Peningo Systems, Inc.

Resume of Candidate: PEN77

Rate: email us at for rate information

Tivoli Identity Manager Consultant

•        Over 13 years of experience in planning, design, implementation, and administration of small, medium, and large Internet Infrastructures.
•        Over three years of experience in Access Management and Identity Management.
•        Strong interpersonal, technical, analytical and communication skills, developed through work experience and academic background.
•        Extensive knowledge of Access and Identity Management, Systems Architecture, Software Development Lifecycle, Quality Assurance, Source Code
Control, Scripting, Operating Systems and data/communications networks, developed through work experience and professional training.
•        Highly proficient in design, installation, configuration, and administration of IBM Tivoli Access Manager (TAM), IBM Tivoli Identity Manager (ITIM),
IBM Directory Server, WebSphere Application Server,  WebSphere Portal Server, IBM HTTP Server, and Microsoft IIS,  on AIX, SOLARIS, LINUX, and
•        Experienced in design and implementation of Highly Available and scalable ITIM/TAM environment by use of replication between multiple Directory
Servers and by use of WebSphere Clusters for ITIM application.
•        Proficient in shell scripting to provide automation of various maintenance and administration tasks.
•        Experienced in writing XMLAccess scripts to automate deployment and build process, as well as configuration of Portlets, URL Mappings, Pages,
and Page Layouts.
•        Proficient in performance tuning and monitoring using various tools such as Wily Introscope, and Tivoli Performance Viewer.

•        IBM Certified Advanced Deployment Professional - Tivoli Security Management Solutions 2007
•        IBM Certified Deployment Professional -- Tivoli Access Manager for e-business V6.0
•        IBM Certified Deployment Professional -- Tivoli Identity Manager V4.6
•        IBM Certified System Administrator - WebSphere Application Server Network Deployment V6.0


Technologies:        IBM Tivoli Access Manager (Policy Director) v4.1/v5.1/v6.0, IBM Tivoli Identity Manager v4.6, WebSphere Application Server Network
Deployment (v3.x, v4.x, v5.x, and v6), WebSphere Portal Server v5.0.x and v5.1.x, Tivoli Web Site Analyzer v4.2, IBM Network Dispatcher (Edge Server),
IBM HTTP Server (Apache), TCP/IP, SSL, SQL, Oracle 8, Windows Servers and Workstations, Novell NetWare 4.x, Microsoft Internet Information Server 4.0,
Microsoft Visual SourceSafe, J2EE, Visual Basic, Cognos Reporting Server, Crystal Reports.
Languages:        Shell scripting, JACL, XMLAccess, Visual Basic.
UNIX:        Advanced level knowledge in AIX, Solaris, Linux.
Management:        IBM Tivoli Access Manager, IBM Tivoli Identity Manager, IBM Directory Server on UNIX Platforms.
Installation/Configuration/Administration, WebSEAL Junctions, Policy Server, Workflow, Lifecycle rules, Provisioning policies.
Single Sign-On for WebSphere Portal, PeopleSoft and Lotus QuickPlace using IBM Tivoli Access Manager (TAM).
J2EE:        WebSphere Application Server - Knowledge of J2EE application packaging and deployment process. Deployment and configuration using
WSAdmin, JACL scripts, and Administrative Console.
Tools:        TOAD, Wily Introscope, Mercury Interactive WinRunner, LoadRunner and TestDirector.
Competencies:        eBusiness Development, Financial Services, Network Operating System, Software Quality Assurance, JAVA.

