Summary
Overview
Work History
Education
Skills
Personal Email
Current Work Email
Previous Work Email
Timeline
Generic

DINESH GADE

Manalapan,NJ

Summary

Around 8+ years of experience in Information Technology, which includes demonstrated work experience in design, development, testing and implementation of enterprise-wide security applications using CA SiteMinder, PingFederate, Ping Access, Ping Directory, CA Directory, Active Directory on Windows, Unix, and Linux. Experienced in Cloud based Identity and Access Management Solutions like OKTA and Ping One. Experienced in installing PingFederate and Ping Access on both Linux (RHEL) and Windows Platform. Experienced in upgrading of PingFederate from 7.3-10.1; Ping Access from 4.0-6.0. Experienced in creating Polices using selectors in PingFederate to accomplish various business requirements. Experienced in deploying Ping Federate on dockers. Experienced in configuring application in Ping One and creating policies on Ping One docker for applications. Experienced in protecting application using Ping Access; Rate Limiting; Step-up legacy applications from HTTP to HTTPS; creating reverse proxy for applications. Experienced in SAML based authentication using SAML 2.0, WS-Fed. Experienced in writing OGNL expression to meet the vendor requirement for SAML Assertion and experienced in restricting the access for certain users by writing OGNL expression in the Issuance criteria. Worked on OAUTH grant types to get the access token to access the protected API. Supported development with integration of Mobile Apps using OAuth/SAML in PingFederate. Experienced on application configuration with Ping Access and defining Ping Access Sites, Site Authenticators, Virtual hosts, Policies and Rules. Experienced in performance testing the Ping Engine servers depending on the min and max threads, depending on that we used to scale the number of engine servers per cluster. Experienced in installing, configuring SiteMinder policy servers, Web agents, Web Agent Option Packs, Secure Proxy servers and various Web & Application servers on Multiple platforms like Windows, UNIX (Solaris), RHEL. Experienced in debugging of authentication/authorization related issues and creating Rules, Responses, Realms, and Policies in SiteMinder. Configured CA SiteMinder System objects like Agents, Agent Conf Objects, Host Conf Objects, User Directories, Domains, Administrators and Schemas. Integrated RSA as MFA in the SiteMinder for high critical applications. Good understanding of Web Technologies like HTTP Protocol, fiddler, SAML Trace, HTML, Web-Form encoding. Installed and configured web agents on IIS, Apache, Sun Java System/I Planet web servers on Multiple Platforms. Experience in implementing Federated SSO (FSSO) with PingFederate which easily integrates with applications across the enterprise, third-party authentication sources, diverse user directories and existing IAM systems, all while supporting current and past versions of identity standards like OAuth, OpenID Connect, SAML and WS-Federation. Experience in implementing WSSO authentication for all the internal and external web applications. Designed, deployed and supported highly available and scalable Ping Federate infrastructure/n AWS and On-premise that provides single-sign-on (SS0) and federation solutions for internal accesses. Hands on experience in creating EC2 instances using AMIS including Amazon Linux 2,/Ubuntu, RHEL, and Windows and bootstrap instances, secure instances using AWS KMS keys, security groups, etc.

