Home

Mounica Bolledu - Sailpoint /IAM Developer

[email protected]

Location: Alpharetta, Georgia, USA

Relocation: Yes

Visa: H1B

Mounica Bolleddu Cell: 678) 707-2060 [email protected] PROFESSIONAL SUMMARY: 9 years of work experience on Work experience on Security Identity Manager (ITIM), ISIM, LDAP-IDS(IBM Security Directory Server), Security Directory Integrator (TDI), Security Access Manager (TAM), ISAM, Websphere Application Server (WAS) and Understanding the Environment, Sailpoint identity IQ, PingIdentity, PAM Administrator Created various identities and accounts, setting up roles, Assigning users to various ITIM roles. Developed JavaScript in Identity Provisioning policy for license group attribute (customized) to Office 365intermediate LDAP. Gather business requirements, configure SailPoint components, and integrate with various systems such as HRsystems, Active Directory, and application platforms. Installation and configuration on ISIM v7 appliance (DEV, QA, PRD) Worked on Migration data from ITIMv5.1 to ISIMv7 and Testing in DEV, QA, PROD environments. Created instance and configuration in LDAP servers and imported schema files from ITIM v5.1 to ISIM v7. Established SSL on Security directory servers LDAP.Implemented complex ITIM Workflows such as approvals, provisioning /deprovisioning and import /export Experience on users Lifecycle Management Rules like CREAT, MODIFY and DELETE. Experience in migrating user data from on-prem environment to AWS Created Standard, Transparent & Virtual Host Junctions to enterprise backend applications. Worked as an administrator level day-to-day activity in IBM Security Access Manager (ISAM) Configuring various objects to pass additional attributes from LDAP through WebSEAL to the backend webapplications. Defined and implemented roles, entitlements, and access policies in SailPoint to align with organizational needs Automated user provisioning workflows between SailPoint, LDAP, and ISAM, reducing manual interventions. Configure SailPoint IdentityIQ as a Service Provider (SP) for SSO using SAML. Map attributes and entitlements between Okta and SailPoint to ensure accurate userprovisioning.And enable role-based access and periodic access certifications in SailPoint. Develop and test end-to-end SSO workflows between SailPoint, ISAM, and Okta. Enforce security best practices, including encryption, certificate management, and multi-factor authentication (MFA). Developing Assembly lines in Security Directory Indicator according to the business logic Worked on WebSeal config files and setting the authentication mechanisms and allowing access to serverports. Handled a team of 20 members in executing projects with offshore components. EDUCATION Masters in information technology at Valparaiso University, Indiana May 2017 Bachelors in computer science and engineering at JNTU, India May 2014 TECHNICAL SKILLS: Access/IdentityManagement IBM Security Identity Manager (ISIM v6.0) IBM Tivoli Directory Integrator (ITDI 7.1.1), LDAP IBM Directory Server IDS (IDS v6.4), IBM Tivoli Access Manager (TAM v5.1, 6.1) and TFIM (Tivoli Federated Identity Manager), IBM Security Access Manager (ISAM v9.0). Languages Java, Shell Scripting, C, HTML, XML, SQL, JavaScript, XSLT, Python Middleware & WebTechnology IBM WebSphere Application Server, Apache TOMCAT Database DB2, MS SQL Server2012 Operating system Windows, Linux, IBM AIX Tools VMware, Eclipse, SqlPlus, GIT, Fiddler, SailPoint,Ping identity, splunk STATE OF GEORGIA -Deloitte, Peachtree, GA March 20- Sep' 2024 Sailpoint/IAM Developer Responsibilities: Enhancement and Maintain Identity and Access Management Components operation for State of GeorgiaWorker portal application Users Create users In Active Directory and synchronize these users in SIM SAM and Application Database using TDI automation Java scripting for Authentication and Authorization purpose Maintenance on Various Platforms in IBM Security Identity and Access Management (ISIM, ISAM), TivoliDirectory Integrator (TDI) and WebSphere Application System (WAS) Troubleshoot and coordinate with various teams while performing Testing the use cases to sync the user tothree different accounts and updating ADD, MODIFY, DELETE depending on Lifecycle of the user in TDI Maintenance of WebSeal junctions, access control list, updating Password policy configuration in SAM and Active Directory. Customizing according to the business application requirements Clean the existing environment and Importing and Configuring Assembly line script from Prod Environment tonon-Prod Environment. Implementing Technical and functional understanding of client/server enterprise systems involvingsecured access to systems Cloud Migration (AWS): Installation and configuration of ISIM /ISAM LDAP, DB2 and TDI software Migrated user data from on prem environment to AWS (UAT, DEV, PREPROD, PROD) Applied fix pack for all the ISIM/ISAM TDI components in AWS Upgraded from ISIM V 6.0.0.2 to 6.0.0.24 Upgraded