Abdul Mohith

Email: stu.abmohith@gmail.com
Cell: (347) 674-7885
Work Authorization: US CITIZEN
Sr. IAM Engineer
Summary:
 I possess around 10+ years of experience as, IAM Engineer, Privileged Identity Management (PIM), and Just in
Time access (JIT). Currently working with State of NY.
 Designed, Implemented, and troubleshoot Layer 7 application API Gateways for Company-wide application
services. He developed Custom java classes in IIQ. Also developed portable, web-based user interfaces using
JSP, JSF, HTML, DHTML, JavaScript, CSS, and AJAX. Utilized Object-Oriented technology and standard Java
development frameworks. Proficiency with Java IDEs-Eclipse and source code control tools- GitHub, & Serena.
 Used MongoDB to store data in JSON format and developed and tested many features of the dashboard using
Python, Bootstrap, CSS, and JavaScript. Writes SQL Queries, and Oracle Identity and Access Management.
 Utilized Splunk, Service-now, and Wily to customize to our team and management requirements for internal
applications. Established standards, designs, and implementation of appropriate identity and access
management processes and controls which help improve operations and lower risk. Troubleshoot issues
encountered.
 Served as liaison between platform, technical, and business teams for end-to-end business processes.
 Designed SailPoint deployment activities, connector configuration, custom rule development, workflow
configuration, development, and third-party system integration. Designed, configured, and implemented
SailPoint IIQ, including coordinating with technical services leadership, and end-user customers.
 Expertise in implementing, integrating and supporting Okta cloud SSO, MFA and enterprise SaaS technologies
into complex IT environments across heterogeneous operating environments.
 Orchestrated the design and deployment of Identity and Access Management (IAM) solutions leveraging .NET
technologies, including ASP.NET Core, Web API, and SQL Server, to fortify security frameworks and streamline
authentication processes.
 Experience in SailPoint tool customization, Report Generation, Integration with end/target systems, SailPoint
APIs, and Application Development. Experience with IAM products from ForgeRock (OpenIDM, OpenAM and
Open DJ) and building IAM solutions implementing OAuth2 and ODIC specifications. Upgraded Ping Federate
from Version 7.0 to 8.0 both for Console and Engine server. Flexible to work any time zone. Possess good
communication skills.
 Design ICAM solution with oracle IAM suite for confidential and asset management systems.
 Have excellent technical leadership, analytical, problem-solving, communication and interpersonal skills, with
ability to interact with individuals at all levels and can work as a part of a team as well as independently.

Technology Skills:
 SSO and Identity: Novell/NetIQ Access Manager, Ping Federate 6/7/8, SiteMinder R12 SP2, SP3 / R6 SP1, SAML
2.0. PingFederate v8.2.2, Ping Access v4, ICAM
 Operating Systems: x64/x86 RHEL 7.x/6/5, CentOS, Microsoft Windows 2008, 2012R2, 2016, 2019/ Microsoft
Windows 8.1, 7, and Windows XP
 Office & Support Tools: MS Office 2000, 2003, 2007, 2010 & 2013. Open Office 3.0, Share Point Server Lync
2010, Power shell scripting Office 365, Service Now.
 LDAP Directories: CA Directory etrust, Microsoft Active Directory, Oracle Virtual Directory (OVD), Azure Active
Directory, AD
 Identity Management: CA/Integrity SiteMinder, Ping Federate, Cassy, eDB (Custom), Azure AD, AD
 Web Servers: Apache 2.x, ngnix, IIS, IBM HTTP server, .Net framework
  Virtual Environment: VMware vSphere ESXi Server 5.1, ESX 4.1, vFabric, VMware VCenter Server 5.5, Citrix
Studio 7.5, Citrix receiver and MS Hyper-V
 Vulnerability Management Tools: Nessus, Nmap, Nexpose, Wireshark, Fortify
 Security Software: Nessus, Ethereal, Nmap, Metasploit, Snort, RSA Authentication
 Pen Test Tools: Metasploit, Burp suit, NMAP, Wireshark and Kali
 Other Skills: Configure SSL, Configure SSO, Azure, SharePoint, .net.
 Qualys Guard: Vulnerability Management, Web Application Scanning, Threat Protect, Policy Compliance, Cloud
Agents, Asset Management, Governance, Risk Management and Compliance.

