Sri P's Location
Irvine, California, United States, United States
Sri P's Contact Details
Sri P work email
- Valid
Sri P personal email
n/a
About Sri P
Installed and configured multiple IAM products like Sailpoint IIQ, Forgerock, CA Siteminder, CA SSO, ADFS, CA Identity Minder, CyberArk, BeyondTrust, Ping Access, Ping Federate, P1AS, PingOne(Ping Identity), HYPR native IdP Adapter, Ping Cloud PingID(MFA), HYPR Authenticate, HYPR Adapt, HYPR Affirm, PingOne Risk Management (AI-Powered), PingOne Neo,PingOne DaVinci, PingAuthorize, ForgeRock Access Management, ForgeRock Identity Gateway, ForgeRock Amster Command-line Interface, ADFS, Entra ID, Forefront Identity Manager, One Identity, Veza, Aquera,NetIQ, OKTA, SecureAuth, RSA Aveksa.F5 APM, SAP CIAM(Gigya), keycloak, Delinea Secret Server, Centrify, Crowdstrike(Endpoint Security) Network Access Control (NAC), Microsoft Defender Advanced Threat Protection.Implemented SSO using SAML, Micro-services, API Manager, OAuth, Open ID Connect, PKCE security flow, WS-Federation, WS-Trust for multiple internal and external applications.Implemented IDP and SP-initiated flows for internal and cloud-based applications like AWS, AZURE, Salesforce.Configured SSO for Office 365 and tested it with modern authentication.Configured Sailpoint IIQ on windows and Linux.Implement password interceptor for active directoryImplemented Zero Trust architecture (ZTA), Zero Trust Network Access (ZTNA), and Zero Trust Edge (ZTE).Deployed and configured multiple file-based and read-based different target endpoints.Configuring f5 load balance and Citrix netscalr for IAM products.Developed power-shell scripts for automating cyberark module installation Used cyberark REST API's for managing safes, accounts, platformsExperience on BeyondTrust 6.x, powerbroker for windows/unix/linux, Retina Network security scanner, smart rules, Password Safe.Fixed API authentication failures during OIM and Saviynt EIC integration by implementing secure tokenmanagement and updated API endpoint configurations.Creating Proxy view in RadiantOne FID for the groups and users in Active Directory. This view will indicate that the memberOf attribute should be hidden when returned. Focused on reviewing the RadiantOne Server Log examining its contents log level settings, rollover size configuration, log procedures and ensuring notifications are in place, for any log failures.Worked on AWS Identity and Access Management (IAM), Microsoft Azure Active Directory, Google Cloud Identity and Access Management (IAM)Simulating API calls using postman to P14C for user lookup/user unlock etcWorked on conditional access and zero trust with Azure
Sri P Work Experience Details
-
Identity And Access Management ConsultantCdwIrvine, Ca, Us -
Iam EngineerSdg Corporation Apr 2023 - PresentNorwalk, Ct, Us• Configured Adapter and selectors in Ping federate as a part of enterprise authentication topology.•Implemented OAuth 2.0 authorization server and client management, managed identity provider (IdP) and service provider (SP) connections.•Configured PingOne identity repositories to manage user authentication and access, set up and maintained PingOne for Enterprise accounts and environments.•Created and managed PingOne administrative roles and permissions and utilized PingOne’s admin portal for centralized management.Extensive experience with ForgeRock Identity and Access Management (IAM) suite, including OpenAM, OpenIDM, and OpenDJ.• Successfully migrated ForgeRock OpenAM, OpenIDM, and OpenDJ from a hosted data center to Amazon Cloud (AWS).Fixed API authentication failures during OIM and Saviynt EIC integration by implementing secure tokenmanagement and updated API endpoint configurations.• Administered and maintained the Saviynt EIC platform, including user onboarding, access management, and system health monitoring.• Automated user provisioning and de-provisioning workflows to reduce manual efforts and minimize errors in identity management processes.• Conducted in-depth testing and validation of SoD configurations, ensuring that all functions and rolesadhere to policy requirements.