Overview

9
9
years of professional experience

Work History

Ping Engineer

Fiserv
08.2022 - Current
  • Designing and implementing internal and external applications integration with PingFederate (SAML/OIDC/Oauth.)/ Ping Access (Site/Agent) /PingID / PingONE (Auth/Worker Apps) / Ping Directory / PingOne Davinci in multiple Clusters / Environments
  • Due to the merger of a two different company’s (First data/Fiserv) , worked on seamless migration of the organization's identity infrastructure from Okta to Ping Identity, ensuring minimal disruption to user access and application functionality
  • Implemented and configured Ping Identity solutions to replicate and enhance the functionality previously provided by Okta, tailoring configurations to align with business requirements
  • Managed the migration of user accounts, groups, and entitlements, ensuring data integrity and maintaining a smooth transition for end-users across various applications and services
  • Implementation of fully API based SSO architecture for Ping Protocol’s and creating a portal based on the environment, which accomplishes end applications integration with SSO easier
  • Worked on building an API/Self registration based self service for clients to provision the external users and providing multiple MFA solutions for the external users
  • Engineered and administered Splunk deployment, playing a pivotal role in establishing a centralized log management system that streamlined log ingestion and analysis for multiple applications and services
  • Conducted in-depth performance analysis using Dynatrace's APM (Application Performance Monitoring) capabilities, identifying bottlenecks, resource constraints, and areas for optimization in both development and production environments
  • Worked on POSTMAN to generate access tokens and ID tokens for Auth and help application teams trou errors
  • Worked on incidents and day-to-day issues as part of Business as usual works
  • Worked with many big clients and involved with them on recurring calls for regular integrations
  • Worked on the building complex OGNL expressions for customizing the attributes to meet the client requirement and such criteria’s such as Fetching multiple groups / Boolean Expressions / Scripting
  • Successfully executed a Proof of Concept (PoC) for integrating PingOne DaVinci into the organization's identity and access management ecosystem
  • Troubleshooting the issues occurred during the development of test environments
  • Involved extensively in the production support calls to resolve the issues occurred in production to avoid the downtime for the end users
  • Resolved complex access-related issues promptly, using logs (Splunk) and monitoring tools (Dynatrace / Moog Soft) to diagnose and troubleshoot issues, ensuring minimal impact on business operations.

IAM Developer

Procter & Gamble
10.2021 - 08.2022
  • Provide solution to business on how to integrate applications leveraging enterprise SSO using CA SSO, SPS, Ping Access, PingFederate to provide better web and API (web services) security to application users in a gateway or agent model
  • Working on all the PingFederate supported standards like SAML protocols, WS-FED, OAUTH, OIDC, WS-Trust and implemented SCIM integrations for inbound and outbound provisioning
  • Worked on configuring the domains, User Directories, Rules, Realms and Policies
  • Configured the end-to-end process for all the OAuth and SAML supported applications
  • Upgraded Internal and External Ping access in all environments (DEV/QA/PROD) from 5.3 to 7.0.2
  • Worked on fixing the vulnerabilities, Missing Patches in all the nodes for Ping access and Ping Federate
  • Worked on the OGNL expressions for customizing the attributes to meet the Vendor requirement and OGNL is used to restrict the user access for accessing the applications
  • Developer custom Ping Federate adapters and Ping Federate custom data source drivers using Ping Federate Java SDK (IDPAuthenticationAdapterV2/ Custom Data source Driver/ Password Credential Validator
  • Worked on Ping Access installation and configured with Ping Federate to authenticate and authorize the users for both Web and API based applications
  • Created custom templates as per the requirement for the adapters
  • Designing and implementing internal and external applications integration with PingFederate/Ping Access/PingID in DEV/QA/PROD
  • Worked on Ping Access POC to migrate applications from SiteMinder to Ping Access
  • Integrated Ping Access with Ping Federate Servers to authenticate using custom adapters
  • Initiating alarms in CloudWatch service for monitoring the server's performance, CPU Utilization, disk usage etc
  • To take recommended actions for better performance
  • Creating and managing application integrations for identify and access management
  • Having Experience of Creating conditional Access policies Multifactor authentication (MFA), Resetting MFA and Resolving the MFA issues
  • Configured and deploying Scheduled Tasks, developing process forms and child forms and doing customizations in connector configurations using design console
  • Implemented AWS solutions using EC2, S3, RDS, EBS, Elastic Load Balancer, Auto scaling groups
  • Provided support to L2 team for all the complex RITM/INC/PRB tickets, and involved extensively in the support calls to resolve the issues occurred in PROD/QA(Ping Federate and Ping Access) to avoid the downtime for the end users
  • Used tools like Cloud watch for automated logs and Putty (Linux) for manual log search and other tools like SAML Tracer, SAML Decoder, Fiddler, Wireshark, Jwt.io, Postman, Developer tools in Browser, for troubleshooting.