Education Details:
Bachelor in Computer Science from Lehman College, Bronx, NY - 2012

Professional Experience:

State of NY Feb 2022 - Present

Sr. IAM Engineer
 Extensive hands-on experience researching, architecting, and deploying MIM/FIM (Forefront Identity
Manager/Microsoft Identity Manager)
 Worked on different out of the box and custom connectors like Active Directory, UNIX, Delimited, JDBC, RACF,
LDAP, etc.
 Proficiently implemented OpenID Connect (OIDC) authentication protocols to bolster security frameworks and
facilitate single sign-on (SSO) capabilities within enterprise applications, ensuring seamless and secure user
authentication experiences.
 Experience on setting up SAML applications in OKTA Installing AD / IWA agents on member domains, validating
single sign-on, user provisioning and troubleshooting password synchronization across multiple Okta platforms.
 Participated in all SailPoint development and deployment activities.
 Extensive hands-on experience deploying and managing Forefront Identity for exchange including FIM Portal,
FIM Sync engine, FIM Service to centralize identity management and manage user passwords reset and lockouts
issues.
 Extensive hands-on experience deploying upgrades on Forefront Security for Exchange and managing.
 Extensive hands-on experience deploying upgrades on Forefront Protection for Exchange and managing
production issues.
 Integrating Microsoft Azure MFA with CyberArk, VPN, Oracle access manager, VDI and other third-party tools.
 Implementation & integration of PAM solutions (CyberArk, Password Auto Repository)
 Set up CI/CD pipelines for Microservices on AWS using App services. Collected and groomed requirements
related to building custom workflows, rules, policies, and provisioning in Saviynt IAM.
 Extensive hands-on experience troubleshooting configuration issues on Forefront Threat Management Gateway
and managing.
 Employed expertise in .NET technologies to architect IAM systems that effectively manage user identities, access
controls, and authorization mechanisms, ensuring compliance with industry standards and regulatory
requirements.
 Leveraged expertise in ForgeRock to architect and customize identity lifecycle management workflows, including
user authentication, provisioning, access management, and single sign-on (SSO), tailored to meet specific
business requirements and compliance mandates.
 Collaborated closely with stakeholders to gather requirements and translate them into ForgeRock Identity
Platform configurations, ensuring seamless integration with existing systems and applications while enhancing
security and user experience.
 Implemented robust ICAM solutions to enhance security posture and streamline access control processes,
ensuring adherence to industry standards and regulatory requirements."
 implementing ICAM solutions, emphasizing their importance in bolstering security measures and ensuring
compliance.
  Demonstrated proficiency in utilizing Security Information and Event Management (SIEM) platforms, including
Splunk and ELK, to monitor, analyse, and respond to security incidents and threats, thereby enhancing the
overall security posture of the organization.
 Extensive hands-on experience deploying Forefront identity and Access management server (now Microsoft
Identity and Access Manager) to manage directory synchronization across dissimilar email infrastructures.
 Extensive hands-on experience deploying and managing Antigen 9 (now Forefront Protection for Exchange) on 2
seven node and one 5 node Exchange 2003/Windows clusters.
 Good experience in designing and development in IAM products like SailPoint IIQ and Identity Now.
 Provided solutions for changing business requirements. Implement REST classes using SailPoint Rest Application.
 Experience in SAML-based authentication 1.1 and 2.0 using Ping Federation, Site Minder Federation and
integrated with Site Minder authentication and another adapter.
 Experienced in end-to-end integration of IAM Solution using SailPoint Identity and Access Ping Federate, NetIQ's
Access Manager, Active Directory Federation Service, CA Federation.
 Azure Active Directory (AAD) configuration and management, policies and provisioning, Azure AD Connect,
Azure AD, Multi-Factor Authentication, ADFS, AD DS, AD CS.
 Upgraded Identity IQ from 7.0 to 7.1 and applied patches. Migrated SAML and OAuth connections from NetIQ
Access Manager to Ping Federate in the staging Environment.
 Experience with Single Sign On technologies such as PingFederate, Ping Access, ADFS, and Azure AD.
 Worked closely with SailPoint architects and engineers for design and solution architecture implementation of
the Self-Service Registration feature of SailPoint IIQ. Administered user accounts and profiles and performed
test planning and test activities for SailPoint Application post-patch application.
 Experienced in IAM (Identity and Access Management) and responsible for installing, integrating and deploy the
IdentityIQ OR Identity Now product in client environments.
 Performed Requirements Gathering for a Proof of Concept to be implemented into their environment in
development for Azure AD, PingFederate and Microsoft Active Directory server.
 Worked on implementation of Novell/NetIQ's e - Directory, Identity Manager, i-Manager.
 Worked on provisioning users from OKTA to AD and importing users from AD to OKTA.
 SailPoint Identity Now Implementation strategized and implemented Identity and Access Management solutions
for the client to strengthen the security posture and increase usability.
 Using IIQ Console for operations such as checkout, import, connector debugging, etc.
 Worked on Ping Federate Clustering with Engine and console servers being part of the cluster by maintaining
multiple clusters for the high availability, Configured Ping Federation Environment for SAML Federated
Authentications for users coming from partner sites by configuring ID Provider/Consumer using SAML 2.0 POST
binding. Configuring Ping Access logout and sharing the URL with the Application team.
 Implemented and Customized Manage Access and Manage Identity modules as per customer requirements in
SailPoint Identity Now.
 Implemented connectors and integrations between ForgeRock Identity Platform and various enterprise systems,
such as LDAP directories, HR systems, cloud applications, and SaaS platforms, to facilitate automated user
lifecycle management and access provisioning workflows.
 Designed and implemented solutions to migrate federation-based applications from IBM to Ping Access, creating
various Ping Access configurations - creating the site, application, Identity Mapping, Web Session, etc. Configure
Ping ID MFA in ping Federate for providing two-factor authentications for some applications.
 Troubleshooting application integration/migration issues with respect to Ping SSO. Identify security gaps
through Ping. Perform Installation and configuration of SailPoint IdentityIQ.
 Developed custom SailPoint Build Map Rules and Workflows as per the business needs. Setup applications Active
Directory, LDAP, Oracle, and Flat Files. Provided knowledge transfer and postproduction support activities.

