Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Harsha KENDYALA

Dallas,TX

Summary

Experienced IT professional with 13 years in software engineering and infrastructure management focused on single sign-on and federation technologies. Expertise in deploying and configuring PingFederate and Forgerock solutions in AWS and on-premises environments. Strong background in troubleshooting, system administration, and security process enhancement, leading teams and managing complex projects to achieve strategic goals.

Overview

16
16
years of professional experience
1
1
Certification

Work History

Director of Software Engineering - Technical & Delivery Lead for CIAM

JPMORGAN CHASE
Plano, Texas
05.2019 - Current
  • Identity & Access Management (Inbound/Outbound Federation, Application Security Token Service & Orchestration ) – Technical Lead & SME for Customer Authentication Platform.
  • Worked with Clients, Business patterns to onboard them to Inbound Federation,OIDC,OAuth2 for accessing internal resources.
  • Migrated SSO infrastructure to cloud (AWS), enhancing scalability and accessibility for user authentication.
  • Migrated all 80 HR applications from Siteminder to Pingfederate
  • Integrated Pingfederate with ForgeRock for Adaptive authentication.
  • Integrated Pingfederate with Transmit security for Adaptive authentication.
  • Designed & Developed Forgerock journeys for authentication based on Risk assessment.
  • Designed & Developed Transmit journeys for authentication based on Risk assessment.
  • Designed & Developed Custom Inbound Federation Adapters, Custom data store & Custom PCV’s for PingFederate.
  • Expanding PingFederate clusters with sub clustering and Adaptive clustering for each LOB.
  • Setup PingFederate clustered deployment for new LOB’s with High availability architecture
  • Automated Ping deployment and Upgrade to more than 100 servers in different clusters and sub clusters.
  • PingFederate upgrade from 9.0.4 to 9.3, 10 ,11.3 & 12.0.1
  • Deploying Transmit Security in OnPrem DC with complete Automation
  • Deploying ForgeRock on AWS & OnPrem DC with complete Automation
  • Customized OIDC solution to support external clients accessing Internal APIs
  • Implemented OAuth solutions using 2 legged & 3 legged patterns
  • Implemented PingFederate->Transmit Integration using OAuth flow for Adaptive Authentication
  • Design & Implemented Custom solution for SiteMinder cookies to OAuth token translation for API's
  • Design & Implemented Custom solution for Legacy IDP cookies to OAuth token translation for API's
  • Design & implemented custom solution for OAuth 2 legged flow using custom datastore for external clients
  • Design & Implemented solution for OAuth 2-legged flow using custom PCV for external clients
  • Established guidelines for OpenID policy
  • Designed IDP mapping process
  • Implemented resource owner mapping
  • Drafted OAuth policies for compliance
  • Utilized JWT Bearer Assertion Grant effectively
  • Applied various OAuth grant types
  • Authorization code
  • Client Credentials
  • Resource Owner Credentials
  • Implicit
  • PCKE
  • Refresh Token
  • Customized solution to support Single Sign-On between SiteMinder, Legacy IDP and PingFederate and SSO on between different domains within Enterprise.
  • Integrated Ping with external logins using LinkedIn Cloud Identity Connector where Ping acts as SP
  • Identity store Migration from Legacy Identity store to ADLDS
  • Meeting with Business, Product & Program team to align with company’s roadmap and business needs.
  • Managed ADLDS project, ensuring successful completion and decommissioning of legacy identity store.
  • Planning & Requirements – Business, Technical & Compliance.
  • Finalizing requirements and execution
  • Migrated user data and entitlements from legacy systems to ADLDS, facilitating improved access management.
  • Migrating Application from legacy IDP to PingFederate using OIDC
  • Led software development teams to deliver high-quality applications efficiently.
  • Collaborated with cross-functional teams to define project goals and requirements.
  • Implemented best practices for software engineering processes and methodologies.
  • Mentored junior engineers to enhance their technical skills and knowledge.
  • Evaluated new technologies to drive innovation within the software development lifecycle.
  • Identified potential areas for automation or streamlining existing processes and procedures related to software development lifecycle.
  • Analyzed user requirements and developed detailed specifications for project plans.
  • Monitored progress of multiple concurrent projects ensuring that deadlines were met without compromising quality or functionality.
  • Collaborated with product owners and business analysts to define scope of work, timeline estimates, resource needs. for upcoming projects.

