Summary
Overview
Work History
Education
Skills
Certification
Languages
Timeline
Hi, I’m

Kishore Reddy Patil

Cloud Security & IAM Consultant
Bnagalore
Kishore Reddy Patil

Summary

Accomplished IAM Consultant with a proven track record at Baxter International Inc, adept in delivering comprehensive solutions and enhancing client satisfaction through exceptional problem-solving and client relationship management. Skilled in analytical thinking and team leadership, consistently achieving project goals and fostering long-term business growth.

Overview

11
years of professional experience
6
Certifications

Work History

Baxter International Inc

Consultant
04.2018 - Current

Job overview

  • Manage identity and access management support to business and technical teams in the design of standardized products and customized solutions.
  • Implemented ABAC Policies across all AWS accounts and used as generic policies for all AWS custom roles.
  • Migrated RBAC to ABAC (IAM, Roles & Policies) in 40+ AWS accounts, i-e, more than 2000+ policies and 3000+ Roles.
  • Implemented the SCPs on AWS Master account (organization) with strict deny policies on critical services such as VPC, IAM and Region restriction, ec2’s etc.
  • Implemented end-to-end AWS IAM Identity Center (earlier, AWS Single Sign-On (AWS SSO)) with 3rd party Identity Provider (OKTA).
  • Used SCIM Provisioning Protocol for real time push of user & groups from Okta (Universal Directory) to AWS.
  • Translated security and technical requirements into business requirements and communicates security risks to different audiences ranging from business leaders to engineers.
  • Defined set of permissions to roles & policies and created generic templates (Automation process) for standardization as a responsible for IAM Architecture & Engineering team.
  • Implemented federated Access, (SAML identity provider) ADFS and configured for SSO access replacing using Username & password authentication.
  • Migrated AWS federated access ADFS to OKTA for AWS SSO using SAML authentication through set of API calls setup and successfully completed the migration for 50+ AWS accounts.
  • Worked on critical migration projects (on premises to AWS cloud), 500+ Applications build’s from security perspective which includes creating roles & permissions, onboarding the Applications, and identifying the specific permissions and allowing the custom keys to encrypt the data to application roles.
  • Created AWS Permission sets for different set of applications.
  • Key player when implementing the control tower in our organization related to IAM.
  • Implemented AWS IAM cloud security solution and proof of concept environment.
  • Implemented the Permission Boundaries in all AWS accounts in place of deny policy, restricting for account specific region restriction and some service action which are not needed for application-level roles.
  • Implemented the Custom KMS keys (AWS KMS Service) for applications (specific key used for each application) with defined key inline policy with principal ARN’s (allowing the ARN’s with limited KMS permission actions such as to encrypt, decrypt and grants) for only that application team roles to access the KMS CMK keys.
  • Responsible for the thorough documentations of implementations, via technical documentation and run books.
  • Provided subject matter expertise on IAM, information security architecture and systems engineering to other IT and business teams.
  • Managed 50+ AWS accounts and SPOC for Identity & Access management (Architecture & Engineering).
  • Completed automated the roles & policies deployment using the CloudFormation.
  • Build the scripts using yaml & json for roles, polices creation.
  • Implementing the Custom keys for each specific Application teams for encrypting & decrypting the resources while the data is in rest.
  • Managed the ACM, wild cards certificates & SSL certificates for company applications web-based access while data is in transit.
  • Created config rules for resource, IAM & SG’s violations.
  • Develop roadmaps and participate in the standards process for Identity and Access Management (IAM) solutions.
  • Work with the project teams on implementing the defined Policies within Access & Identity Management (AIM) solution.
  • Designed and Implemented Okta suite from scratch as per company requirements.
  • Have integrated Okta Internal and Customer applications with Okta B2E and B2B tenants (workforce & customer tenants).
  • Have leveraged Okta API Access Management for securing application APIs and defining custom access policies for managing tokens lifetime.
  • Implemented authentication sing-on policies and routing rules as per company standards.
  • Implemented Multifactor, Factor types & Factor Enrollment
  • Installation of IWA agent to configure Desktop Single Sign-On with OKTA. Implemented OKTA SSO and MFA solution, designed, drafted, and documented.
  • Experience in Identity & Access Management Solution including Single Sign On.
  • Integrated 400+ applications (SAML & OIDC) into Okta from on-premises as part of SSO migration project.
  • Experience in administrating OKTA and providing support to Application teams.
  • Experience with OKTA API's and Setting up OKTA API tokens.
  • Managed day to day activities creating and managing OKTA policies and creating and managing OKTA application, including SAML, and OIDC applications.
  • Implemented Agentless DSSO as part of tenant upgrade.
  • Experience in Azure, Implemented Azure AD roles and RBAC model.
  • Implemented custom roles and deny roles as per company needs.
  • Responsible for creation of Key vault, encryption keys, SSL certs, secrets and Disk Migration Sets and uses RBAC model to assign the permissions with custom roles related to Data actions.
  • SPOC for AWS and Azure (IAM, KMS, ACM and Azure AD Roles assignments, key vault and Azure RBAC implementation) services.
  • Good understanding and working knowledge on SailPoint IdentityIQ Provisioning Workflows, Applications Setup, Account Group Aggregation, Task Definition and Scheduling, Analytics and Reporting, Rules, Email Templates, Role Management and Certification.
  • Develop and implement system defects/enhancements for Sailpoint IdentityIQ.
  • Implemented Access certification, Automated Provisioning and Governance aspects of IIQ.
  • Having knowledge on configuring and managing Azure Entra ID.
  • Manage Identity Access Management of Azure Subscriptions, Azure Entra, Azure Entra application, Azure AD pass through Authentication.
  • Having experience of creating conditional Access policies Azure Entra Multifactor Authentication (MFA).
  • Integrated the applications with Azure Entra ID (enterprise apps) SSO.

