Developed Custom connector using ICF framework, Custom event handler, Custom Scheduled task, and Custom Adapters, GTC Connector implementation and configuration.Design and coding in distributed computing domain using technologies like Java, J2EE, XML and Bean Shell.Installed and configured Oracle Identity Manager (OIM) 12c, Oracle Access Manager (OAM) 12c, WebLogic server 12c and SOA Suite 12c in non-Production environments, and supplied step-by-step runbook instructions with screenshots, and necessary installation support for this activity in Production environment.Expertise in identifying bugs in the OIM and performing any defect/enhancement task for the client, perform Root cause analysis and overall system improvement.Involved in Single Sign-On integration services.Implemented connecting SSO authentication and authorization policies involving SAML / OAuth / WNA with OAM.Migrated stack from 11g environment to 12c environment upgraded to 12.2.1.4 to the latest quarterly patch.Work with the QA Team in creating the system test cases and help perform the system testing.Documented user guides and functional training materials based on vendor documentation tailored for L.A. Care needs.Environment: Red Hat, Linux. Web Logic 12c, SOA Suite, Oracle Service Bus (OSB), Oracle Identity Manager (OIM) 12c, Oracle Access Manager (OAM), Oracle Identity Cloud Services (IDCS), Oracle Internet Directory (OID), Oracle Directory Server Enterprise Edition (ODSEE), Oracle e-Business Suite (EBS), Microsoft Active Directory (MS-AD), Windows Server 2016, JAVA/J2EE JDBC, Java servletsOracle Corporation, Naples, FL Aug 2014 Feb 2018Project: Shared Security Domain for Oracle Hospitality ServicesDescription:Oracle, the new owner of Opera, has enabled cloud enterprise hotel management system used by star hotels for internet-based hotel management operations by their customers. Opera was integrated into multi-tenant shared security fusion middleware infrastructure comprising of products OAM, OIM, OID/OUD, OVD, OHS. As tenants subscribe to a variety of instances of the Opera application stacked on Oracle Cloud, they share an optimized centralized standardized shared security domain comprising of the Oracle fusion middleware stack.Responsibilities:Spearhead the initiatives in Identity and Access Management of Oracle Hospitalitys security division working closely with Functional, Operational and Developmental teams of the corporateInstalled and configured 12c stack of OAM, OIG/OIM, OUD, OID, OHS for proof of concepts and integration analysis.Installed and configured OAM 11g R2 PS3, OIM 11g R2 PS3, OID 11.1.1.9, OHS 12c on Oracle Enterprise Linux 7.2 VMWAREs in many environments.Integrated Opera application components with OAM for single sign-onIntegrated OIM with OAMSetup federation in OAM to open Opera to Identity Providers of various Hotels who have their own proprietary authentications and federation systems, to consume the SAML assertions returned to Oracle Cloud Service Provider, so that they can access Opera.Setup OAM Federation integration for users of Marriott Residence with MS Azure Active Directory as Identity Provider to access Opera, OAM as Service Provider on Oracle Cloud, via the exchange of SAML assertions.Setup Identity Provider in Azure AD using parameters from the OAM SP metadata link.Setup parameters in Azure AD federation engine to onboard OAM metadata and exchange SAML assertions with OAMOnboarded the Azure AD federation metadata and certificates in the configuration of OAM Service Provider to receive user ID and other attributes from SAML.Configured Secure LDAP connection for Azure ADExported Marriott Residence users and organizational units via secure LDAP operations using Windows Power shell.Setup Azure AD Connect synchronization and transferred the Marriott Residence user identities to the localized Active Directory used by OAM to connect for authentication.Imported users into OUD used by the Cloud instance of OAM managed by the Security department for authorizations.Setup OAM OAuth integrations for two-legged flow for mobile client applications invoking Oracle Cloud based web service via OSB and protected by OWSM policy.Design and implemented variety of customizations in OIM self-service interface, to divert the workflow from reaching OIM administrator for approval to Hotel Administrators instead, then customized OIM ADF user interface to add user-defined-fields allowing input of hotel code during user self-registration, customized metadata to divert users and roles to right LDAP containers, so onDesigned and implemented custom event handlers in OIM to modify user attributes in the request, creation of OU node in OID at appropriate sub-tree for the Hotel code specified during registration, then modifying flag in LDAP sync