About Me
I am an experienced information technology security professional with a diverse background in desktop and server technologies. This background provide a strong foundation of knowledge to architect, implement, and support new systems in the Single Sign On (SSO) and Identity and Access Management (IdAM) space, including solutions for the internal work force and customers (CIAM). I am comfortable leveraging current authentication and authorization standards such as SAML 2.0, OpenID, and OAuth. I am commited to continuing education and have a homelab environment setup to continue my development in key technologies such as Docker and Kubernetes.
I have a proven track record of partnering with other stakeholders to provide solutions that fit the problem in a secure and safe manner both as a leader and an individual contributor. I'm comfortable leveraging current authentication and authorization technologies such as SiteMinder (formerly CA Single Sign On), Symantec Secure Web Gateway (formerly CA Application Gateway), Ping Federate, and Ping Access. I have 10 years experience in the in Identity Access Management space. I have architected, built, and supportred Single Sign On (SSO) solutions utilizing industry standard protocols such as OAuth, OIDC, and SAML. I have implemented process automation and administration with scripting leveraging Python, BASH and JSON objects.
My skills include: Identity Access Management for both internal work force users and customers, OAuth/OIDC Based Solutions, SSO Solutions, Solution Architect, MFA Solutions, Voice Biometric Authentication, API Service Orchestration, SPAs/Microservices/APIs Security, Workforce VPN/VDI Solutions, Self Service Password Reset, Enterprise Initiatives, Client Relations Management, Engineering Concepts, LDAP integraion, Python, BASH, and JSON objects.
Contact Details
Tony Sokolik
Orchard Park, NY 14127
(716) 259-2689
tony@sokolik.info
Work
TIAA
Senior Lead Solutions Architect • Dec 2023 - Present
Oversee the development of multiple types and categories of technical architecture and operating systems for running end user applications. Recomeend operational strategies and plans with direct impact on results. Develop and implement new products, processes, standards and operational plans that directly impact the organization. Key responsibilities and duties include: lead complex architecture requirements analysis to convert end user needs into technical solutions, audit systems design and technology constraints in accordance with compliance requirements, oversee development of key capabilities and performance requirements when developing system architectures, approve technical specifications and standards for layered and multidimensional models, deliver solutions requiring integration of multiple platforms, operating systems and applications across the enterprise, communicate the design of the technical architecture clearly to other leaders within the organization, and design the development and implementation of the overall architecture, and helps define "blueprint" for technical architecture to support mission needs. Related Skills: Application Programming Interface (API) Development/Integration, Automation, Communication, Consultative Communication, Containerization, DevOps, Enterprise Application Integration, Influence, Prototyping, Relationship Management, Scalability/Reliability, Software Development Life Cycle, Systems Design/Analysis. Familiar technologies: PingFederate, PingAccess, PingOne, PingID, PingID SDK, LDAP, Ping Directory, Dynatrace, Git, Linux, RADIUS, Jenkins, Python, BASH, JSON and Process Automation
PNC
Enterprise Engineer Senior / Vice President • June 2018 - Dec 2023
Enterprise Engineer Senior for Identity and Access Management (IAM) for internal workforce and customers (CIAM) utilizing CA Single Sign On (formerly SiteMinder), Ping Federate and Ping Access solutions to provide secure authentication to design and support a cohesive IDAM (Identity and Access Management strategy and solutions. Instrumental in the design and architecture of workforce and customer facing instances to transition from legacy solutions (SiteMinder). Involved in multiple deployments, upgrades, and integrations of the Ping Platform leveraging standards such as OAuth, OIDC, and SAML as a leader and contributor to projects. Use of scripting languages such as Python and Bash to maintain and report on the environment utilizing several APIs, including the Ping Administrative APIs. Assist in integration with other systems such as LDAP, biometrics (e.g. voice with Daon Voice Gateway Services), multi-factor authentication (MFA), device fingerprinting, and risk analysis products. Leveraging GIT for version control of scripts and configuration files. Familiar technologies: PingFederate, PingAccess, PingOne, PingID, PingID SDK, PingCentral, Oracle DB, LDAP, Ping Directory, Apigee, Daon, AWS, Azure, Splunk, Humio, Dynatrace, Git, Linux, RADIUS, Jenkins, Python, BASH, JSON, and Process Automation