Capgemini

Consultant
11.2016 - 04.2018

Job overview

  • Worked on Users & roles creation along with the infra build.
  • Resolving the access and permissions issues on timely manner as per given SLA.
  • Involved in migration projects for IAM activities.
  • Working on Audit, getting the report of all user & role-based access and identifying the violations and keeping things as compliance as per defined security standards.
  • Launching Amazon EC2 Cloud Instances using Amazon Web Services (windows and Linux, Red hat/Ubuntu) and configuring launched instances with respect to specific applications as per client request.
  • Performed S3 buckets creation, policies and creating the S3 backups using versioning enable and moved objects to Amazon Glacier for archiving purpose.
  • Build servers using AWS, importing volumes, launching EC2, creating security groups, auto-scaling, load balancers (ELBs) in the defined virtual private connection.
  • Build and configure a virtual data center in the Amazon Web Services cloud to support Enterprise Data Warehouse hosting including Virtual Private Cloud (VPC), Public and Private Subnets, Security Groups, Route Tables, Elastic Load Balancer.
  • Leverage AWS cloud services such as EC2, auto-scaling and VPC to build secure, highly scalable, and flexible systems that handled expected and unexpected load bursts.
  • Defined AWS security groups which acted as virtual firewalls to control the incoming traffic onto one or more AWS EC2 instances.
  • Assigned AWS elastic IP addresses to work around host or availability zone failures by quickly re-mapping the address to another running instance.
  • Configured S3 versioning and lifecycle policies to and backup files and archive files in Glacier.
  • Raising feature requests on behalf of the customers use cases. Ensuring timely communication and driving technical issues towards closure & bug reports. Helping customers architect and optimize their AWS infrastructure.
  • Hands-on Experience working on Migrations from On-Premises to AWS Cloud.
  • Implemented AWS high availability using AWS Elastic Load Balancing (ELB), which performed balance across instances in multiple availability zones.

Netconnect India Pvt. Ltd.

