Summary
Overview
Work History
Education
Skills
Accomplishments
Websites
Timeline
Generic

Suman Gajjala

Leander,TX

Summary

Results-driven Sr Software IAM Engineer at VISA, with expertise in integrating SAML and OAuth protocols to enhance security compliance. Led a successful migration to ForgeRock AM 6.0, achieving a seamless transition without business disruption. Strong analytical and problem-solving skills foster the implementation of effective IAM solutions that improve user experiences across enterprise applications. Proven track record in leading teams to meet project deadlines while significantly enhancing operational efficiency and reducing costs.

Overview

17
17
years of professional experience

Work History

Sr Software IAM Engineer

VISA
Austin
09.2019 - 04.2025
  • Promoted from Software Engineer to Senior Software IAM Engineer
  • Led the upgrade of ForgeRock IAM platform from version 13.x to AM 6.0, including design, installation, and validation of all custom authentication and authorization use cases.
  • Set up and configured a parallel environment for ForgeRock AM 6.0, using OpenDJ for config and CTS stores and ODSEE LDAP as the user store to ensure compatibility during migration.
  • Designed and implemented key IAM components in AM 6.0, including Realms, Policy Sets, Authentication Modules, Trees, and Agents, aligning with security and business requirements.
  • Developed and integrated Multi-Factor Authentication (MFA) mechanisms (SMS, Corporate Email, ActivID HID, Mobile Authenticator) to support flexible and secure access.
  • Built a Co-Existence model to maintain SSO functionality between ForgeRock 13.x and AM 6.0 during migration, addressing cross-domain cookie limitations.
  • Collaborated with vendors to fine-tune ForgeRock configuration and policy settings, resulting in improved application performance, reduced latency, and enhanced user experience.
  • Successfully migrated all agent-based and SAML-based applications from ForgeRock 13.x to AM 6.0 and later upgraded to AM 7.x, ensuring zero business disruption.
  • Migrated user store from ODSEE LDAP to ForgeRock OpenDS, modernizing and simplifying directory services.
  • Planned and executed WebAgent upgrade from version 4.x to 5.x for over 250+ enterprise applications.
  • Integrated ForgeRock Policy and Agent creation with a custom-built enrollment platform, centralizing Identity services and automating user data workflows.
  • Served as JIRA Project Owner for B2B IAM, managing project scope, backlog, status tracking, and aligning deliverables with business and security needs.
  • Led requirements gathering and onboarding for new application integrations; collaborated with cross-functional teams and stakeholders to deliver secure IAM solutions.
  • Addressed security vulnerabilities and audit findings, ensuring timely remediation within defined compliance windows to maintain a strong security posture and meet regulatory requirements.
  • Integrated internal and SaaS-based applications using SAML 2.0, OAuth 2.0, and OpenID Connect protocols, enabling modern federated access.
  • Installed and configured Java Policy Agents for Tomcat-deployed applications to enforce access policies and improve runtime security.

Software engineer IAM Engineer

VISA
Austin
12.2014 - 09.2019
  • Maintained and supported the existing CA SiteMinder platform, including onboarding new applications and troubleshooting authentication and policy issues.
  • Addressed and remediated security vulnerabilities and findings within the risk remediation dashboard (RRD), ensuring platform compliance with security standards.
  • Integrated ActivID HID with SiteMinder using RADIUS protocol to implement Multi-Factor Authentication (MFA) for enhanced security across critical applications.
  • Led a proof of concept (PoC) for transitioning from SiteMinder to ForgeRock OpenAM, validating custom use cases and assessing feasibility across enterprise systems.
  • Designed and implemented the installation setup for the ForgeRock 13.X stack, including components like OpenAM, OpenDJ, and CTS Store.
  • Designed and implemented Realms, Policy Sets, Authentication Modules, Authentication Chains, and Agents in ForgeRock OpenAM 13.X, enabling secure and scalable access management across enterprise applications.
  • Architected and engineered the migration strategy to transition all applications from SiteMinder to ForgeRock, ensuring minimal downtime and seamless user experience.
  • Developed a Co-Existence (Co-Ex) strategy to enable Single Sign-On (SSO) between SiteMinder and ForgeRock-based applications across different cookie domains during phased migration.
  • Successfully migrated all SAML-based applications from SiteMinder to ForgeRock IAM, enhancing federation capabilities and modernizing the IAM infrastructure.
  • Developed a Java-based Single Page Application (SPA) to streamline the creation and modification of OpenAM policies, including Resource Types, Policy Sets, and Agents, enhancing administrative efficiency and reducing manual errors.