CVS Health Care - Cumberland, RI April 2020 – Jan 2022

Sr. IAM Engineer
 Experience in SAML based authentication 1.1 and 2.0 using Ping Federation, SiteMinder Federation and
integrating with SiteMinder authentication and adapter. Experienced in migrating NetIQ Access Manager to Ping
Federate.
 Experienced in IAM/PAM tools with deployment, configuration, integration and troubleshooting CyberArk
Privileged Account Security.
 Researched and deployed Forefront Identity Manager to manage user accounts lockouts and passwords reset
issues.
 Leveraged expertise in SIEM platforms to design and configure dashboards, alerts, and reports, providing
valuable insights into system activities, user behaviours, and potential security vulnerabilities for proactive
threat detection and mitigation.
 Deployed FIM to allow end user reset/unlock their passwords installed Forefront Identity Manager workflow
activity libraries (FIMWAL)
 Experience with Identity Now in Managing access to information for cloud-based services.
 Provisioning using Identity Now that ensure users to immediate access to all the applications, they need to
perform their jobs.
 Collaborated with cross-functional teams to implement IAM solutions seamlessly within existing .NET
environments, fostering interoperability and scalability while optimizing performance and resource utilization.
 ICAM encompasses managing the credentials used to authenticate users and systems. This includes passwords,
digital certificates, and other authentication factors.
 ICAM includes determining what actions users are allowed to perform once authenticated and authorized.
 Gathered the business requirements and translated business requirements to technical functionality within the
SailPoint IdentityIQ application. Work closely with SailPoint architects and engineers for design and solution
architecture implementation of the Self-Service Registration feature of SailPoint IIQ.
 IAM expertise and domain knowledge in identity management, access management, role management,
compliance management, solution design, system integration, implementing and deploying large-scale identity
management solutions for large enterprises using Oracle IDM, Sun IDM, NetIQ, Cherwell & ServiceNow tools.
 Good experience as an IAM analyst specialized in Oracle IDM, NetIQ.
 Provided training and knowledge transfer sessions to IT staff and end-users on ForgeRock Identity Platform
features and capabilities, empowering organizations to leverage IAM solutions effectively and independently
manage identity-related tasks.
 Designed and implemented SailPoint build processes, code migration, and source control use. Developed an
updated IT Risk and Compliance strategy for RQS IT at AbbVie.
 Design, Implement and troubleshoot Layer 7 application API Gateways for Company wide application services.
 Involved in the development and customization of user provisioning solution using IAM.
 Designed and implemented Okta SSO and Okta MDM from the ground up with 150+ SAML applications. Worked
with more than 40 different groups to integrate their applications into SSO. Supported RSA integrations and
configurations and daily operations like adding user and disabling user token assignment.
 Enabling self-service features like password management such as resetting passwords easily from any desktop
browser or mobile device using Identity Now.
 Troubleshooting, application onboarding, performance tuning, system monitoring of Saviynt
 Worked on role engineering and setting up RBAC in SailPoint Identity Now platform.
 Installation and Configuration of ForgeRock AM 6.5, DS, IG and IDM.
 Administered DB2 authority access and security controls including secondary authorizations and RACF groups.
 Relevant experience with configuration, provisioning, and reconciliation to/from various resources/applications
namely MS Active Directory, MS Exchange, Oracle Database, MySQL and other database-based systems, SAP
systems, Sun Directory Server/iPlanet and other custom applications.
 Successfully upgraded Ping Federate Services from 8 to 9 and Ping Access 4.x to 5.x.
 Configured SAML single sign-on (SSO) instance for internal and external users, wherein external users and
internal users performing various administrative tasks that included managing external and federated users
Develop custom SailPoint Rules and Workflows as per the business needs.
 Designed and implemented Access Certification, Automated Provisioning and Governance aspects of IIQ
 Rewriting the workflows to encompass the new way of provisioning. Restructured the entire product to reflect
direct provisioning across a large number of applications. In the process of upgrading the Identity IQ product
from 6.1 to 6.3. Manage SailPoint installation, integration, provisioning with connectors such as Active
Directory/Exchange, Delimited File, XML, MSSQL Server, JDBC, BMC Remedy, etc.
  Implemented Identity-aware applications using Windows Identity foundation (WIF).
 Perform on IAM/MFA development and solutions within Microsoft Azure and other cloud providers.
 Provide project management support across multiple security work streams.
 Troubleshoot user access problem in Thycotic Secret server environment. Provisioning and access governance
experience with and understanding of security on systems such as AD, LDAP/Unix, Oracle, Sybase, and manual
provisioned applications.