• Managed and optimized account management processes within the Saviynt EIC platform to supportlifecycle management.• Upgraded ForgeRock OpenAM versions and Web Agents, resolving any associated issues.• Migration of a research portal from Sun OpenSSO to ForgeRock OpenAM, involving Sun Directory Servers to ForgeRock OpenDJ directory servers.• Implemented Forgerock Identity Gateway(IG) to secure access to webapplications and API's for session management, reverse proxy, policy enforcement, monitoring and logging, HA and scalabitliy and customuzation for java based plugins.• ForgeRock Identity Cloud to manage user identities, secure access to applications and data. -
Iam EngineerWestfield Insurance Sep 2022 - Apr 2023Westfield Center, Ohio, Us• Installed and configure Pingfederate and Ping Access and configure ping access and ping one for new POC based applications for cloud SASS apps. • Upgraded the ping federate/ping access environment to 9.0.2/10.x across multiple environments • Providing solutions for the external SSO using PingFederate/SAML/Siteminder.• Created federation trust between Okta, Pingfederate and Siteminder for seamless SSO for applications during migration strategy for utilizing SMSESSION using coreblox token service adapter. • Implemented OAuth Authentication using Okta as Authorization server.• Implemented biometric authentication and integrated ForgeRock IG as a proxy server for enhanced security.• Installed ForgeRock Amster tool for efficient configuration importing and exporting between AM instances.• Conducted design sessions focusing on ForgeRock OpenAM, OpenDJ, OpenIG, and OpenIDM (versions 6.0 and 6.5).• Hands-on experience in the installation and configuration of ForgeRock AM 6.5, DS, IG, and IDM.• Developed and integrated an unprotected website into a fully functional access management solution using ForgeRock OpenAM.• Implemented SSO solutions & Security for Cloud Service Solutions like Service Now, Office 360 and Okta• Developed and implemented connector to integrate OIM with Okta.• Migrating users, and supporting data, from AIF which was implemented in legacy Sun IDM product to Oracle Suite of productions in EIDM in a very aggressive timeframe• Migrating users, and supporting data, from OIM to Okta• Experience in user registration, user authentication, social profile sync with in OKTA• Experience in configuring and deploying adapters and token processors for Ping depending on the requirements for the application. -
Senior Iam ConsultantCentene Corporation Aug 2020 - Sep 2022Saint Louis, Mo, UsPing Identity (PF 9.2), Ping Access Manager 5.1.0, PingID(MFA), Pingone Davinci, Installed a configured ping federate 9.2 and Ping Access 5.1.0 on HA servers.Experience in setting up Pingfederate, PingAccess deployment, PingIDand PingOne in cluster model and stand-alone servers.Create seamless user journeys using the no-code interface by connecting nodes and defining logic in PingOne DaVinciLeverage pre-built connectors to integrate with various applications, identity services, and IT systems in PingOne DaVinciDesign and configure custom web forms for user interactions like registration and login in PingOne DaVinciMap out the entire user journey from registration to termination using the visual canvas in PingOne DaVinciConfigured password-less authentication condition in Pingone for usersREST-based integration for mobile applicationsConfigured kerberos authentication, x-509 authentication, HTML adapter for authentication flowsPKI certificate.Implemented all grant flows for OAuth 2.0/OpenID connect using Pingfederate.worked on authentication policy based on customer requirements. Seamless SSO using proxy approachREST-based integration for mobile applicationsOAuth 2.0/OpenID Integration with PingAccess to Saas applications.SAML-Based Authentication with an SP and IDPImplemented all grant flows for OAuth 2.0/OpenID connect using PingfederateSeamless SSO using the proxy approachImplemented zero trust to verify anything and everything trying to connect to systems before granting access.Developed custom selectors of authentication flows in g PingoneExpert in integrating M&A accounts using Radiant logic &Ping federate Expert in IAM solutions like Ping Identity, SailPoint(IdentityNow & IdentityIQ), CyberArk, Beyond Trust, Duo, Okta, Saviynt, FIM, MIM, CA Siteminder, Auth0, Onelogin, Zero Trust, RSAInstalled Ping DevOps Chart for Ping Identity products, such as PingFederate, with customized configurations using Helm. -