Security Engineer
February 2008 – Present

•        Provided lead engineering, development, integration, documentation, and testing effort for the security releases including Tivoli Access Manager
(TAM), Tivoli Identity Manager (ITIM), Tivoli Directory Integrator (TDI), and Tivoli Federated Identity Manager (TFIM).
•        Involved in migration of ITIM, TAM, and TFIM from Solaris to Red Hat Enterprise Linux (RHEL) operating system.
•        Installed and configured Tivoli Directory Server (TDS), ITIM, TAM, and TDI in highly available, clustered environment.
•        Configured directory replication for one Master, a Peer Master, and two Replicas, and migrated data containing 800k+ users with minimum downtime.
•        Installed and configured master/slave Policy Server model and transferred authorization database from Solaris to RHEL environment without an
•        Installed and configured ITIM on horizontally clustered WebSphere Application Server Network Deployment v5.1 environment with two physical
nodes, and remote IBM HTTP Servers.
•        Installed and configured TDI on two nodes and configured AMC Server to manage both TDI servers.
•        Configured SSL for all ITIM, TAM, TDS, and TDI components. Created keystores/truststores, generated certificate requests, and imported root signer
certificate as well as CA-signed certificates.
•        Installed and configured TAM Combo adapter, and several custom TDI adapters created for provisioning accounts to Oracle Internet Directory (OID),
Netscape Directory Server (NDS), and Active Directory (AD).
•        Prepared detailed installation and configuration guides for Operations & Support personnel to build the ITIM/TAM environment at two U.S. Air Force
Security Architect
October 2006 - October 2007

•        Implemented Access and Identity Management solution. Responsibilities included business requirement analysis, development of technical
architecture and solution design using IBM Tivoli Access Manager v6.0, and IBM Tivoli Identity Manager v4.6 products.
•        Involved in assessment and IAM reference architecture development of the identity management processes for client’s RACF/Mainframe
environment as well as the business processes associated with employee lifecycle management.
•        Developed enterprise IAM strategy and provided an implementation roadmap, which involved Compilation of the existing policies, processes,
knowledge, and tools used in client’s environment into a clearly articulated architecture for Identity and Access Management to provide a long-term
strategic solution.
•        Installed and configured various TAM components such as Policy Server, Authorization Server, WebSEAL, and IBM Tivoli Directory Server (TDS).
•        Secured communication between ITIM/TAM, IHS and WebSphere components using SSL. Created self-signed certificates where possible using
ikeyman utility.
•        Configured Single Sign-On for client’s employee portal application running on IBM WebSphere Portal Server using TAM and TAI++.
•        Configured Single Sign-On for Lotus QuickPlace application using TAM and LTPA. Also configured Single Sign-On for PeopleSoft HR application.
•        Secured enterprise applications hosted on WebSphere Application Servers using Transparent Path junctions.
•        Designed system backup and recovery strategy and log rotation/archival procedures and configured daily/weekly backup and log archival tasks
using crontab and shell scripts.
•        Installed and configured ITIM and required components including WebSphere Application Server, IBM HTTP Server, TAM Adapter, and LDAP Adapter.
•        Assisted UNIX team for hardware sizing and capacity planning for ITM and TAM components.
•        Designed Organization Tree and extended ITIM schema by creating new attributes and objectclasses to populate employee data.
•        Configured Provisioning Policies with use of Memberships and Entitlements to define user’s access levels to resources.
•        Configured Identity Policies and Password Policies in order to enforce county policies for user ID generation and password complexities.
•        Configured nightly reconciliation to synchronize ITIM user information with accounts on managed resources.
•        Created entitlement workflows to implement approval and notification processes for various account activities.
•        Created operation workflows and lifecycle rules to automate manual tasks such as password expirations and challenge/response completion.
•        Documented installation and configuration process and delivered Operations Runbook to client.
•        Configured Self Service (Self-Care) application to facilitate user self registration/password management functionality. Configured customized
WebSEAL login, logout, and error pages used by Self-Care application and employee portal.
•        Configured ITIM and TAM components to run as non-root users where appropriate.

