KARTHICKUMAR RAJAMANI - IAM Solution Engineering

Email: [email protected] Mobile: +919840389891

Profile Summary

 IAM Architect with 15+ years in IT with Identity Governance and Administrations (IGA),
Authentication, Authorization, Privileged Access Management (PAM), Cloud IAM, RBAC and
ABAC with Java Programming.
 15+ years’ work experience in Banking Industry supporting Cybersecurity - IAM.
 Hands on experience in architect, design and implement in SAILPOINT IIQ, Oracle Identity
Manager, SAVIYNT Security Manager for Provisioning, De-provisioning, Access Request and
Approval, Reconciliation and Access certification.
 Extensive knowledge and hands on experience in Authorization capability of IAM using PlainID -
Policy based access control solution (PBAC).
 Deep Knowledge and understanding in Authentication and Authentication protocols like SAML,
OIDC, OAuth.
 Develop IAM Strategy roadmaps, author reusable IAM solution patterns partnering with
stakeholders.
 Conduct IAM risk and vulnerability assessments, recommending improvements and mitigation
strategies for processes, technology and security controls.

 Compliance, IT and Cyber Security Audit, Enterprise Risk Management, Operational Risk
Management, Change
 Good work knowledge and Hands-on experience in Installation, Implementation, configuration
and customization of IAM solution using above mentioned products.
 Good customization knowledge and experience in Lifecycle Manager (LCM) and Compliance
Manager implementation and customization of SailPoint IIQ.
 Good experience in integration of enterprise and logical application through various in-build and
custom connectors.
 Knowledge of analysing Security Architecture, Governance, Risk Management Framework, and
Information Security. Proficient in identifying client needs to mitigate risks and provide cyber
solutions on enterprise GRC platforms.
 Experience identifying opportunities to introduce new automations into security operations and
processes.
 Strong analytical acumen with proficiency in Microsoft Office tools (Excel, Word, PowerPoint,
Visio), Project Management Tools, Google sheets and SharePoint.
 Ability to delegate and collaborate with cross-functional teams, including legal, procurement,
Infrastructure, and IT.
 Highly motivated self-starter, ability to work in a team-fostered, fast-paced, multi-tasking, global
environment.
 Experience with prioritizing and managing multiple projects simultaneously under timelines and
shifting priorities.
 The ability to incorporate security into the design and architecture of systems and applications
from the outset, rather than as an afterthought.
 Good team player with adaptive thinking, quick learning abilities and passion to learn new
technologies and tools.
 Good knowledge of SQL and programming skills in Java. Experience with Windows and Linux
environments.
 Experience working in an Agile environment, with excellent client engagement and project
management skills.

Technical Skills

IAM Products and SailPoint IIQ, Saviynt Security Manager, Oracle Identity Manager
Protocols (OIM), OAuth 2.0, SAML, SCIM, LDAP, OIDC

Technologies Java, Spring Boot, Micro Service, AWS, Azure, REST API, JPA,
Hibernates, IAM products and protocols.

Application/Web Servers WebLogic, WebSphere, Apache Tomcat, JBoss

Build and Test Tools GIT, Maven, Jenkins, Junit, Mockito, Docker and Kubernetes
GRC Tools Microsoft Power BI, Tableau, ServiceNow, Jira, Box, Microsoft
SharePoint

MS Office Tools Excel, Word, PowerPoint, Visio

Certification

Programming Language:
 Oracle Certified Java Developer
Identity and Access Management:
 SailPoint IIQ Engineer
 PlainID - PBAC Solution Engineer
 SailPoint – Identity Security Leader Certification
Cloud:
 Azure Fundamentals - AZ900
 Azure Security Engineer Associate - AZ500

Education

 Bachelor of Engineering in Computer Science - Anna University (2005-09)

IAM Skills
 SailPoint  SCIM  Identity management
 RBAC/ABAC  OAUTH 2.0  Access control
 Saviynt  SSO (Single Sign-on)  Decision-Making
 OIM  Active Directory  Adaptability and
 PlainID  Risk Assessment Flexibility
 SDLC  Data Loss Prevention  Data Encryption
 SAML 2.0  Disaster Recovery
 OIDC Planning

Professional Experience
Wells Fargo, India Jun 2020 - Present
Role - Solution Design Architect