VMware Administrator
11.2015 - 11.2016

Job overview

  • Setup of Virtual Private Cloud (VPC), Network ACLs, Security Groups, and route tables across AWS.
  • Configuring Security groups for EC2 Window and Linux instances.
  • Good understanding on activities like day-to-day basis Empower for AWS customers who use AWS network management services, including Elastic Load Balancing Virtual Private Cloud Route53 Direct Connect AWS Core Services like (EC2, EBS and S3) and Act as customer’s advocate and having a strong voice into the product development teams.
  • Managed Virtualization Environment using VM Ware ESX 5.0 & 5.5, VM Ware V Sphere 5.5, Virtual Center, VI Client, P2V
  • Creating and Managing Virtual Machines and Templates. Configured Resource Pool, V Motion, Alerts, Alarms, NTP
  • Migrate Physical Servers to Virtual Server using VMware Converter (P2V Converter)
  • Migrating of Virtual Machines using V Motion
  • Performing Snapshots, Cloning, Cold Migrations and Hot Migrations
  • Creating Templates from VM’s, deploy VM’s from templates and allocate resources • Experience on configuration & installation of VMware Horizon View 6 Enterprise Edition.
  • As Data Center Operations Engineer, responsible for overall Infrastructure of the company including Development - Data center at Bangalore and Overseas.
  • Create reports for various infrastructure changes carried out in EU and activities performed in general. Follow the defined escalation procedure for a process as and when required.
  • Remote administration of servers for any issues related to Windows Servers.
  • Heads the Incident Level Management team: Monitoring & working the volume of Incidents, Incident resolution, pending Incidents, complaints, communications and escalations, Analyze the Incident flow/volume and suggest for appropriate action.

Mindtree

Software Engineer
07.2013 - 07.2015

Job overview

  • Managed Virtualization Environment using VM Ware ESX 5.0 & 5.5, VM Ware V Sphere 5.5, Virtual Center, VI Client, P2V.Creating and Managing Virtual Machines and Templates
  • Migrate Physical Servers to Virtual Server using VMware Converter (P2V Converter)
  • Performing Snapshots, Cloning, Cold Migrations and Hot Migrations
  • Creating Templates from VM’s and deploying VM’s from templates and allocating resources
  • Monitoring of Virtual Machine’s & ESX servers (CPU, Memory, Disk and Network Utilization) for Security.
  • Converting P2V and V2V using VMware Standalone Converter.
  • Performance tuning of VMware servers, Virtual sessions, and management of server resources between Virtual Machines.
  • Root Cause & System Log Analysis and reporting. Organizing tasks, events and Configuring alarms.
  • Proactively monitored, administered 500 + servers remotely and taken initiatives to solve issues (L1 & L2) against the challenges and documented WI’s. Adding CPU, Memory, and hard disk in Virtual machines.
  • Fixing Security Violations of both Linux and AIX Servers.

Education

JNTU
Anantapur, India

B.Tech from Computer Science & Engineering
04.2001

University Overview

Skills

AWS Cloud

Certification

AWS Certified (Amazon Solution Architect Associate)

Languages

English
Advanced (C1)
Telugu
Bilingual or Proficient (C2)
Hindi
Intermediate (B1)

Timeline

Consultant
Baxter International Inc
04.2018 - Current
Consultant
Capgemini
11.2016 - 04.2018
VMware Administrator
Netconnect India Pvt. Ltd.
11.2015 - 11.2016
Software Engineer
Mindtree
07.2013 - 07.2015
JNTU
B.Tech from Computer Science & Engineering
04.2001

Similar Profiles

  • SANDRA FAST

    SANDRA FASTSANDRA FAST

    Customer Support Tech II at BAXTER INTERNATIONAL INCCustomer Support Tech II at BAXTER INTERNATIONAL INC

  • Scott Hardgrave

    Scott HardgraveScott Hardgrave

    Senior Software Engineer at Baxter International IncSenior Software Engineer at Baxter International Inc

  • Milivoje Dimitrijevic

    Milivoje DimitrijevicMilivoje Dimitrijevic

    Clinical Sales Specialist at Baxter International IncClinical Sales Specialist at Baxter International Inc

  • Manuel Diaz

    Manuel DiazManuel Diaz

    Evaluation Technician at Baxter International IncEvaluation Technician at Baxter International Inc

  • Kushi Sharma

    Kushi SharmaKushi Sharma

    Industry Exposure-Reinsurance Sector at Salasar Services Insurance Brokers Pvt LtdIndustry Exposure-Reinsurance Sector at Salasar Services Insurance Brokers Pvt Ltd

CREATE PROFILE
Kishore Reddy PatilCloud Security & IAM Consultant