Teja Sreekar Dara

• Integrated cloud-based Single Sign-On (SSO) and enterprise software as a service technology into intricate IT systems across different operating systems and provided the support.

• Installed OKTA’s lightweight (LDAP) agent to integrate with Active Directory and upgraded Okta AD Agents on a quarterly basis.

• Collaborating with applications and business stakeholders to remove roadblocks during the design and deployment stages.

• Integrated over 150 applications with OKTA using federated, agent-based, and secure proxy-based methods and protocols like OAuth, OIDC, SAML 2.0, WS-Fed, SWA and RADIUS following continuous integration/continuous deployment pipeline (CI/CD) and Agile/SDLC methodology.

• Integrated header-based applications in the Okta Access Gateway (OAG) build and application support.

• Created API keys and supplied them to application teams for integration with Okta via OpenID. And integrated Okta provisioning for applications such as BOX and AWS using API calls.

• Setting up Okta Workflow to gather user lists and attributes from multiple data sources and using Just-In-Time (JIT) Provisioning to create new user profiles. And automating access control processes such as User Provisioning, Onboarding, Role-Based Access Control (RBAC), authorization models, Single Sign-On(SSO), LDAP and Active Directory.

• Configured multi-factor authentication policies and factors for application access including Okta Verify, SMS authentication, and voice call authentication. Configuring and maintaining network rules within Okta, including both IP-based and dynamic zones.

• Developed password and sign-on policies as requested by customers and implemented self-service features such as password reset and account unlocking for end users.

• Monitored and analyzed Okta failed logins and performed the annual SOX audit. Conducted an Active Directory clean-up by removing disabled users, service accounts, mailboxes, and distribution lists using reports generated with PowerShell scripts to identify the usage.

• Developed and managed service accounts in Active Directory for application teams, supported application migration and enabled multi-factor authentication for the applications.

• Managed and maintained security technologies that focused on privileged access and information security solutions and ensured compliance with internal policies and regulatory requirements through monitoring and training programs and provided expert advice on federal compliance matters.

• Contributed to the engineering and architectural design of access control systems, user entitlements, application credentials, and user access policy management, improving security in privileged access management, high availability, and disaster resiliency.

• Developed and executed action plans based on audit findings and compliance violations. Conducted regular reviews and audits of company procedures, practices, and documents to detect potential weaknesses or risks and made updates as needed.

Configured and managed risk-based authentication, certificate-based authentication, and smart authentication policies in Okta while monitoring and adjusting as needed policies and certificates as needed, based on specific requirements and security policies.

• Installed and configured the ForgeRock OpenDJ, OpenAM and OpenIdM using the Apache Tomcat in the respective business servers.

• Implemented IAM systems and processes, such as setting up user and application life cycle management, access and permissions which includes authentication and authorization, and designed multi-factor authentication workflows in ForgeRock using the Authentication Trees and Nodes .

• Integrated over 35 applications using SSO and Federation protocols like OIDC and SAMLv2 and designed multi-factor authentication and created security policies for user authentication.

• Implemented complex multi-factor authentication patterns using ForgeRock Authenticator App, push notifications and other digital devices.

Created password and security policies for furlough users and assigned the necessary access to the SSO applications.