Iam EngineerNbcuniversal May 2019 - Jul 2020New York City, Ny, Us• Installed and configured Pingfederate and Ping Access and configure ping access and ping one for new POC based applications for cloud SASS apps. • Upgraded the ping federate environment to 9.0.2 across multiple environments • Providing solutions for the external SSO using PingFederate/SAML/Siteminder.• Created federation trust between Pingfederate and Siteminder for seamless SSO for applications during migration strategy for utilizing SMSESSION using coreblox token service adapter. • Designing strategies for ForgeRock OpenAM, OpenDJ, OpenIG, and OpenIDM versions 6.0 and 6.5.• Installed and set up ForgeRock AM 6.5, DS, IG, and IDM.• Extensive hands-on experience in developing and integrating solutions with ForgeRock OpenAM.• Experience in configuring and deploying adapters and token processors for Ping depending on the requirements for the application.• Developed authentication policy’s to using pingone authentication(Internal/External )• Step up authentication for external users who are external to enterprise network and IWA for internal users. • Migrated apps from legacy header based approach to applications that are more standards based approach like SAML 2.0, Oauth/openid connect. • Experience with the implementation of DUO two factor authentication tokens for the integrated web service security in a SSO environment for the service provider applications• Highly skilled in Splunk to build, configure and maintain different environments and in-depth knowledge of log analysis generated by various operating systems.• Configured SSO Integration Adapters for session cleanup as part of Single Logout (SLO) in the SSO implementation• Developed self-service portal for enterprise federation.• Worked on Access Management for providing Authentication, Authorization, Scalability and Accountability for the Applications.• Migrated around 200 applications from CA siteminder to AzureAD. -
Identity And Access Management ConsultantSsit Aug 2013 - Jun 2019Cyberark Version 10.xImplementing and Installing cyberark components(PSM, CPM, PVWA, vault) PIM Suite in the Environment.Upgrading the CYBERARK Environment from V7.1 to V10.x in all the environments.CYBERARK OPM LDAP Directory ServersInstallation of CyberArk, Support, Maintenance, Bug Fix for a different platform like Windows, Database, Linux/Unix, Safe creation, Master Policy creation.Implemented Enterprise Password Vault(EPV) ,Central Policy Manager(CPM),Configured Application Identity Manager(APM),Configured Privileged Session Manager(PSM) ,Configured Password Vault Web Access(PVWA),Cyberark Disaster Recovery VaultImplemented cyberark Privileged Threat Analytics(PTA) Automatic Onboarding for account vaulting and for the immediate reconciliation process.Implemented OAuth Authentication using Okta as the Authorization server.Worked on OKTA API’s for users groups, events and policies.Worked in OKTA custom templates using API’s
-
Iam EngineerSsit Jan 2013 - Jan 2014CA SitemidnerServed as technical lead for numerous integration projects between Checkpoint andother internal and external applications and clients, including adding outbound SSOconnections using PingFederate and SAML, working with clients to establish incomingSSO connections to Checkpoint, calling REST and SOAP based web services.Configuration, administration, and support of CA SiteMinder, (SSO/Single Sign-On), usingSAML 1.x, SAML 2.0, providing federated integration allowing for one credential login acrosstrusted sites/applications for multiple customers/locations.Installed, configured and maintained SiteMinder, Policy Servers, Sun One Directory Server andconfigured multimaster replication in Directory server.Experienced in SiteMinder policy server log files for troubleshooting SiteMinder environment.Also used UNIX/LINUX tools to analyze logs and was part of the 24/7 on-call team fortroubleshooting.Experienced in SiteMinder Test toll and SiteMinder policy server log files for troubleshootingSite Minder environment.Experienced in SiteMinder Test toll and SiteMinder policy server log files for troubleshootingSite Minder environment.Used Siteminder for authenticating user passwords for the web application. Exported andimported policy store using smobj export and smobj import respectively and also used smreg tochange the SiteMinder superuser password