Authentication Engineer

JPMC
01.2020 - 10.2021
  • Experience in various security aspects such as access control, authorization, identification and authentication, public key infrastructure (PKI), network, and enterprise security architecture
  • Work with business / end client to gather requirements for integration and create documentations related to on-boarding
  • Worked on setting up Ping Infrastructure to support High availability and Disaster recover
  • Worked on multiple OAuth and OIDC integrations supporting various grant types
  • Customized Ping Federate adapter to accept access token and provide SiteMinder session using token translators
  • Plan a migration strategy for each application depending on complexity involved in architecture to move from SiteMinder SSO architecture to Ping Access architecture
  • Document all relevant technical aspects of migrations such as policy changes, code changes, status of migration, application pre-requisites etc
  • As required
  • Work on installation, configuration and troubleshooting of Ping Access agents on web servers for SSO
  • Assist application teams during the migration phase by educating about the changes required with policies, and resolving issues related to SSO
  • Analyze and document SiteMinder authorization and authentication policies of all applications in current SSO infrastructure to facilitate a smooth migration to Ping Access
  • Modify existing or design new architecture for the applications integrating with enterprise SSO for a better experience to the end users
  • Monitor the performance of Ping Access systems and fine tune as required and provide support for Ping Access SSO solution for high availability
  • Integrate, configure and troubleshoot web agents to protect and manage resources with Site Minder policy server and assist application teams in resolving any SSO issues
  • Experience in integrating applications based on the network zones
  • Experience in installing SiteMinder in high available clustered environment and constantly monitor using one view monitor for performance
  • Installed and configured one view monitor for CA Site Minder performance review
  • Support production environment for resolving the high severity tickets incompliance with SLA's
  • Configured CA Wily Enterprise Monitoring tool against Apache Webserver, WebLogic Server and Policy Servers
  • Work with application teams to configure different kinds web servers to integrate with Site Minder SSO plug-in
  • Integrate applications to secure with Site Minder Policy Server and implement disparate authentication and authorization for applications
  • Work with applications for SAML integrations using PingFederate infrastructure, a federated SAML based SSO solutions, for both IDP initiated, and SP initiated (Inbound/Outbound) SAML requests
  • Experience in writing shell script to automate processes
  • Experience in integrating API with Layer 7 Gateway leveraging enterprise SSO architecture, to provide single sign on solutions for APIs/ web services
  • Experience in generating Federated SSO (FSS0) in PingFederate which easily integrates with applications across the enterprise, third-party authentication sources, diverse user directories and existing IAM systems, all while supporting current and past versions of identity standards like OAuth, OpenID Connect, SAML and WS-Federation
  • Experience in implementing WSSO authentication for all the internal and external web applications.

Sr. Sec Engineer

State of NY
01.2019 - 12.2019
  • Built PingFederate and Ping Access in Dev, Stage and Prod, integrated all the PingFederate environments with the Ping One and PingID for MFA
  • Created reverse proxy for legacy applications and protecting applications using the Ping Access
  • Created SP/IDP connections using PingFederate with external partners via metadata.xml, URL’s files and Manual connections
  • Hosted all applications on Ping One dock with PingFederate as authenticating source, customizations on Ping One are made according to the business requirement
  • Worked on different selectors like CIDR (For distinguishing intranet and internet traffic), Connection Set selector for bundling the applications, HTTP Header Authentication selector to know from which browser is user is accessing the application, HTTP Request Parameter Authentication Selector for to request Pram and AuthNRequest (For OAuth clients and for some use cases for the Ping Access)
  • Worked on writing different policies on PingFederate for fulfilling different business use cases
  • Worked on PingID for triggering MFA for sensitive applications; depending on where the user is accessing MFA is triggered
  • Supported development with integration of Mobile Apps using OAuth/OIDC in PingFederate
  • Experience in troubleshoot using SAML Tracer, Fiddler tools to identify the errors from Server log files and jwt for OAuth token troubleshooting
  • Worked on Ping Access Gateway to take the Application traffic directly using Virtual Hosts and redirecting back to the application with Ping Access Token
  • Worked on configuration of Ping Access as Proxy Gateway to protect the application without exposing the application URL to the end users
  • PingFederate and Ping Access Performance tuning is done to handle the user-traffic
  • Documented user error stories and their resolution
  • Assisted in updating the production incident reports and submitting a summary to management each month.