Deutsche Bank, NC Jan 2017 – March 2020

Sr. IAM/Sailpoint Engineer
 Install and Manage security reporting tools to monitor any Active Directory changes. Plan and manage all the
migrations and upgrades related to Active Directory and Domain controllers
 Extensive knowledge in implementing and supporting with accreditation from Identity and Access Management
(FIM/MIM | Access Governance |Privilege Access Management into CyberArk Security/AZURE/AWS
IAM/Microsoft Forefront Identity Manager (FIM), AD, Azure AD.
 Support in Analysis of the business requirements and present design review to estimate the timeline required to
complete the project. Configured SSO in SailPoint IAM services.
 Provisioning users (create, modify, update and delete) along with self-service portals like password reset,
request for access, manage Job Code, out of office assistance across endpoints like AD, RACF, Linux etc.
 Utilized Access Governance and Compliance knowledge. Onboarded various applications- delimited files, AD,
JDBC, etc. Supported SUN Identity Manager System 7.1 and with SiteMinder/Opens SO, LDAP, AD, SPML, etc.
 Implemented provisioning, de-provisioning, and other related functionalities for new applications.
 Leveraged roles and access profile to define different life cycle states in Identity Now.
 Worked on configuring different email templates and setting up the approval request framework in SailPoint
Identity Now.
 Collaborated with cybersecurity teams to develop and enforce access policies, review access requests, and
conduct access certifications using ForgeRock Identity Platform, enhancing governance, risk management, and
compliance (GRC) practices across the organization.
 Responsible for monitoring, maintaining, and supporting Microsoft Identity Manager/Forefront Identity
Manager (MIM/FIM) infrastructure and processes.
 Worked on configuring different sources in Identity Now platform such as AD, LDAP, flat file, ServiceNow, JDBC.
 Setting up SAML applications in OKTA. Applied Risk Management Framework (RMF) Using NIST as a guide for
assessments and CM Access Hub (Saviynt / SailPoint) Developer
 Worked on Single sign-on (SSO), SailPoint Identity IQ custom, and out-of-box workflows in SailPoint. Worked on
the implementation of IAM solutions like CA Single Sign-On, and Identity Federation using Ping Federate.
 Experience on Configuring Resources like JDBC Providers and data Sources for different RDBMS products and
Configuring WebSphere MQ for different applications on different application servers.
 Experience with Azure App registrations, SAML SSO, Azure Active Directory Connect and Azure Portal
Administration.
 ICAM requires monitoring and auditing access to resources to detect and respond to unauthorized activities.
 implementing ICAM strategies, that help organizations manage identities, control access to resources, and
maintain a secure and compliant environment.
 Perform SSO connections in Azure AD technology standards with SAML2.0 (SAML spring framework -backend
coding). Daily management of Office 365 administration/ Azure Directory/ AD password sync.
 Experience in managing Cloud technologies like Microsoft Office 365 and Microsoft Azure Web Services.
 Integrating applications with OAAM (Oracle Adaptive Authentication Manager) to provide fraud protection.
 As part of SiteMinder integrations for applications working with Layer 7 on protecting APIs and worked on a
couple of projects with Layer 7 team to troubleshoot the issues for SiteMinder L-7 agents.
 Implementation of Password features (PTA, forgot password, Change Password) of SailPoint IIQ.
 Worked on digital certificates to create, renew and deploy the certs for various connections within the console.
 Documented the IT security and identity management environment to include processes.
  Troubleshooting skill set includes OKTA and related component logs along with the connectivity between the
components. Designed and implemented Identity IQ solution in configuring Active Directory, and Shared
Folders. Design complex exclusion rules, correlation, and data loading tasks in Identity IQ.
 Supports generating all kinds of reports and is extensively used in the workspace dashboards using RSA Archer.
 Tracks all the incidents that happened in all the stores and used for recovery and settlements using RSA Archer.
 Apply the latest PSU and one-off patches on Oracle FMW 11g & WebLogic Server. Used Form Models Concept
creating the Identity IQ objects like Quick links, Forms, Rules, and Custom Objects to design the workflows.
 Development and upkeep of documentation relating to the clients Azure Active Directory environments.
 Design correlation and data loading tasks in Identity IQ. Designed and deployed Identity & Access Management
solutions to improve user experience, meet compliance, and reduce costs.