-
Iam EngineerJohnson Controls Jan 2019 - Apr 2019Cork, Ireland, IeBeyondTrust privileged Access Management 6.4.4(Bomgar)Installed and configured BeyondTrust Insight, password safe for unix/linux, password safe for windows/Mac.On-boarding Teradata, oracle, netezza DB and vaulting accounts in password safe(PBPS)On-boarding custom-platforms into BeyondtrustCreating RBAC roles for all enterprise users. Used RetinaScanner to scan assets and on-board accounts.On-boarded assets using smart rules and XML import and API callsOn-boarding assets using API scriptsConfiguring assets using functional accounts and add it password safe.Configured RSA as MFA for Beyond insight console and password safe consoleExperience with PBUL(password safe for unix/linux) and PBW(password safe for windows)Onboarding apps into Okta for SSOIntegrated Workday with Oktapreview and Okta to import users from the workday and write back to ADExperience in installing Okta’s Lightweight agent to integrate with Active Directory.Configured Microsoft office365 with Okta.Have Built and grown strong collaborative relationships with key stakeholders to effectively get their application on-boarded into OKTA.Setting up SAML applications in OKTA. -
Senior Iam EngineerHewlett Packard Enterprise Jun 2017 - Dec 2018Houston, Texas, UsPing Identity (PF 9.2), PingID(MFA)Experience in setting up Pingfederate, PingAccess deployment, PingIDand PingOne in cluster model and stand-alone servers.Developed custom adapters and selectors. REST-based integration for mobile applicationsConfigured Kerberos authentication, x-509 authentication, HTML adapter for authentication flowsPKI certificatesDeveloped and configured authentication policies for enterprise users.SAML-Based Authentication with an SP and IDPImplemented all grant flows for OAuth 2.0/OpenID connect using Pingfederate.Configured SSO for Office 365 and tested it with modern authentication.Worked on an authentication policy based on customer requirement. Seamless SSO using the proxy approachREST-based integration for mobile applicationsOAuth 2.0/OpenID Integration with PingAccess to Saas applications.SAML-Based Authentication with an SP and IDPImplemented all grant flows for OAuth 2.0/OpenID connect using PingfederateSeamless keycloak SSO using the proxy approachImplemented Agentless and opentoken SSO integrationsDeveloped custom selectors of authentication flows. -
Iam ConsultantLiberty Mutual Insurance Feb 2015 - May 2017Boston, Ma, UsSailpoint IIQ version 7.2p2Partnered with developers and SailPoint specialists to install Identity management software on platforms such as: Linux and WindowsIntegrate multiple Identity Managers (SailPoint Identity IQ & CA Identity Manager)Configure/Provision Role Based Access Control(RBAC)Configure Applications, Account, Identity, Entitlement, and Role Aggregations Design/Implement Organizational, Business, and IT Role Access PoliciesConfigure/Schedule Role Access CertificationsEvaluate SailPoint-IIQ by Life Cycle Management, Access Review/Certifications, Policy Management, Role-Based Access Control and Connector modules. Generate Reporting on Certifications for Audit and Compliance JustificationDesign/Implement Rules and Workflows Automate scheduled task using CA-ESPUtilize/Interpret BeanShell Scripting Language within SailPoint to Customize Business Needs -