Sr. IAM SSO Engineer

Sony
04.2018 - 12.2018
  • Working on federation single sign on between third party vendors making both inbound and outbound calls security exchanging the attributes in SAML both as identity and service provider
  • Worked on Ping One where all the applications are placed in the docker, authentication call will be redirected to Federate server and depending upon the applications policies will be triggered
  • Working on PingID for MFA authentication
  • Worked on protecting PingFederate with Ping Access; enabled sticky sessions on the Ping Access so that transaction will be served to the same Federate server
  • Worked on creating reverse Proxy for the applications, rewriting the headers, rate limiting, step up from HTTP to HTTPS
  • Worked on application configuration with Ping Access and defining Ping Access Sites, Virtual hosts, Policies and Rules
  • Deployed several PingFederate integration kits for Coreblox, Agentless, IWA etc., to establish the 'first- and last-mile' implementation of a federated-identity
  • Implemented OAUTH using different Grant Types to get the Access token and access the protected Restful API's
  • Worked on ROPC Grant Type to fetch the Access Token for Native Mobile Applications to call the third-party API's
  • Worked on ID Token to get the user information using user info endpoint and send as part of scope along with Access Token
  • Migrated SAML Based SSO partners from Ping Federate 7.x to Ping Federate 8.x
  • And 8.x to 9.1.4
  • Experienced with multiple Ping Federate adapters like HTTP Adapter, Open Token adapter and Composite adapters
  • Worked on Token Generator and Token Processor to establish a connection between two web services from different Enterprises and Ping Access and JWT tokens to authenticate the user using PingFederate.

SiteMinder Admin

Value Soft Solutions
07.2015 - 12.2017
  • Integrated many applications in Policy server by creating new policies
  • Installed and configured various web agents in accordance with the web servers involved both on Windows and Unix
  • Implemented password policies for all the applications using SiteMinder
  • Created policies, realms, rules, and responses to protect the applications and configure them to work under the SSO environment
  • Configured load balancing and failover mechanisms for various SiteMinder components in different environments
  • Configured multi-master replication setup in the production environment across multiple data centers
  • Configuring User Authentication Stores and Policy Authorization Stores on LDAP
  • Installed and configured Web agents on IIS Web Server, IHS Web Server
  • Worked on fetching the LDAP attributes from multiple data sources
  • Worked on WS-Trust Federation which is used to provide SSO between web services using STR
  • Experienced in Token Generator and Token validator as part of STR and RSTR
  • Involved in Signing the SAML using digital certificates
  • Worked on SAML Encryption and Decryption for certain financial clients
  • Involved in Upgrading the SiteMinder Policy Server version from 6.0sp5 to R12
  • Installed and configured Oracle WebSphere and Worked on bridge between SiteMinder Policy Server and WebSphere.

Education

Master of Science - Computer Science And Programming

Sacred Heart University
Fairfield, CT
09.2019

Skills

  • Java
  • C/C
  • Java Script
  • Html
  • CSS
  • Shell Scripting
  • Python
  • PHP
  • Dynatrace
  • Splunk
  • Postman
  • Grafana
  • Wily
  • One View
  • Wireshark
  • SAML tracer
  • Cloud Watch
  • IntelliJ
  • Eclipse
  • Visual Studio
  • WinSCP
  • Windows 2012 R2
  • 2008
  • RHEL 6
  • RHEL 7
  • Sun Solaris

Personal Email

dineshiamdeveloper@gmail.com

Current Work Email

Dinesh.gade@fiserv.com

Previous Work Email

gade.dg@pg.com

Timeline

Ping Engineer

Fiserv
08.2022 - Current

IAM Developer

Procter & Gamble
10.2021 - 08.2022

Authentication Engineer

JPMC
01.2020 - 10.2021

Sr. Sec Engineer

State of NY
01.2019 - 12.2019

Sr. IAM SSO Engineer

Sony
04.2018 - 12.2018

SiteMinder Admin

Value Soft Solutions
07.2015 - 12.2017

Master of Science - Computer Science And Programming

Sacred Heart University

Similar Profiles

CREATE PROFILE
DINESH GADE