United Health Group – Schaumburg, IL April 2014 – Dec 2016

IAM Engineer
 Developed a Joiner workflow to create an account for the New Hire in the AD, SailPoint and ServiceNow.
Configured and Implemented SailPoint Identity Now for cloud environments.
 Experienced on Cloud based Identity and Access Management Solutions like OKTA and PingOne.
 Evaluated IAM tools from the vendors like CA, IBM, Ping Federated, OKTA and ForgeRock products.
Implemented POCs using ForgeRock OpenAM and ForgeRock OpenIDM.
 In Responsible for the development of new features for the Identity Now cloud offering.
 Excellent knowledge of IDM user provisioning, de-provisioning, and User recertification. Worked in operations,
reporting, analytics, and end-user support on real-time issues and have extensive experience with the IIQ tool.
 Manage Active Directory accounts which involved creating, modifying and deleting users, groups, computers and
contacts for business involving. Set Up Active Directory Sites, Subnets & Site-Links to ensure network efficiency
and Monitoring the Active Directory Replication status and the health of the Domain Controllers.
 Created the SSL Certificates in Ping Federate and configured the certificates in the connections.
 Configured Ping Gateway to Authenticate the users and APIs through Ping Access and Ping Federate
 Created Stored Procedures, Functions, and Triggers. Involved in Application development by using connector
configurations like delimited, JDBC, and Active Directory.
 Experience with OAM (Oracle Access Management) SSO (Single Sign-on), ForgeRock Open AM &Open DJ.
 and deployed components on the Application server where Eclipse was used for component building.
 Worked on installing, configuring, and upgrading/migrating SailPoint IIQ IAM solution components.
 Proficient in creating and modifying workflows for implementing business flows. Extensive knowledge and skills
in maintaining an access management/SSO system in a large, complex organization.
 Integrated Oracle Internet Directory with Microsoft Active Directory and Sun Java System Directory Server and
integrated Oracle Virtual Directory with Enterprise User Security.
 Implemented CA Identity Manager Solution and Confidential Minder for workflow implementation, delegated
administration, provisioning, and generating audit reports to be consistent with the security regulations.
 Integrated SiteMinder with Ping Federate using OAuth token to bridge the SSO gap between applications
protected on either system.
 Used MongoDB to store data in JSON format and developed and tested many features of the dashboard using
Python, Bootstrap, CSS, and JavaScript.
 Production support experience in incident management, problem management, and change management for
SailPoint IIQ Identity Manager and Access Manager-related issues.
 Integrated OIM into Active Directory (AD), and Oracle Internet Directory (OID), and bulk-loaded all users from a
flat-file dump from their Source. Developed design and security documentation for SailPoint IIQ components.
 Developed/delivered multiple workshop formats for ForgeRock (PoC, Design/Discovery) establishing technical
leadership in the IAM space for ForgeRock.