Summary
Overview
Work History
Education
Skills
Timeline
Generic

SARTAJ SANDHU

Toronto

Summary

Professional with background in designing and implementing scalable Identity and Enterprise Security solutions. Skilled in cloud architecture, system integration, and software development. Focused on collaborating with teams to deliver results, adaptable to changing project needs. Known for strong problem-solving abilities and effective communication.

Overview

10
10
years of professional experience

Work History

Solution Architect

InfosecGlobal Inc
05.2023 - Current
  • Managed end-to-end software development life-cycle, from initial requirements gathering to post-implementation support and maintenance.
  • Improved solution efficiency by designing and implementing scalable architectures for enterprise clients.
  • Architected complex cryptography discovery solution with integration into multiple platforms
  • Deigned complex Identity solution with Next gen PDP frameworks like OPA
  • Designed and maintained cloud PKI integrations and solutions for cloud infrastructure
  • Facilitated integrations and adoption of new security frameworks and EDR solutions like crowdstrike and sentinel
  • Managed SOC2 compliance
  • Architected and built the SaaS platform for client on-boarding to crypto discovery product
  • Architected and designed key management practices and frameworks for compliance applicaitons
  • Facilitated seamless communication between technical teams and non-technical stakeholders by effectively translating complex concepts into understandable terms for all parties involved in projects.
  • Developed comprehensive documentation for solution design specifications, ensuring clear communication between stakeholders at all stages of project lifecycle.
  • Designed and Implemented solutions for true mTLS architecture.
  • Architected zero-trust service-to-service solutions for SaaS platform
  • Managed and designed complete product deployment and automation with robust CI/CD principles
  • Designed and updated employee SSO capabilities and introduced FIDO and device authentication
  • Provided technical leadership and mentoring for junior team members, fostering a supportive learning environment that promoted skill development and career growth.
  • Worked with customers or prospective customers to develop integrated solutions and lead detailed architectural dialogues to facilitate delivery of comprehensive solution.
  • Spearheaded the migration of legacy systems to modernized architecture, reducing operational expenses while increasing overall functionality.
  • Ensured data security and compliance by establishing robust information governance policies and procedures.
  • Presented roadmap and technology infrastructure to customers, demonstrating deep familiarity with APIs, platform infrastructure, security and integration capabilities.
  • Leveraged cloud technologies to optimize costs, improve scalability, and facilitate seamless integration across platforms.
  • Supervised deployments and provided troubleshooting and user support.
  • Collaborated with developers on creating user-friendly interfaces that simplified complex workflows within custom-built solutions.
  • Boosted team expertise through continuous training initiatives, fostering a culture of collaboration and knowledge sharing among colleagues.
  • Championed innovation by staying abreast of emerging technologies and incorporating relevant advancements into architectural designs.
  • Encouraged collaborative work environment, fostering open communication and teamwork among solution architects and developers.
  • Facilitated knowledge sharing sessions on architectural best practices, enhancing team skill sets and project execution capabilities.
  • Reduced system outages, proactively monitoring and upgrading infrastructure to prevent potential disruptions.
  • Achieved seamless migrations to cloud environments, meticulously planning and executing with minimal downtime.
  • Enhanced customer experiences by designing user-centric software solutions, focusing on usability and performance.