ISIM/ISAM LDAP servers from V 6.3 to 6.4 Upgraded DB2 from version 10.0.1 to 10.5 Maintaining and troubleshooting the AWS environment 24/7 support for PROD Implemented new environments in webseal and configuring junctions to backend servers. Maintaining the user database using SQL developer tool, to verify the user records in various environmentdatabase. Configured connection between ISAM and SailPoint On-boarding the workerportal users through identity IQ Integration of SailPoint and Active Directory and provisioning the users to target systems. Synchronizing the database configuration details in TDI, ISIM and database. Currently working on log4j vulnerabilities on All the components (ISIM/ISAM TDI and websphere) Worked on Migration data from onperm to ISVA setup and Planning with IBM support Maintaining the server when OS level patching is implemented every weekend and troubleshooting when thereis any issue. SailPoint IIQ: Developed an overall IAM strategy that aligns with the organization's goals and objectives. This involvesunderstanding business processes, evaluating risks, and defining access policies. managing the entire user lifecycle, including user provisioning, deprovisioning, and access recertification. ensure that user access is granted and revoked in a timely manner, following defined policies and procedures. Onboarding users from Active Directory to SailPoint IIQ and creating accounts. Provisioning users from SailPoint IIQ to Database and ISAM. Configured password policy.implement security best practices, such as multi-factor authentication, privileged access management, andpassword policy enforcement. Assist in monitoring, troubleshooting, and providing problem resolutions to related incidents. Approving or denying requests for temporary privileged access to critical systems based on business requirements and security policies by appling IBM's PAM previlaged access Worked on assignning system administrator roles to new users and ensuring that access to sensitive systemsis properly revoked when an employee leaves Okta Integration: ` Worked on boarding the users from AD to Okta and provisioning to the target systems like Database. Worked on SAML 2.0 Assertion integrations in okta to enable secure single-sign-on (SSO) between their applications and okta s identity platform. Set up Okta as an Identity Provider (IdP):involves providing general settings, such as the application name and logo, as well as specific SAML-related information like the ACS (Assertion Consumer Service) URL and the entity ID. Worked on Attribute Statements and Mapping, which map user attributes in Okta to the correspondingattributes expected by the service provider. Worked on Testing various user scenarios, such as new user provisioning, attribute mapping, and userlifecycle events, to ensure proper synchronization and functionality. Environment: Sailpoint IIQ V8.1, Security Access Management (IBM ISAM v9.0.7.2), Security Directory Server v6.4,WebSphere v8.5.5.16, IBM's PAM (IGI) BB&T (Truist Financial), Wilson, NC April 19- March 20 Sailpoint/IAM Engineer Responsibilities: ISAM Upgrade on-boarding existing applications from WebSeal software to appliance version by executing json builds on Linuxand creating run books/documentation for the same. Gathering, designing, developing and implementation of Evergreen Webseal to ISAM Migration project forupgrading the webseal Tivoli Access Management (TAM Software v 6.1) environment to Security AccessManagement (ISAM Appliance v9) Developing the automated Json scripts to prebuild the environment and applied cluster configuration before thedata migration in multiple Environments (DEV, SIT, UAT, PROD, DR) Validating the network and firewall connection and Troubleshooting in ISAM environment and customizing themaccording to the business needs Like Creating instance, junctions, ACL s, POP. Validating the new environment with combination testing like switching on/off the old webSeal environment andtroubleshooting while validation from ISAM side Allowing SSO Single-sign-on between client and the backend application like BB&T online banking Implemented custom password policy for all the user's across BB&T to enhance security level for all theEXTERNAL applications to satisfy business requirement. Perform normalization for all the custom configuration setup for existing applications on WebSeal software toimplement on appliance setup. Customizing multiple instance configuration file stanza Setup of reverse proxy http/https request andvalidating with junction backend-end web application serverLDAP Directory server v 6.4 Extract user data from LDAP (Linux commands) to assist application teams to validate ISAM integration andto maintain stability over environments Configured LDAP SSL KeyStore and Created Replication configuration over SSL Bulk User data Migration both existing and new users, attributes Mapping, password policies and its Expirysetup, group access and permissions. TAM