Senior Iam ConsultantNike Nov 2014 - Feb 2015Beaverton, Or, UsPing Identity (PF 9.1.1) and Ping Access Manager 5.1.0Installed an configured ping federate 9.1.1 and Ping Access 5.1.0 on HA servers.Experience in setting up Pingfederate, PingAccess deployment, PingIDand PingOne in cluster model and stand-alone servers.Developed custom Microsoft MFA adapter. REST-based integration for mobile applicationsConfigured kerberos authentication, x-509 authentication, HTML adapter for authentication flowsPKI certificatesDeveloped and configured authentication polices for enterprise users.SAML-Based Authentication with an SP and IDPImplemented all grant flows for OAuth 2.0/OpenID connect using Pingfederate.Configured SSO for Office 365 and tested it with modern authentication.Worked on authentication policy based on customer requirement. Seamless SSO using proxy approachREST-based integration for mobile applicationsOAuth 2.0/OpenID Integration with PingAccess to Saas applications.SAML-Based Authentication with an SP and IDPImplemented all grant flows for OAuth 2.0/OpenID connect using PingfederateSeamless SSO using proxy approachImplemented Agentless and opentoken SSO integrationsDeveloped custom selectors of authentication flows. -
Senior Iam ConsultantEbay Aug 2012 - Oct 2014San Jose, Ca, UsInstalled and configured ping federate and pingone.Migrated application from secureauth to pingMigrated SaaS application to pingoneIntegrated on PingID and Duo Multi-factor authenticationIntegrated and registered YubiKey is a small with PingID and provides OTPs for MFAConfigured SSO using Opentoken, agentless(,net,php,jsp)Upgrading ping federate environments using scriptsConfigured SSO using SAML 2.0, ws-fed, openID/OAuth Configured Microsoft office365 with Okta.Experience in installing Okta’s Lightweight agent to integrate with Active Directory.Have Built and grown strong collaborative relationships with key stakeholders to effectively get their application on boarded into OKTA.Implemented Okta Multifactor authentication and IP risk based authenication for multipleinternal applicationsImplemented IWA authentication for internal applications using the custom authenticationscheme using Okta exposed API.Served as technical lead for numerous integration projects between Checkpoint and otherinternal and external applications and clients, including adding outbound SSO connectionsusing Okta and SAML, working with clients to establish incoming SSO connections toCheckpoint, calling REST and SOAP based web services.Implemented Okta for WS-federation authentication like share point and integrated with SaaScloud based applicationsIntegrated Okta for directory provisioning with on-premise active directory for usersynchronization.
Sri P Skills
Ldap
Bamboo
Cyberark
Windows Server
Oauth 2.0
Linux
Data Center
Forgerock
Operating Systems
Software As A Service
Microsoft Sql Server
Jira
Iam
Sailpoint
Wireshark
Adfs 2.0
Saml 2.0
Powershell
Html
Ping Identity
Sso
Java
Programming
Password Safe
Pl/sql
Okta
Ping Federate
Javascript
Oracle Identity Manager
Forefront Identity Manager
Sql
F5 Bigip
Oauth
Beyondtrust
Software Development
Information Assurance
Siteminder
Mysql
Sri P Education Details
-
New York Institute Of TechnologyComputer Science
Frequently Asked Questions about Sri P
What company does Sri P work for?
Sri P works for Cdw
What is Sri P's role at the current company?
Sri P's current role is Identity and Access Management Consultant.
What is Sri P's email address?
Sri P's email address is sr****@****ssit.dk
What schools did Sri P attend?
Sri P attended New York Institute Of Technology.
What skills is Sri P known for?
Sri P has skills like Ldap, Bamboo, Cyberark, Windows Server, Oauth 2.0, Linux, Data Center, Forgerock, Operating Systems, Software As A Service, Microsoft Sql Server, Jira.
Who are Sri P's colleagues?
Sri P's colleagues are Bethany Spooner, Marcie Smith, Baldeep Singh Bhatia, Gary Shmel, Didi Mars, Devin O'brien, Daniel Misbach.
Free Chrome Extension
Find emails, phones & company data instantly
Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Aero Online
Your AI prospecting assistant
Select data to include:
Total price:
$0.00
0 records × $0.02 per record
Download 750 million emails and 100 million phone numbers
Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.
Start your free trial