Lead Engineer

Target INC
06.2020 - 05.2023
  • Assist programs and mentor cross functional teams for program execution throughout product development lifecycle to ensure cyber objectives are met.
  • Lead Design and architect of complex Tokenization systems for PCI/PII data with over 48billion unique tokens.
  • Leads Design and maintenance of multi-tenant and Hybrid cloud Key/Vault systems.
  • Contributes and mentors engineers on configuring and managing PKI systems for a Hybrid Cloud Environment Developed and maintained cryptographic key encryption solutions for Enterprise consumption.
  • Expertise in cutting edge Identity and Access management technologies such as OPA, MTLS, SPIFEE, SPIRE.
  • Contributes to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations.
  • Lead security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations.
  • Develop and review test plans for cybersecurity key management adequacy.
  • Enforcing the design and implementation of trusted relations among external systems and architectures.
  • Implement security and anti-tamper controls into Links training and simulation solutions
  • Lead, advise, and educate engineers on cybersecurity and anti- tamper concepts and solutions.
  • Perform security evaluation of contractor developed hardware, software, documentation, testing, and document evaluation findings in reports and briefings.
  • Experience in working and managing vendor relations Performing system installation, configuration maintenance, account maintenance, signature maintenance, patch management, and troubleshooting of operational systems Performs certification and accreditations by reviewing documentation and providing recommendations for improvement.
  • Expertise in SRE principles.
  • Provide systems engineering specifically in Cybersecurity, Cryptography, Information Assurance (IA), and Risk Management Framework.
  • Provide testing support of cryptographic technologies and Prepare test cases, test scripts, test plans and procedures, data collection, for cybersecurity functions and encryption key management technologies.
  • Key contributor to provide security-as-a-service solutions. Experienced in DevSecOps principles and automation solutions like chef, puppet, Ansible.
  • Lead and direct efforts to rack and stack and install security equipment in any company location including enterprise data centers.
  • Support, Manage, and Define future strategy for Load Balancing technologies.
  • Led a team of engineers to deliver high-quality products on time and within budget constraints.
  • Collaborated with cross-functional teams to ensure seamless integration of new features into existing product lineups.
  • Developed and implemented preventive maintenance program covering systems.
  • Mentored junior engineers, contributing to their professional growth and overall team productivity.
  • Assessed scope and requirements to assist with project design determinations.
  • Enhanced product performance by streamlining design processes and implementing automation tools.
  • Championed continuous improvement initiatives within the engineering department, fostering a culture of innovation and collaboration.
  • Achieved cost savings by streamlining workflows, automating repetitive tasks, and reducing material waste across various projects.
  • Reduced production costs through optimizing manufacturing procedures and collaborating with supply chain management.

Middleware Engineer II

Paychex INC
12.2016 - 06.2020
  • Lead Infrastructure operations for enterprise applications.
  • Worked on setting up Infrastructure automation using CI/CD pipelines.
  • Created JDBC/JMS queue automation for Weblogic 11g and 12c using WLST and then migrating the automation over to a more robust ansible solution.
  • Setup Corporate SSO solution using CA Siteminder and Forefront and setting up policies and infrastructure.
  • Migrated and Upgraded old siteminder Infrastructure to 12.8 using Puppet build automation to provide HA and disaster recovery. New Policy servers can be spun up with automation in under 5mins to meet Enterprise DR requirements.
  • Responsible for PKI and Middleware automation project that was setup to allows for automatic web certificate creation and deployment to the target servers/Load Balancers.
  • Setup Python code to create a central repo for Enterprise root certs and wrote puppet automation to allow deployment of the same to all the target servers.
  • Worked on Setting up DR script to put ACL’s in place to allow for a smooth network transition of services.
  • Setup Ansible automation to configure GTM Pool member to Topology LB method.
  • Installed, Configured and maintained Coherence 12c (Extend and Web).
  • Installed, Configured and maintained RabbitMQ in the Infrastructure for certain applications.
  • Worked on setting up SAML Infrastructure for corporate logins to partner sites using ansible automation and YAML code to lay down middleware components.
  • Responsible for setting up Venafi in the enterprise to allow ease of creation of CA signed certs and managing them using APIs.
  • Installed, configured, deployed and maintain API gateway (CA Layer 7) middleware using Puppet and Ruby code for automation and Foreman environment.
  • Created automated OS patching script for all Middleware components using ansible playbooks.
  • Responsible for setting up automation using ansible to create F5 (LTM and GTM) endpoints and load balancers using API.
  • Created Proxy Automation for promoting Layer 7 policy across environments by creating custom ansible playbooks.
  • Setup IIS, Apache and Iplanet webservers using Puppet deployment and created automation to allow for use of CD principles for managing web proxies.
  • Created automated DNS solutions and helped migrate the enterprise DNS servers.
  • Worked on creating technical documentation and Turn over documents that adhere to middleware IT principles.
  • Lead automated disaster recovery efforts.
  • Responsible for maintaining Middleware