adapter to disable routing to force password change on first login.Setup virtual host configurations in OHS and for Web Gate to support multi-tenant redirections.Designed and implemented the directory structure in OID and OUD to implement multi-tenancy.Facilitate development and troubleshooting of OAM, OIM, OID, OUD, OVD, OHS on Oracle cloud security infrastructure in variety of environments.Provide technical assistance to Data Center staff for production support on an ongoing basis.Environment: Oracle Enterprise Linux (OEL), Web Logic 12c,11g, Oracle Access Manager (OAM) 11g r2 ps3, Oracle Identity Manager (OIM) 11g r2 ps3, SOA, BI, Oracle Http Service (OHS) 12c,11g, Oracle Virtual Directory (OVD), Oracle Internet Directory (OID), Oracle Unified Directory (OUD), Oracle Service Bus (OSB), Oracle Web Service Manager (OWSM), Microsoft Active Directory (MS-AD), Microsoft Azure Active Directory (MS-Azure AD), Microsoft Active Directory Federation Services (MS-ADFS), Windows Server 2008/R2, JAVA/J2EE, JDBC, JNDI, Java LDAP APIAccenture State of California, Sacramento, CA Jul 2013 Jul 2014Project: Obama Health Care implementation for California State (Cal Heers)Description:The project is about setting up a central access management infrastructure involving Oracle Access Manager (OAM), Oracle Identity Federation (OIF), Oracle Identity Manager (OIM) and Oracle Adaptive Access Manager (OAAM) for Obama Health Care portal application for California State.Responsibilities:Install and configure WebLogic 11g fusion middleware in red hat Linux environment.Install and configure OAM 11g R2 in Multi-Data Center configuration.Develop and implement Java Password Policy plug-in to enable OAM to enforce custom password policy rules for individual applications.Develop and implement Java Rest web service automation to create and commit custom application Policies in OAM 11g.Implement OAM Policies matrix that maps Cal Heers application access requirements into implementable policies.Convert the corporate Application URLs and their relationships to Functional Roles into OAM Resource URLs and their mapping with LDAP Groups relationships.Implement OAM Policies based on developed OAM Policies matrix set up Application Domains, Authentication Schemes, Host Identifiers, necessary SSO Agent ProfilesSet up Single Sign-On integrating applications between OHS layer hosting OAM Agents and WebLogic layer hosting functional elements like BI applications, OBIEE, BPM and so onInstall and configure OIM 11g in red hat Linux environment.Clone OIM configurations from 9g environment to new environment.Upgrade the older version of OIM to 9102 and patch it to BP13 for migration.Integrate OIM with OAM by creating access policies in OAM and enabling true single sign-on in OIM.Troubleshoot the infrastructure involving OAM, OIF, OUD products by analyzing transaction logs in the products beeped up to trace.Setup federation metadata and associated configurations to on-board CRM in OIFProvide production support to investigate issues and replicate them in lower environments.Environment: Oracle Access Manager (OAM), Oracle Unified Directory (OUD), Oracle Identity Manager (OIM), Oracle Identity Federation (OIF), Oracle HTTP Server (OHS), Active Directory, Web Logic, Red hat LinuxHCL USAA Inc., San Antonio, TX Dec 2012 Jun 2013Project: Cross domain Single Sign-On solutionDescription:The project is about establishing a cross domain access management platform for the corporate so that the employees and customers can do business with trusted partners by accessing their websites across the domain via single sign-on. Oracle Identity Federation (OIF) product facilitates the infrastructure and uses Oracle Access Manager (OAM) as authentication source. As the users login to the corporate by presenting their Windows Active Directory credentials, they will not get login challenged when accessing any deep links hosted on the partner sites that they need to business with.Responsibilities:Implementation and pre-implementation activities involved in setting up federation infrastructure.Install and configure WebLogic 11g fusion middleware on red hat Linux.Install and configure OIF 11g and OAM 11g products on red hat Linux.Install and configure Directory infrastructure OVD 11g and OID 11g on red hat Linux.Configure OIF as identity provider for initiating SAML v2 requests with the vendors.Setup federation metadata and associated configurations to on-board various partners in OIFSetup OAM as primary authentication engine for OIF set up OAM policies for OIF, web gate installations on federation proxies, set up OIF OAM authentication engine.Deploy custom authentication plug-ins in OAM to facilitate non out of the box integrations scenarios.Setup OVD as the custom authentication store for OAMSetup