V.ME DEVOPS (Siteminder Consultant)

Visa-INC
Foster City, CA
02.2013 - 12.2014
  • Company Overview: Foster City, CA
  • Working as a Security Consultant providing design, engineering and support for Digital Wallet platform.
  • Designed and engineered IAM solutions using CA Siteminder R12 and CA LDAP for authentication & authorization.
  • Developed user authentication policies and configured Siteminder modules (APS, KBAuth).
  • Led CA LDAP schema design and integrated DMS API for user provisioning.
  • Conducted POCs for R12.52 CR01 and upgraded Siteminder policy server & CA Directory.
  • Implemented SSO across cross-domains using SmMakeCookie.
  • Supported penetration testing and optimized IAM performance.
  • Automated Siteminder deployment using Jenkins & SVN.
  • Configured SiteMinder as both Service Provider & Identity Provider.
  • Implemented Adaptive Authentication (Step-Up) and Advanced Password Services (APS).
  • Provided 24/7 support and collaborated with application teams for SSO integration.
  • Foster City, CA
  • Environment: CA Siteminder R12.x, CA LDAP 12 sp6, Apache 2.2, Tomcat 6.0, Vfabric Webserver, TC-Server.

Sky-Harbor

State Farm
Bloomington, IL
10.2012 - 02.2013
  • Managed LDAP & Siteminder administration and led infrastructure migration planning.
  • Designed replication & backup strategies across multiple environments.
  • Configured VDS Aggregation & Sync servers and updated Puppet profiles.
  • Developed custom bulk actions for user attribute management.
  • Involved in RBAC design and IAM troubleshooting using Splunk.
  • Managed SSO authentication & authorization for multiple applications.
  • Installed & maintained Sun One LDAP, including data imports, exports, and replication.
  • Environment: Oracle IDM 11gr1, LDAP, VDS, CA SiteMinder 6.0, Ping Federation, WebLogic 6, iPlanet 6, Windows 2003\2008 servers, Red hat Linux.

web service security

Merrill Lynch\Bank Of America
Hopewell, NJ
01.2008 - 10.2012
  • Company Overview: Hopewell, NJ
  • Led IAM infrastructure upgrades & migrations for Siteminder 5.5 → 6.0 → R12.
  • Implemented RBAC and self-service workflows for authentication & access approvals.
  • Configured Siteminder policy servers, agents, authentication schemes, and SSO policies.
  • Integrated PingFederate with Siteminder as an IDP for SAML-based federation.
  • Designed cross-domain SSO solutions and implemented custom authentication schemes using Siteminder SDK.
  • Installed & configured Siteminder Federation Security Services on JBoss & Tomcat.
  • Deployed certificates (SmKeyDatabase) for federated applications and managed security certs for web servers.
  • Managed LDAP replication & troubleshooting, including ADAM & Sun One LDAP.
  • Provided 24/7 production support and IAM documentation.
  • Hopewell, NJ
  • Environment: CA SiteMinder 5.5 / 6.0/R12.x, Ping Federation, SOA, ADAM, WebLogic 6, iPlanet 6, Windows 2003\2008 servers, Red hat Linux.

Education

Master of Computer Science -

University of Bridgeport
Connecticut

Skills

  • MS-DOS
  • Sun Solaris
  • Windows NT
  • Windows 95
  • Windows 98
  • Windows 2000
  • Windows XP
  • Red Hat LINUX
  • Site minder45
  • Site minder55
  • Site minder60
  • Site minderR12x
  • SunOne/iPlanet Directory Server
  • Microsoft Active Directory Server
  • CA Directory server
  • OpenAM 13x
  • AM6X
  • AM7x
  • Directory Services DS6x
  • Directory Services DS7X
  • CA IDM R12
  • Oracle Identity Manager 11gR1
  • Oracle Identity Manager R2
  • Sun Access Manager 60
  • Sun Access Manager 7x
  • Apache web server
  • IIS 50
  • IIS 60
  • IIS 70
  • IPlanet Web Server
  • Vfabric Webserver
  • Vfabric Application server
  • Tcserver
  • JBoss Application server
  • Jenkins
  • Build Forge
  • OPNET
  • Splunk
  • JIRA
  • Remedy
  • Puppet
  • Identity management
  • Authentication protocols
  • Multi-factor authentication
  • Single sign-on
  • OAuth integration
  • SAML integration
  • Security compliance
  • Collaborative teamwork
  • Access control policies
  • Vendor collaboration
  • Excellent communication
  • Teamwork and collaboration

Accomplishments

  • Recipient of multiple "Go Beyond" awards, recognized for consistently delivering high-quality work on time, demonstrating initiative, effective team collaboration, and innovative problem-solving across various IAM projects.

Timeline

Sr Software IAM Engineer

VISA
09.2019 - 04.2025

Software engineer IAM Engineer

VISA
12.2014 - 09.2019

V.ME DEVOPS (Siteminder Consultant)

Visa-INC
02.2013 - 12.2014

Sky-Harbor

State Farm
10.2012 - 02.2013

web service security

Merrill Lynch\Bank Of America
01.2008 - 10.2012

Master of Computer Science -

University of Bridgeport

Similar Profiles

CREATE PROFILE
Suman Gajjala