System Software Engineer

Globule-Tech LLC
02.2015 - 11.2016
  • Responsible for Integrating Single Sign On for Cloud Products Worked on Implementing SSO environment for Microsoft Office 365 Cloud users.
  • Responsible For Development of Active Directory Federation Services.
  • Responsible for Federating requests and creating SAML Partnerships for the incoming requests.
  • Worked on creating Web OTK policies on the API gateway for OAuth 2.0 SSO capability.
  • Automated API gateway policy deployment via Puppet to have consistency across environments.
  • Setup Session Conversion policies to allow for apps to trust sessions from different SSO solutions.
  • Installed, configured and maintained CA SiteMinder Policy serverS12.x, and CA DirectoryServer on Linux Platform. Configured CUSTOM AUTH Schemes for user authentication. Configured policy server for SiteMinder R 12.x for Load balancing, and failover configuration of the Policy store. Configured Siteminder policy server and CA Directory servers for multi hub architecture.
  • Experience in configuring and load testing CA Directory Server for session replication. Configured and integrated CA CPM services with Siteminder policy servers and CA Directory servers.
  • Implement Federation SAML1.0/2.0services to SSO into third party vendors like areba.
  • Worked extensively on creating Custom Authentication schemes as per the requirement. Expertise in Configuring CA SiteMinder policy server, creating agents, ACOs, Domains, Rules, Responses and Policies, Policy Server maintenance, SSO call clearance, Web Agent & Application server agent installations, trouble shooting in all the environments.
  • Worked on creating and configuring load testing scripts and monitors for Pre-productionand Production environments. Configured and managed Siteminder policy server cluster mechanism as per requirement.

Education

Masters - Computer Science

University Of South Florida
Tampa, FL
12.2014

Bachelors - Computer Science

VIT University
05.2013

Skills

  • Identity and Access Management
  • Identity Governance
  • Encryption-as-a-service
  • Cryptography and Secrets Management
  • PKI and Certificate Management
  • SIEM
  • Infrastructure Automation
  • Cloud Security
  • Enterprise architecture design
  • Performance optimization
  • Security and compliance
  • Stakeholder communication
  • DevOps implementation
  • Infrastructure automation
  • Identity provisioning
  • System integration planning
  • Architecture review
  • System and network security
  • Disaster recovery planning
  • Security management

Timeline

Solution Architect

InfosecGlobal Inc
05.2023 - Current

Lead Engineer

Target INC
06.2020 - 05.2023

Middleware Engineer II

Paychex INC
12.2016 - 06.2020

System Software Engineer

Globule-Tech LLC
02.2015 - 11.2016

Bachelors - Computer Science

VIT University

Masters - Computer Science

University Of South Florida

Similar Profiles

  • Om Agravat

    Om AgravatOm Agravat

    Inside Sales Representative at Hp IncInside Sales Representative at Hp Inc

  • Jamie Naundorf

    Jamie NaundorfJamie Naundorf

    E.N.G Technician at CTV National NewsE.N.G Technician at CTV National News

  • Sugandh Khajuria

    Sugandh KhajuriaSugandh Khajuria

    Senior IT Coordinator at Benefit Cosmetics Inc.Senior IT Coordinator at Benefit Cosmetics Inc.

  • Aarushi Sharma

    Aarushi SharmaAarushi Sharma

    Freelance, Senior Data Quality Specialist at CohereFreelance, Senior Data Quality Specialist at Cohere

  • Aswani Kumar Anumula

    Aswani Kumar AnumulaAswani Kumar Anumula

    Sr.SAP Solution Architect/Sr.SAP Data & Analytics Solution Architect/Senior Project Manager, Client Services at Sierra Digital IncSr.SAP Solution Architect/Sr.SAP Data & Analytics Solution Architect/Senior Project Manager, Client Services at Sierra Digital Inc

CREATE PROFILE