Technical Lead

CAPITALONE SERVICES LLC
Plano, Texas
07.2015 - 05.2019
  • Identity & Access Management (Single Sign On & MFA) – Technical Lead & SME.
  • Migrated SSO Infrastructure from On Premise to AWS Cloud.
  • Implemented PingID multi-factor authentication with biometrics for Google, Workday, VPN, CyberArk, Centrify, AWS Cloud, Amazon Connect, ServiceNow, and various internal applications, enhancing security across platforms.
  • Implemented Single Sing on functionalities to Air Watch Browser, seamless login on Mobile devices
  • Implemented Device Certificate Authentication for Office 365, Slack and other internal applications.
  • Designed and developed custom PCV MFA for registration and custom adapters, streamlining the multi-factor authentication process.
  • Implemented SSO & MFA for Google suite, Workday, AWS & Privileged applications in Pingfederate
  • Implemented MFA for Azure & Hybrid joined devices and Domain Joined devices in Pingfederate
  • Implemented Outbound SCIM provisioning for Slack.
  • Coordinating with multiple partners to Implement inbound and outbound SAML Federation (IdP & SP)
  • Successfully upgraded PingFederate version from 8.3.2 to 9.2.
  • Implemented PingID Multifactor authentication and Radius authentication
  • Implemented Offline PingID MFA.
  • POC on Ping DAVINCI for MFA registration portal.
  • Designed, Implemented and Setup Infrastructure for consuming MFA logs from vendor.
  • Setting up AWS Infrastructure for receiving PingID logs for vendor and created dashboards to monitor user activity and attacks.
  • Setting up Self-service portal for SSO Onboarding
  • Setting up Internal MFA registration portal for PingID self-service.
  • Implemented Monitoring for SSO environments, Logging of SSO logs in to other application and custom user log reports.
  • Setting up Monitoring, Metrics and Logging dashboards for SSO environments for Server health, User activity & Admin activities.
  • Worked with application FluentD, Logstash, NewRelic, Datadog, PagerDuty & Kibana for Monitoring.
  • Migrated more than 400 applications to SSO & Built custom solutions for most applications.
  • Utilized OGNL expressions for data manipulation in applications.
  • Designed and Implemented solution to register 40k users to PingID for MFA.
  • Implemented SLO (Single Logout)
  • Migrated Capital One internal and external applications from Get Access SSO to PingFederate SSO solution.
  • Involved in SAML Federation and Agent/ plugin-based Authentication brokerage.
  • Coordinate and conduct working session on integration kit method integration that runs on IIS, Apache and Tomcat servers.
  • Setting up Ping Access in clustered environments and configuring Ping federate as client.
  • Worked with various supporting teams in setting up the Ping infrastructure for both Production and failover environments.
  • Wrote technical implementation steps for changes performed on the Ping server to support Capital One applications.
  • Create and coordinate Change Orders for the production changes.
  • Followed Kanban, Agile concepts and used Version One tool for updating the Sprint, stories and tasks. Made sure the tasks are completed with the same Sprint.
  • Performed backup of the server logs and maintained the servers under 80% capacity thresholds.
  • Meet with various business and application teams, collaborated with them to move their application to PingFederate SSO.
  • Assisted and mentored new joinees in my team and also supported L2 team in fixing end user tickets.
  • Developed technology operations guide, contingency plan, and daily health check validation plan to ensure operational continuity and efficiency.
  • Managing workflows in COF and Servicing applications.
  • Performing system maintenance activities.
  • Production application support, diagnosing and resolving issues, and evaluating and recommending options for improving performance, Monitoring and supporting the production environment.
  • Working with External teams (QA/INT Testing) to support environment issues and solving them accordingly to SLA’s.
  • Understanding product functionality and working to meet customer requirements.
  • Documented project details and implemented necessary changes.
  • Function as a technical expert in problem resolution for SSO infrastructure hardware and software issues 24x7 on-call rotation responsibilities.
  • Release management and Deployment support
  • Enhancements Analysis and Design and Defects Analysis
  • Defects Management and document reviews
  • Customer Presentation and trainings