Internet Infrastructure Architect
January 2004 - September 2006

•        Architected IBM/Tivoli solutions, integrating IBM Tivoli Access Manager (TAM) for e-business, IBM WebSphere Application Server (WAS), and IBM
WebSphere Portal Server (WPS) components via secure, LDAPv3 compliant directory, IBM Tivoli Secureway Directory (LDAP) Server.
•        Responsible for installation, configuration, and maintenance of Tivoli Access Manager Components such as IBM Directory Server (IDS), WebSEAL,
Web Portal Manager, etc.
•        Created users, roles, and junctions, and performed other maintenance tasks using both Web Portal Manager and pdadmin commands.
•        Configured IBM Tivoli Access Manager to make authentication and authorization decisions for applications deployed on WebSphere Application
Server by configuring applications to use WebSEAL junctions, and by assigning security roles to users.
•        Defined and managed centralized authorization policy for a broad range of business initiatives by means of ACLs, POPs.
•        Deployed WebSEAL servers in order to manage access to all Web Servers and to centrally control Web resources as a single, logical web space.
•        Configured Failover and High Availability configuring multiple IBM Directory Servers in a peer-to-peer replication mode.
•        Configured and maintained 80+ WebSphere and Portal applications running on several AIX, SOLARIS, and Windows servers.
•        Performed Proof of Concept (POC) to determine viability of the IAM solution utilizing IBM Tivoli Identity Manager to replace legacy provisioning tool.
•        Responsible for installation, configuration and maintenance of WebSphere Application Server (Base and ND), and WebSphere Portal Server in a
heterogeneous environment.
•        Managed a team of 8 WebSphere engineers in a large scale project to Migrate WebSphere environment from AIX to Solaris which involved 50+
servers and 80+ J2EE applications.
•        Created WebSphere cells, Horizontal and Vertical application clusters, and added cluster members to clusters in effort to create fault-tolerant,
scalable, and highly available WebSphere environment.
•        Installed Fixpacks, eFixes, and cumulative fixes to the existing infrastructure.
•        Installed and configured remote WebSphere plug-in for IBM HTTP Server. Manually updated plug-in files for IHS servers located in DMZ.
•        Developed technical standards, processes, procedures, and best practices to allow for auditable administration of WebSphere environment and
•        Developed shell, JACL, and WSAdmin scripts in order to facilitate delegated WebSphere administrative task such as deployment of Enterprise
applications, and configuration of JVM and other resources.
•        Automated FixPack/eFixes installations, daily backups, log archival and other tasks using shell scripts.
•        Developed XMLAccess scripts to automate migration and deployment tasks for WebSphere Portal application components such as Portlets, URL
Mappings, Pages, and Page Layouts.
•        Provided technical mentoring and knowledge to junior administrators on a regular basis by means of on-the-job training, and technical
•        Played a lead role in planning for the future infrastructure, conducted proof of technology and pilots on various products.
•        Managed documentation of application configurations, business impact, deployment standards and procedures, and installation standards.
•        Worked closely with IBM technical support on problem determination, and resolution.
•        Configured authentication and authorization for J2EE application by means of WebSEAL junctions and ACLs.
•        Worked closely with Load testing team to identify performance bottlenecks using Wily Introscope, and Tivoli Performance Viewer.
•        Participated in the design on a JMX based application that allowed developers to stop, start, and deploy applications on development WebSphere
servers without providing access to the Admin Console access.
•        Performed root-cause analysis for Productions outages and provided management with root-cause analysis reports.
•        Configured global security for WebSphere Application Server and WebSphere Portal Servers using IBM Directory Server as LDAP user registry.
•        Created JDBC Providers, datasources, and JAAS authentication aliases in order to provide connectivity to Oracle, DB2 (mainframe and UDB), AS400
•        Configured resources such as Queue Definitions, Queue Connections Factories, and Listeners in order to provide connectivity to Enterprise MQ
•        Configured DB2 Node and DB catalogs to connect to mainframe DB2 databases via DB2Connect server.
•        Configured several third-party products such as Hyperion, eBilling, and Cognos suite, on WebSphere Application Server.