v6.1 Building Json automation script and validating with the existing instance, junction, ACL s, object space,hostname, ports numbers Decommission the application integrations from legacy infrastructure, once after successful setup on appliance. Troubleshooting and coordinating with network and application teams while performing data migration throughISAM. Support the System Integration Testing (SIT), User Acceptance Testing (UAT) and Production environments andReplicating all the instance in DR (Disaster Recovery). Monitor code deployment and network connection from F5 load balancer over environments and maintainsynchronization. Engage with IBM and network team, if needed respond to service tickets, queries/ requests and emails. Attending daily meetings on status report and testing for specific application for coming weeks and issues to beresolved discussions and attending local cab and global cab meetings in order to get the approval for prodenvironment final deployment Environment: Tivoli Access Management (TAM v6.1.1.31), Security Access Management (IBM ISAM v9.0.7.0),Security Directory Server v6.4, WebSphere v8.5.5.16 PROJECTS Palmetto security Group, Greenville, SC Feb 18- Feb 19 IAM Developer Responsibilities: ITIM v5.1 Designing and implementation of solutions for Office 365 license groups Adding the user into the group membership to target office 365 from ITIM Involved in providing the role to the new user depending on business ruleUsers and Group provisioning populate an intermediate LDAP that is queried by Azure Active directory Connect(AADC) Configured Email address generation logic by custom workflow extension using java and json File Developed JavaScript in provision policy parameters by adding new attribute using business rules Worked on updating new changes to add the users into group in jarfile and modified schema.dsml file andadded new account attribute Worked on testcases in both QA and PROD and debugging the issues log files Hand on experience on Linux commandsLDAP Directory server v 6.4 Hand on experience on Linux commandsConfigured Directory server and database Created new suffix and replicated organization tree in DEV from higher environment. TDI v7.1.1 Creating new users, adding deleting, modifying and Evaluating the users to the logic Worked on LDAP Connectors in O365 LDAP Adapter and developing AL for license group (0365) Deploying the script in ISIM QA and testing both new and existing users Worked on testcases in both QA and PROD and debugging the issues log files Performed TDI Assembly line script modification to the target system O365 intermediate LDAP Worked on HR feed in ITIM for reconciling new user and updating the modified user s profile of any existingusers Developed custom Adapter to write to office 365 Intermediate LDAP Developed Add, delete, modify Assembly lines in TDI and imported in ITIM using RMI dispatcher Worked on updating new changes to add the users into group in jarfile and modified schema.dsml file andadded new account attribute Provisioning the necessary attributes for Single Sign-on to SAM LDAP Provide globally unique email addresses and Provisioning all legacy Ahold user identities to the Office 365 Intermediate LDAP Performed importing and exporting the jar files and modifying them to the requirement from TDI ISIM Upgrade Intense knowledge and hand on experience Installation and configuration from the scratch Involved in upgrading ITIM from ITIM5.0 to ISIM 7 and clustering the servers Performed on configuration, Unconfigure the directory server in QA ISIM appliance Strong in LDAP configuration like Creating instance with custom schema Configured Peer to peer Replication on LDAP Server in QA, PRD Importing the schema files and importing Customization extension and properties in the appliance (DEV). worked on Runbook and Documented all the test cases after importing the jar files Importing the workflow extensions files into the appliance ISIMv7 Troubleshooting on ITIM Console login Issues (Authentication) in appliance also cluster manager server as issue was detected in port number which was been used withanother instance. Replication master server backup and testing by deleting or modifying the attribute Importing customization extensions and properties into ISIM7 appliance on PROD, QA, DEV environment. Worked on Base-line testcases in QA in ITIM5.0 for DEV in ISIM7 Worked on Migration Testing in DEV, QA, PROD Performed Telnet connection of TDI servers local and remote servers (InterSIM) configuration on custom properties and libraries documenting of TDI scripts in QA, PROD, DEV run crontab commands, Reading the script Troubleshoot on Cluster manager server appliance ISIM7 Performed on applying fix pack on ISIM appliance server and Installation the firmware update on DEV, QA,PROD servers. Worked on TDI configuration, RMI DispatcherISAM v9, Sailpoint iiq Worked on Configuring Single sign-On (SSO) in WebSeal config file Junction creation (standard junction) in DEV and Provided support of session stickiness in stateful junction Performed Import and export certificate into cert label for the authentication Worked on TDI scripts logging Deleted and suspended users. Configurated connection between ISAM and SailPoint Onboarding the users in identity IQ from AD and Worked on customization by developing scripts and rules Process account creation, modification, deactivation, and deletion requests. Ensure timely and accurate fulfillment of account management requests. Verify that all account requests comply with organizational policies and procedures Configure and maintain LCM workflows for account management requests. Ensured that provisioning and deprovisioning processes are automated and synchronized with SailPoint. Manage role-based access control (RBAC) and ensure appropriate access levels for all users. Handle access requests, ensuring proper approval and documentation. Environment IBM Security Identity Manager 7, Tivoli Directory Integrator V7.2, IBM Security Access Manager9.0, ITIM 5.1, Security Directory Server V6.4, Tivoli Directory Integrator V 7.1.1, Sailpoint iiq 7.3 BMO Transportation finance, Danbury CT May 17 -Jan 18 Sailpoint Developer/Admin Responsibilities: Responsible for integrating, managing, and maintaining the connection between SailPoint IdentityIQ andMicrosoft Active Directory. Worked in Configuring SailPoint to synchronize and manage identities, ensuring secure and efficientaccess control, and maintaining the integrity of the identity management system. Implement policies for role-based access control (RBAC) and attribute synchronization. Ensure the secure transfer of identity data between SailPoint and Active Directory. Manage the lifecycle of user identities from onboarding to offboarding. Ensure accurate and timely provisioning of user accounts, group memberships, and access permissions. Monitor and troubleshoot identity synchronization processes. Experience with scripting languages (e.g., PowerShell) for automation. Onboarding users from Active Directory to SailPoint IIQ and creating accounts. Provisioning users from SailPoint IIQ to Database and ISAM. Configured password policy.implement security best practices, such as multi-factor authentication, privileged access management, andpassword policy enforcement. Assist in monitoring, troubleshooting, and providing problem resolutions to related incidents. Configured SAML2.0 authentication mechanism for Identity and Service providers. Implemented for client to interact with the application for Deployment, appliance admiration, Configuration. Troubleshooted database corrupted issue due to missing log file. Worked on DAY TO DAY ticketing user activities like ADD users, deleting users, providing access tobackend application. Environment IBM Security Identity Manager 6.0, IBM Security Directory Server 6.4, Tivoli Directory IntegratorV7.2, IBM Security Access Manager 9.0, Sailpoint IIQ 7.1 Allina Health [offshore] Sep 13-Dec 15 ITIM/ TDI Developer Responsibilities: ITIM Designing and implementation of solutions for Identity and Access Management Installation and Customization of UNIX out of box Adapter Install/Configure/Administer IBM Security Identity Manager (ITIM 5.1 / TDI 7.0) for User management andprovisioning.1 Developed custom provisioning policy depending on business logic Creating Roles and assigning services to the provisioning policy Worked on Life Cycle rules and ACI in Web admin tool Administrated to add the users in the project and assigning the roles, permissions by implementing LifecycleRoles perform ITIM system maintenance and also worked on workflow customizations Generated reports using Data synchronization Troubleshoot users Day-to-Day Activities Trouble shooting TIM, TDI, WAS and DB2 issuesLDAP Directory server configuration and handling user information like creating instance, modifying and deleting Troubleshooting on Log files on both LDAP and Database DB2 Enabled SSL connections between TDI and ITIM Performed master -replica replication in LDAP Configured performance tuning on LDAP filter and entry cache Configured schema management to store in LDAP to maintain DITs Tivoli Directory Integrator (TDI) Developed automated Script in TDI Assembly lines to update user s information at scheduled time Worked on TDI, IDI Feeds, HR Feeds using various connectors to pull the data from the source Developed TDI Assembly lines and configured Reconciliations for a custom service which was an enhancement to the client existing system. Environment IBM Tivoli Identity Manager (ITIM v6.0), IBM Tivoli Access manager (ITAM v8.0), Federated Identity Manager (FIM), IBM Web Sphere (v8.5), IBM Directory Server IDS LDAP, IBM Tivoli Directory integrator (TDI v7.1.1). Tivoli Identity Manager 4.6, IBM Directory, Sailpoint IIQ V6.2 Keywords: cprogramm quality analyst active directory ffive microsoft Alabama Connecticut Georgia Idaho North Carolina South Carolina