Responsibilities:
 Design and Consult for Identity Governance and Administration (IGA), Authentication and
Authorization capabilities.
 Designing programs based on principles such as Role-Based Access Control (RBAC), Attribute-
Based Access Control (ABAC), Policy-Based Access Control (PBAC).
 Access and Identity Management System is a customized version of OIM 12C PS4 which
implements Access Request Portal, Provisioning, and Certification and Reconciliation process.
OOTP connector’s as well custom connector’s implementation are supported.
 Sailpoint IIQ is formerly used Access Request Tool (ART) for application access request, approval,
provisioning, aggregation and certification.
 Assessed and implemented solutions to resolve Corrective Actions and MRA’s.
 Extensive knowledge in Dynamic Authorization using PlainID product.
 Expertise in implementing and managing Data Security solutions and technologies, including
Microsoft Purview Insider Risk Management, Microsoft Purview Data Loss Prevention, and
Microsoft Sentinel.
 Planned long-term roadmaps, bug monitoring, feature improvements, and project deliverables.
 Identifying and mitigating security risks and vulnerabilities early in the software development
lifecycle (SDLC).
 Collaborating with design, analytics, and engineering to enhance the user experience. Also,
worked closely with the software engineers, product managers and other members of the GICS
team to create secured features and functionalities for our products and services.
 Worked closely with IT and security teams to monitor and analyse data flows, identifying
potential data security threats and insider risk cases.
 Responsible for selection, evaluation, implementation, and provided a 24/7 O&M of security
systems such as firewalls, IDS, antivirus, engineering of servers, application protection, remote
access, and encryption.
 Expertise in setting Invicti web infrastructure for CM by establishing client server and agents
across endpoints and performing periodic upgrades as well as troubleshooting issues for public-
facing sites.
 Configuring data security policies, rules, and classifications to prevent data leaks & unauthorized
access.
 Investigating and responding to security incidents, data breaches, and policy violations as
defined by existing escalation paths.
 Data validation and ensuring data accuracy in Tableau dashboards through regular audits and
data cleansing processes.
 Presenting findings from Tableau dashboards to Leaders, enabling data-driven decision-making.
 Worked with cross-functional teams, such as developers, product managers, security
professionals, and IT administrators to successfully implement SCIM-based PAM integrations.

BNY Mellon, India Sep 2013 - Jun 2020

Responsibilities:
 Design, Architect and Manage SailPoint IdentityIQ (IIQ) and Oracle Identity Manager (OIM) as
part of IGA practice.
 Integrated IGA platform with Service Now, Active Directory, Azure Active Directory, DBAT
applications, Flat file applications, SCIM and Rest connectors exposed applications for
onboarding Identity and Application information.
 Collaborated with cross-functional teams to support and troubleshoot Identity and Access
Management (IAM)-related issues, ensuring secure, compliant, and scalable solutions.
 Implemented security best practices for Azure products, services, and solutions to mitigate risks
and enhance security posture.
 Established and maintained identity governance frameworks, including privileged identity
management (PIM) for elevated access, ensuring compliance and security.
 Stayed informed of Azure updates, security threats, and industry best practices to continuously
enhance security posture and align with evolving requirements.
 Collaborated with DevOps and development teams, demonstrating a basic understanding of
tools and requirements to integrate identity and access management into the development
lifecycle.
 Collaborated with DevOps and development teams, demonstrating a basic understanding of
tools and requirements to integrate identity and access management into the development
lifecycle. Collaborated to develop and implement Role-Based Access Control (RBAC) policies for
large-scale environments.
 Conducted in-depth analysis of access management processes, identified gaps, and
recommended controls.
 Facilitated workshops to configure systems and optimize security measures.
 Documented deployment processes and provided ongoing support for PAM solutions.
 Conducted training on PAM functionalities and best practices for end-users and administrators.
 Participated in third-party tool evaluations for CyberArk implementations.
 Conducted regular reviews and updates of CyberArk configurations for optimal performance and
security.
 Gathered requirements, designed custom PAM architectures, and developed implementation
roadmaps with client stakeholders.
 Demonstrated strong troubleshooting skills to identify and resolve PAM tool issues for optimal
system performance.
 Prepared, validated, and maintained security documentation including system security plan
(SSP), contingency plan (CP), configuration management plan (CMP), incident response plan
(IRP) and FIPS categorization.
 Conducted risk assessments and familiar with entire NIST Risk Management Framework (RMF).
 Ensured that information system security principles are incorporated into the SDLC process.

Tata Consultancy Services (TTG and State Farm Insurance) Feb 2010 -
Aug 2013
Java Developer

Responsibilities:
 Working on application architecture and re-design of different parts of the application.
 Working with Requirement leads and Project managers to translate business requirements into
technical specifications.
 Worked in Agile mode and interacted closely with the product owner and business team.
 Set up a new clear case project and ANT scripts and owned the deployment process.
 Built Single page application (SOA) using AngularJS as per the requirement.
 Optimize the cost of application development and maintenance by using economies of scale
under an SLA governed process.
 Worked with Apache Lucene and SOLR for searching the person and business details.
 Using SpringBoot which is radically faster in building MicroServices and developing Spring based
applications with very less configuration.
 Written Stored Procedures, functions, SQL queries and backend programming using Oracle, SQL.
 Developed presentation tier web components using JSF framework and deployed the application
in web server.
 Expertise in application development using JSP, Servlets, JDBC, JNDI, spring, Hibernate, Ibatis,
JSF, EJB, XML, Web Services- SOAP, WSDL.
 Deployed and monitor scalable infrastructure on Amazon web services & configuration
management using puppet.
 Performed client-side validations using JavaScript and Struts validation framework.
 Developed business processes/workflow and rules using JBoss BPM/Rules
 Implemented various J2EE design patterns like DAO pattern, Business Delegate, and Value
Object.
 Developed Business components and Services using EJB, JPA, and JAX-WS and deployed them in
Business tier application server.
 Developed various Land registry office user interfaces, Model Beans and DAO using JSF
Framework.