Senior WebSphere Administrator
May 2001 - December 2003
•        Played a key role in design, and implementation of WebSphere Infrastructure.
•        Provided 24/7 support for the internet and intranet sites.
•        Supported more than forty web-applications running on various versions (3.0.2, 3.5.3, and 4.0.1) of WebSphere Application Server, and IBM HTTP
Server (IHS).
•        Responsible for installation, configuration and maintenance of five WebSphere Application Servers (Version 3.5.3) running on AIX platform, and Five
WebSphere Application Servers (Version 3.0.2) on Windows NT 4.0 platform.
•        Planned and coordinated the migration of applications running on WAS 3.0.2 (NT) to WAS 3.5.3 (AIX).
•        Developed shell scripts for code migration, and for automated startup and shutdown of Application Servers utilizing WSCP and XMLConfig.
•        Configured several applications to use unique port and WAS virtual host. Also configured IHS appropriately.
•        Configured Session Persistence, Models and clones for workload management.
•        Utilized Resource Analyzer to collect performance statistics by monitoring JVM, database connection pools, servlet engine, etc.
•        Prepared applications for performance improvement by tuning JVMs, Database Connection Managers, Servlet Engines and IHS configuration.
•        Performed routine WAS configuration backups using XMLConfig utility.
•        Developed Disaster Recovery plan for WebSphere configuration, repository database and IHS configuration
•        Troubleshoot Visual Age for Java configuration issues.
•        Assisted developers in troubleshooting applications by analyzing log files, applying e-fixes and fix packs.

WebSphere Implementation Specialist/Configuration Manager
Feb. 2000 - May 2001
•        Responsible for design, configuration, maintenance and deployment of web-based infrastructure to support B2B application development using
WebSphere Application Server, Oracle Database and IIS on Windows NT platform.
•        Also responsible for development and implementation of configuration management processes to help maintain the integrity of the source code
using Microsoft Visual SourceSafe.
•        Reviewed various configuration options for the Web Servers, Application Servers, Database Servers, and made recommendations for the
Development and Productions environments.
•        Participated in design reviews to guide, influence and design infrastructure solution.
•        Recommended and implemented appropriate Workload Management (WLM) topology for Production Environment based on a variety of factors such
as security, performance and throughput requirements, and firewall configuration.
•        Installed, configured and maintained Microsoft IIS 4.0, WebSphere Application Server 3.5 and Oracle 8.05 Database Server in the Development, QA,
and Production environments.
•        Worked closely with development team to define and configure Application Servers, Web Server Plug-ins, Virtual Hosts, Web Resources, Servlet
Engines, and JDBC Drivers.
•        Deployed EJBs across multiple instances of WebSphere Application Server.
•        Designed automated deployment scripts to facilitate remote deployment.
•        Configured and construed trace and/or log files to identify the programming issues.
•        Defined and implemented build processes to efficiently track, regulate and promote changes to software throughout the development lifecycle.
•        Ensured that key disciplines such as daily check-ins are observed by the development team, and enforced standards for unit testing.
•        Generated software builds for introduction into the Development, Staging, QA and Production environments.

Web Infrastructure Support Specialist
Feb. 2000 - May 2001
•        Provide infrastructure support for multiple projects.
•        Duties include, but are not limited to, design, documentation, engineering and deployment of web and application servers, security and
connectivity solutions consistent with business requirements.
•        Work closely with architects, software engineers and technical and business management to understand the business needs and determine optimal
solutions to address them.
•        Work with development staff and management to participate in the implementation of the infrastructure.
•        Coordinate with security and operations group of matters impacting web development and implementation.
•        Install, configure and maintain Windows NT 4.0 and Windows 2000 servers, IIS, Oracle, DB2, IBM WebSphere Application Server and Microsoft Visual
SourceSafe as needed.