M&T Bank
Senior Analyst / Banking Officer • July 2014 - June 2018
Responsible for maintaining, supporting, and implementing Identity and Access Management (IAM) solutions using single sign on (SSO) connections to internal and external resources utilizing CA SiteMinder. Configure, and maintain SiteMinder Policy Servers on Solaris and Red Hat Enterprise Linux (RHEL) as well setup and configuration of the Web Administrative UI (WAMUI). Configure and maintain Identity federation using SAML 2.0 and SAML 1.1 with Ping Federate. Configure, support, and implement integration of CA SiteMinder agent software on Windows 2003, 2008, and 2012, Red Hat Enterprise Linux (RHEL), AIX, and Solaris servers utilizing Internet Information Server (IIS) and Apache web servers. Architect and implement new authentication and authorization systems leveraging technologies and industry standards such as SAML 2.0, OpenID, and OAuth. Deploy CA Privilege Access Manager. Design and architect new instance for Customer Identity and Access Manager (CIAM) with SiteMinder for new customer facing portal. Familiar Technologies: Siteminder, IdentityMinder, PingFederate, Oracle DB, Ping Directory, BASH, CA PAM, LDAP
nTech Workforce
Senior Network Support Engineer for M&T Bank • February 2014 - July 2014
Responsible for maintaining, supporting, and implementing Identity and Access Management (IAM) solutions using single sign on (SSO) connections to internal and external resources utilizing CA SiteMinder. Configure, and maintain SiteMinder Policy Servers on Solaris and Red Hat Enterprise Linux (RHEL) as well setup and configuration of the Web Administrative UI (WAMUI). Configure and maintain Identity federation using SAML 2.0 and SAML 1.1 with Ping Federate. Configure, support, and implement integration of CA SiteMinder agent software on Windows 2003, 2008, and 2012, Red Hat Enterprise Linux (RHEL), AIX, and Solaris servers utilizing Internet Information Server (IIS) and Apache web servers. Architect and implement new authentication and authorization systems leveraging technologies and industry standards such as SAML 2.0, OpenID, and OAuth. Deploy CA Privilege Access Manager. Design and architect new instance for Customer Identity and Access Manager (CIAM) with SiteMinder for new customer facing portal. Familiar Technologies: Siteminder, IdentityMinder, PingFederate, Oracle DB, Ping Directory, BASH, CA PAM, LDAP
Leisure Living
Systems Engineer • December 2012 - February 2014
Responsible for maintaining, supporting, and implementing Identity and Access Management (IAM) solutions using single sign on (SSO) connections to internal and external resources utilizing CA SiteMinder. Configure, and maintain SiteMinder Policy Servers on Solaris and Red Hat Enterprise Linux (RHEL) as well setup and configuration of the Web Administrative UI (WAMUI). Configure and maintain Identity federation using SAML 2.0 and SAML 1.1 with Ping Federate. Configure, support, and implement integration of CA SiteMinder agent software on Windows 2003, 2008, and 2012, Red Hat Enterprise Linux (RHEL), AIX, and Solaris servers utilizing Internet Information Server (IIS) and Apache web servers. Architect and implement new authentication and authorization systems leveraging technologies and industry standards such as SAML 2.0, OpenID, and OAuth. Deploy CA Privilege Access Manager. Design and architect new instance for Customer Identity and Access Manager (CIAM) with SiteMinder for new customer facing portal. Familiar Technologies: Siteminder, IdentityMinder, PingFederate, Oracle DB, Ping Directory, BASH, CA PAM, LDAP
Skills
Over the years as a cybersecurity and technolgy professional, I have acquired many skills that allowing me to contribate at a high level to many projects whether it is evaluating and architecting new solutions or helping to automate processes through scripting.