SR SYSTEM ADMIN

IQSOFTECH
05.2010 - 12.2013
  • Supported middleware applications on Web Logic Server 10.x/11g, Apache 2.2 and perform tasks such as configuration, monitoring, Production Support, Outage management, incident/problem management.
  • Performed troubleshooting of the Production issues raised by business and IT application user through remedy tickets.
  • Involved in installing and configuring Weblogic Application Server 11g on RHEL 5 (Tikanga) and RHEL 6(Santiago).
  • Played an active role resolving the environment issues, handling Incident management/ Problem management being part Level 2 Support team.
  • Strong Production support experience with issue management, outage management, communication root cause analysis, monitoring and resolving the issues.
  • Coordinated production issues with several teams like UNIX, Network, Database, Infrastructure and Application teams and helped them in resolving the issues.
  • Created Startup and Shutdown for Admins as well as Managed servers.
  • Invoked and authored WLST script that invokes in turn node manager to stop/start clusters/instances.
  • Configure and administered Connection pools for JDBC connections
  • Documented installation guides, SSL configuration guide, Proxy- plug-in guide in production.
  • Configuration, Tuning and Administration of Weblogic V 10.x.
  • Deploying WAR, EAR, JAR applications in Clustered and Non-Clustered environments.
  • Deployed applications and portlets on to portal applications
  • Involved in Pre-Deployment and Deployment activities across all environments Dev, QA, Stage and Production.
  • Installed and configured apache to act as a proxy server to serve various applications.
  • Used WLST to check the status of Weblogic Servers and application status.
  • Understanding the business requirements and attending the specification meetings/QA meetings and release meetings.
  • Maintaining Subversion trunk and branches. Responsible for maintaining user and admin accounts.
  • SSL Certificate creation and renewing the Certs before the expiration timeline using Keytool.
  • Performed day-to-day tasks to ensure the smooth and efficient operations of the WebLogic run time environment including troubleshooting, system backup and recovery.
  • Installed and configured Jboss 4.2/5.0 on different environments like Dev, Test, QA and Production.
  • Performed Weblogic server 8.1.6/9.2/10.3 tasks such as installation, configuration, monitoring and performance tuning on Sun Solaris 8/10, Windows and Linux RHEL 4/5 platforms.
  • Installed and Configured Apache Tomcat 6.0 application servers on various environments like Dev, Test, Perf and Production.
  • Created and managed Weblogic Domains and Node Manager using config wizard and WLST.
  • Configured JDBC Connection Pools/Multi Pools/Data Sources with backend databases: Oracle 9i/10g.
  • Deployment and troubleshooting of JAR, WAR, and EAR files on both stand alone and clustered environment in Jboss 4.2/5.0, Weblogic 8.x/9.x/10.x and Apache tomcat 6.0.
  • Monitoring error logs, JVM heap size & Perm size, stuck Threads and tuning parameters using WLDF for optimization of Weblogic Server.
  • Dealt with issues like Application Deadlock, High CPU, Server Hang-up and profiling the memory with third party tools like Jprobe, HP OVO and Optimize IT.
  • Configured and setup Secure Sockets Layers (SSL) for data encryption and client authentication.
  • Configured BIG IP F5 Load Balancer for load sharing.
  • Root Cause Analysis RCA: Specialized in analyzing thread dumps, core dumps, server hang conditions, and high CPU utilization conditions for finding the root cause.
  • Worked closely with network team and SSO - Single Sign On team while shaking down the upgraded Test and Production environments.
  • Involved in doing a performance benchmark of Weblogic server by using Load Runner.
  • Involved in Weblogic 8.x/9.x/10.x patches and service packs upgrade.
  • Involved in up-gradation of Weblogic 8.1 to Weblogic 10.3 and migration of Weblogic 8.1 to Jboss 5.0.
  • Worked with Business activity monitoring (BAM), Oracle Business Process Management, and Oracle Security and Oracle Web Center Integration, installation/configuration.
  • Developed Startup, Shutdown scripts to bounce the Weblogic server.
  • Documented the issues, migration and upgraded patches for Weblogic servers and web servers.
  • Involved with the development team in trouble shooting and fixing day-to-day problems of the applications in production environment.
  • Installation, setup and configuration of RHEL, OEL4/5
  • Resolved performance issues by taking java thread dumps and analyzing the dump files to resolve the performance issues.
  • Monitoring application performance using Wily Intrascope. Setting up Intrascope to alert for various metrics (CPU, heap, threads).
  • Developed UNIX shell scripts and WLST scripts to start/stop admin and managed servers and to deploy different applications like .war or .ear files
  • Created Korn Shell scripts to automate cron jobs and system maintenance. Scheduled cron jobs for job automation.
  • Installed, Implemented and maintained SOA architecture.
  • Configured clustering of multiple SOA Application Server instances and http server load balancing.
  • Provided 24x7 on call production support.
  • Worked closely with development team to troubleshoot ongoing issues in applications.
  • Created scripts to deploy applications from command line and automate log archiving.
  • Bangalore,INDIA

Education

Master’s - computer science

University of Illinois
Springfield, IL

Bachelor’s - computer science

JNTU
Hyderabad, India

Skills

  • Access management
  • Single sign-on
  • Adaptive authentication
  • Cybersecurity best practices
  • Software architecture
  • Custom development
  • Performance optimization
  • Project management
  • Strategic planning
  • Technical leadership
  • Team leadership
  • Problem solving

Certification

  • Ping Identity Certified Professional, PingFederate
  • Certified Information Security Manager, CISM
  • CompTIA Advanced Security Practitioner, CASP
  • AWS Certified Solution Architect, Professional
  • AWS Certified Security, Specialty

Timeline

Director of Software Engineering - Technical & Delivery Lead for CIAM

JPMORGAN CHASE
05.2019 - Current

Technical Lead

CAPITALONE SERVICES LLC
07.2015 - 05.2019

SR SYSTEM ADMIN

IQSOFTECH
05.2010 - 12.2013

Master’s - computer science

University of Illinois

Bachelor’s - computer science

JNTU

Similar Profiles

CREATE PROFILE
Harsha KENDYALA