OVD adapters to integrate Active Directory, OID and DB2 database to aggregate users into a common stream.Setup policies for windows native authentication for facilitating desktop single sign-on for employees.Develop automated migration scripts for deployment of the federation components from one environment to the other using WLST.Troubleshoot the infrastructure involving OIF, OAM, OVD, OID products by analyzing transaction logs in the products beeped up to trace.Provide production support to investigate issues and replicate them in lower environments.Environment: Oracle Identity Federation (OIF), Oracle Access Manager (OAM), Oracle Virtual Directory (OVD), Oracle Internet Directory (OID), Oracle HTTP Server (OHS), Active Directory, Kerberos, Web Logic, Red hat LinuxPJM INTERCONNECTION LLC., Norristown, PA Mar 2009 Dec 2012Project: Design of Single Sign-On solution for an energy distributerDescription:Initiative has been on designing and implementing single and cross-domain Single Sign-On solutions that cater to the needs of energy customers in being able to sign into corporate applications without getting challenged. Oracle Access Manager (OAM) was used as the primary candidate in WAM space, Oracle Identity Federation (OIF) in FIM space, and Oracle Esso in the ESSO space. Active Directory was the central credential storage for the corporate LAN users and Oracle Internet Directory (OID) was the primary IDM repository.Responsibilities:Meet with the various business groups to understand the application landscape.Assist in the detailed design of single sign-on solution that offers standard Access Management, Identity Federation and Fast User Switching capabilities.Evaluate third-party security products in the WAM, FIM and ESSO space.Provide detailed design validations for application integrations with OAM and OIF that fits for the given application architecture model.Layout the corner stone and pre-implementation considerations for the Access Management infrastructure - Network access, DNS, Firewall connectivity, RAC storage device access, othersInstall and configure OAM on RAC Linux servers Identity Server, Access Server, Policy Manager and Web pass.Install and configure hosting Middleware service and Directory infrastructure OID, OVD 11g, WebLogic 11g - EM and ODSMPresent Single Sign-On checklists with Application teams to assess the various integration endpoints.Set up OAM Policies for authentication and authorizations that map application access requirements to policies Policy Domains, Authentication Schemes, Host Identifiers, Web Gate definitions.Onboard applications into the Centralized Access Infrastructure. Setup Web Gates on applications hosting IIS, Apache and Sun web servers, that integrate applications posted in various zones or regions of the corporate that service its external and internal customers.Develop custom Access Gates using the Java and .NET C# versions of the Access SDK APIsDevelop Web Service that serves as wrapper around the Access Gate to expose the methods of Access Server SDKPerform performance tuning and setup High availability and Failover for the OAM infrastructure.Configure role mappings in OID to synch up coarse- and fine-grained entitlements.Set up OID as user store, configuration store, and attributes indexes in OVDs.Set up Oracle Esso policies and password vaults while implementing enterprise single sign-on solutions in fast user switching mode.Setup OIF infrastructure and federation proxies in RAC space Linux environmentConfigure OIF as identity provider, synchronize data exchange via account linking, and exchange federation metadata with Relying Parties that federate trust across varying SP centric federation solutions.Distribute Oracle fed lets to service providers that do not host external hardware to retrieve SAML assertions from the corporateSetup OAM as primary authentication engine for OIF set up OAM policies for OIF, web gate installations on federation proxies, set up OIF OAM authentication engine.Setup mock application in Amazon cloud to integrate it with OIF and OAM for testing.End-to-end single and cross domain Single Sign-On testing, and phased migrations to Production from UAT and Stage environmentsTroubleshoot applications, in the OAM and OIF space, that report issues in the areas related to authentications, authorizations, single sign-on, and OAM and OIF infrastructure issues.Perform timely documentations related to design, migration, administration, and support of the solution.Environment: Oracle Access Manager (OAM), Oracle Identity Federation (OIF), Oracle Internet Directory (OID), Oracle Virtual Directory (OVD), Active Directory, Oracle Esso, Kerberos, Apache, Web Logic, JBoss, IIS, dot Net, J2EE, Linux, Aix, Windows Vista and 2008US BANK INC., Saint Paul, MN