QA Manager
Nov. 1998 - March 2001
•        Worked closely with development staff and business partners to identify, plan, develop and execute formal test processes for the Web based B2B
application including unit, functionality, integration, and load tests.
•        Participate in design and review meetings.
•        Conducted review meetings with development staff to discuss progress of testing.
•        Review and establish effective master test plans, scripts, and the use of automated test tools.
•        Worked with development team, project manager and product manager to coordinate and plan product releases.
•        Managed complete testing lifecycle to ensure all defects are identified, assigned to developers and corrected prior to production release.
•        Utilized TestDirector Defect Manager tool for tracking defects and generating defect reports.
•        Generated data-driven automated test scripts using Mercury Interactive WinRunner and Astra QuickTest to verify application’s logic and
•        Designed test Scenarios using LoadRunner and used multiple Virtual Users to generate production-level load.
•        Identified performance bottlenecks using LoadRunner results, and monitoring tools.
•        Utilized TestDirector to plan and organize manual and automated functional, regression and load test scenarios.

Y2K Test Lab Manager
Feb. 1999 - Nov. 1999
•        Responsible for defining, developing and implementing operational processes and testing methodologies.
•        Maintained communication with the Deployment Team and software vendors, and reported progress to the Y2K Lab Manager regularly.
•        Assisted Y2K Project Team in the evaluation of the data files assessment/remediation tool and made recommendations.
•        Defined policies and procedures for use of lab facilities.
•        Assigned appropriate resources and coordinated the Y2K Lab schedule and activities.
•        Monitored progress of testing tasks and documented all problems found through end-user testing efforts.
•        Maintained communication with the Windows NT Deployment team and reported progress regularly to the Year 2000 IR Application Manager.
•        Introduced test engineers to the Y2K certification process.
•        Trained Y2K testers in the use of the data files assessment tool.

Year 2000 Certification Analyst
Nov. 1998 - Feb. 1999
•        Assisted Y2K Project Team in the development of the Y2K Test Plan and the certification process.
•        Involved appropriate IR and Finance personnel in software analysis, and provided assistance with financial analysis of software
•        Served as a liaison between users, vendors and Windows NT Workstation Deployment team.
•        Assisted end users with package software comparison to the IR Standard Certification Software List.
•        Served as a primary point-of-contact for the Y2K Certification laboratory.
•        Provided timely updates of the end-user application issues to the Y2K Project Team.
•        Responsible for constructing and assisting in the facilitation of test bed with the test lab, end- user or vendor.
•        Assisted Migration Coordinator with lab schedule and Y2K testing status.

Project Manager/Commercial Testing
June 1996 - Nov. 1998
•        Managed team of 11 QA engineers and 2 QA lead engineers.
•        Responsible for projects in the range of $800,000-$1,000,000 per year.
•        Defined overall test strategy to control testing process.
•        Designed and implemented testing methodologies using knowledge of systems, network, peripherals and software applications.
•        Managed the system design, verification and server integration testing laboratories for IBM servers.
•        Established project priorities and managed activities of QA engineers, delivering each project within time and budget.
•        Ensured that all affected groups are included in the development and acceptance of the project requirements.
•        Provided clients with detailed problem reports, thereby keeping them informed of progress and problems.
•        Prepared final narrative reports to summarize and analyze the results of the project.
•        Provided Marketing staff with technical information and time estimates for proposals, by using knowledge of testing methodologies.
•        Prepared and organized test plans, report forms, software and equipment.
•        Managed test engineers to ensure compliance with defined test procedures and completion of tasks in an accurate and timely manner by
monitoring engineers during the testing phase, providing technical expertise and reviewing status on a daily basis.
•        Introduced new engineers to testing methodologies, problem solving procedures and reporting.
•        Created and maintained a reporting database and project logs.
•        Determined staffing requirements, interviewed and hired testing staff.

•        B.S.  Electrical Engineering

•        IBM WebSphere Portal 5.1 Installation, Deployment and Administration
•        WebSphere Scripting and Automation
•        Administration of WebSphere Application Server V6
Back to Peningo Sample Resumes
Back to the Peningo Tivoli Consultants page
Back to the Peningo Systems Tivoli Identity Manager Consultants home page.
If your organizations has an IT Staffing or
Consulting need for a Tivoli Resource, please
email us at . If you wish to
speak with someone from Peningo Systems,

please click here to contact Peningo.