Aaqib Saleem Khan

As a seasoned Security Senior Analyst at Accenture, I have successfully led projects focused on Identity and Access Management (IAM), consistently demonstrating a comprehensive skill set in ensuring robust security postures and efficient access controls
My key responsibilities include:
• Installed, configured, and administered ForgeRock AM, DS, IDM, and IG. - Installed ForgeRock AM Agent in various web servers and application servers to facilitate seamless application integration.
• Conducted requirement gathering and implemented integrations for various applications, ensuring alignment with application requirements.
• Provided support for numerous go-lives following application integrations.
• Managed sessions and implemented diverse mechanisms to enhance the performance of the OpenAM server.
• Actively participated in Audit, business, and security review meetings, effectively communicating the value added through IAM adoption and highlighting risks to clients.
• Managed the Incident and change management process within the environment.
• Offered production support for OAuth/OIDC and SAML applications, encompassing all implemented user journeys.
• Developed custom tree nodes tailored to application requirements, specifically for email branding.
• Conducted upgrades for ForgeRock AM, DS, IDM, and IG as part of continuous service improvement practices.
• Installed vulnerability patches provided by ForgeRock, addressing security concerns related to ForgeRock AM, DS, IDM, and IG.
• Implemented shell scripts to monitor ForgeRock services and infrastructure, streamlining monitoring efforts.
• Established Jenkins servers and pipelines to build the ForgeRock AM Stack.
• Managed AWS resources and operations. - Planned and implemented ideas for cost reduction.
• Addressed critical incidents as part of incident management.
• Implemented backup policies on AWS to ensure data integrity.
• Front-faced Delivery projects, fostering positive relationships with clients and application teams by providing optimal solutions for issues across various domains.

During my tenure as a Technical Consultant at Aligarh Muslim University, I was entrusted with the successful delivery of the following projects:
Implementation of ForgeRock OpenAM and OpenDJ:
The university recognized the need for Single Sign-On (SSO) across various in-house applications, prompting the initiation of a robust SSO implementation. The contribution to the project are below:
• Installed, configured, and administered OpenAM and OpenDJ as on-prem solution in ESXi Platform.
• Integrated OpenAM Agents into diverse web servers and application servers for seamless application integration.
• Implemented session management and various mechanisms to optimize the performance of the OpenAM server.
• Participated in audit reviews and security meetings related to the IAM environment.
• Managed the incident and change management processes within the environment.
• Installed Web-Agents in different web servers to enhance application performance with OpenAM servers.
• Provided production support for the Single Sign-On utility (SSO).
Official Website Re-engineering and Security Compliance - Description: The official website, catering to around 50,000 users, faced service outages due to overloading. Hence the Project aimed to re-engineer the website “amu.ac.in” and enhance security measures:
• Re-engineered the database structure of the website.
• Implemented database clustering of the MySQL Server in Master-Slave Mode.
• Strengthened the security of the Apache Server.
• Conducted source code reviews of the developed modules.
• Performed Dynamic Application Security Testing (DAST)/Penetration testing of the entire website, supervising vulnerability fixes.
• Implemented an Open Source Web Application Firewall on the Apache side.
• Implemented SSL-TLS on the Apache server (transitioning from HTTP to HTTPS)
AMU Intranet Portal “myamu.ac.in”
Description: This project aimed to digitize manual processes with an intranet portal adhering to security compliance and industry standards, targeting all university employees and students. Contributions in the project are mentioned below:
• Analyzed the As-Is scenario, gathered requirements, and developed the To-Be structure of the portal.
• Provided coding guidelines to programmers based on OWASP 10 standards.
• Implemented and stabilized the portal to meet user satisfaction.
• Conducted Penetration Testing in accordance with OWASP 10, using both manual and tool-based practices.
• Implemented SSL-TLS on the Apache server.

• Project Name: Dial.gov (an Intelligent Search Engine for the Masses)
• Description: The project was a G2C type e-governance project with aimed to provide benefits to the citizens of India through searching of schemes provided by the Central and State Governments of India in various domains.
• Contribution to Project: - Searching of Schemes from the various sites of Ministries and Departments of Government of India. - Indentified searching criteria of the schemes. - Developed and Implemented the searching interface for the citizens to enable them benefits. - Maintenance of existing modules as per the bugs/defects reported by the Tester. - Tools & Technologies Used: Sturts 2.1, Hibernate, Postgre Sql 9.3, HTML, CSS.