Jun 2007 Dec 2008Project: Oracle Access Manager integrations and support for Banking applications.Description:Numerous banking retail and internal applications (EBS, Siebel, Elan, Net Oxygen, MFX, People soft, more) in .NET and Java platforms have been integrated over with Oracle Access Manager in the standard corporate IDM implementation and support cycle.Responsibilities:Initiate discussions with project teams in gathering applications requirements for Oracle Access integrations.Assist development teams in understanding how OAM integrates with their applications in their environment.Work with the development teams to develop, document, and demonstrate standards, tools and best practices for OAM integrations on web-based, client-based and other applications that have a built-in internal security module.Translate project requirements into implementable Access Manager PoliciesProvide desktop Single Sign-On solutions for OAM with the setup of Integrated Windows Authentication technology using Kerberos.Maintain LDAP Organizational Units, Groups, Schemas, password policies and attributes in OID.Install and configure OAM components/Web gates/Web pass on application workstations.Configure OAM access policies Authentication schemes, Host identifiers, Policy domains.Configure OAM identity policies Attribute Access controls, Search bases, Workflows.Set up and manage Access Control Lists in OVD using Oracle Directory Services Manager.Migrate the OAM components and Policies from Development to Staging to UAT to Production, as application components get migrated from one to the next level.Support the applications related to OAM and environmental issues, on an ongoing basis.Environment: Oracle Access Manager (OAM), IIS Web Server, Microsoft Active Directory, Oracle Internet Directory (OID), Oracle Virtual Directory (OVD), Windows XP and 2003WIPRO TECHNOLOGIES - Enterprise Security Services Division Oct 2003 Apr 2007Systems AnalystLEXMARK INC., Lexington, KY Dec 2006 Apr 2007Project: Delegated Administration Solution.Description:System provides solutions for managing digital identities of corporate business users and application entities. The system uses identity management capabilities of Oracle Identity Manager (OIM) and Oracle Access Manager (OAM) in streamlining workflow functions for the processes of creation, deletion, and management of the entities, and provides an environment for executing them in a controlled manner. The various tasks are appropriately directed to be carried out by users themselves, or by corporate administrators. It also serves in offloading part of the tasks to the partner administrators directly and serves as a powerful tool in maintaining governance and relationship between the various entities.Responsibilities:Participated in Requirements Analysis with Customer groups and got involved in the freezing of Requirements SpecificationsPrepared High-Level Design document that covered solution architecture, use case realizations and sequence diagrams using Microsoft VisioConfigured OAM workflows, object classes, attribute access controls, user search bases, pre and post processing lists, all using OAM administrative console.Configured OIM connectors for Active Directory and MS Exchange servers for provisioning, de-provisioning, and reconciliations.Participated in overall test planning effort, including system integration and execution of system tests.Completed documentations on High Level Design, and Systems User ManualEnvironment: Oracle Access Manager (OAM), Oracle Identity Manager (OIM), Sun JES Web Server, Microsoft Active Directory, Solaris 5.9CAPITAL ONE INC., Richmond, VA Jul 2006 Nov 2006Project: Access Management System.Description:System uses the services of Entrust Get Access to provide Single Sign-On solution for the benefit of users participating in various online training programs conducted by the organization. The system performs resource management in conjunction with authentication and authorization services in allowing training users to access the selective sections of the application or the entire application. The user identities are stored in Active Directory and maintained outside the scope of this implementation.Responsibilities:Created user identities in the Directory server using reusable Visual Basic scripts.Installed and configured Entrust Get Access in Solaris 5.9 environment.Enabled protection of URL and Single Sign-On feature through Entrust Get Access Administrative interface.Performed sanity testing by navigating end-to-end ensuring proper functioning of Single Sign-On feature.Prepared documentation on how to perform system installation, configuration, and sanity tests.Environment: Entrust Get Access, CA SiteMinder, Sun Java System Web Server, Sun Java System Directory Server, |
