Srinivasulu Harshavardhan Kendyala
1
Publications
0
Followers
0
Following
2
Questions
About
Kendyala Srinivasulu Harshavardhan is an exceptionally innovative and results-driven technical leader with a proven track record in Identity & Access Management with over 13 years of experience within the financial services sector. He has a wealth of experience in leading Customer Authentication Platform (CIAM) teams and possesses a diverse skill set encompassing Authentication, Orchestration, Single Sign-On (SSO), Multi-Factor Authentication (MFA), and a range of industry-standard protocols including PingFederate, PingID, Ping Access, SAML 2.0, OAuth 2.0, OpenID, Identity Federation, and Provisioning, as well as WS-Federation.
Srinivasulu holds a Master’s degree in computer science from the University of Illinois Springfield, underpinning his strong technical foundation. He brings a unique blend of technical expertise and strategic vision to his work, consistently driving innovative solutions and exceeding business objectives. With a keen focus on leveraging cutting-edge technologies and methodologies, Srinivasulu is adept at navigating complex challenges and delivering impactful outcomes in dynamic and fast-paced environments within the financial services industry.
Harsha Kendyala is an accomplished IT professional with extensive experience in Identity and Access Management (IAM), cloud security, and enterprise authentication solutions. He holds a Master's in Computer Science from the University of Illinois Springfield and a Bachelor's in Computer Science from JNTU, Hyderabad, with a strong academic foundation in information security and software development. Throughout his career, Harsha has played a critical role in securing enterprise applications, leading IAM initiatives, and optimizing authentication infrastructures. Currently serving as a Senior Manager (Technical & Delivery Lead) at JPMorgan Chase, he spearheads the Identity & Access Management (IAM) domain, specializing in Inbound/Outbound Federation, Application Security Token Service, and Authentication Orchestration. He has successfully migrated SSO infrastructures from on-premises to cloud environments like AWS, transitioned HR applications from SiteMinder to PingFederate, and integrated Ping with ForgeRock and Transmit Security for adaptive authentication solutions. His expertise includes designing and developing custom inbound federation adapters, custom data stores, and Policy Contract Validators (PCVs) for PingFederate. Harsha has led strategic IAM deployments, including the expansion of PingFederate clusters, implementing high-availability architecture, and automating deployments and upgrades across multiple servers and clusters. His deep technical knowledge spans OAuth 2.0, OpenID Connect (OIDC), JWT Bearer Assertion Grant, and various OAuth grant types, enabling seamless authentication and access management for external and internal clients. He has designed and implemented custom solutions for SiteMinder-to-OAuth token translation, legacy IDP-to-OAuth integration, and cross-domain single sign-on within enterprises. His expertise in OAuth 2-legged and 3-legged flows has significantly enhanced API security and authentication mechanisms. Prior to JPMorgan Chase, Harsha worked at Capital One as a Senior Software Engineer/Technical Lead, where he played a key role in migrating legacy systems like GetAccess to PingFederate, implementing multi-factor authentication (MFA) using PingID and FIDO2, and leading the migration of identity infrastructure to AWS. He successfully onboarded over 500 applications to PingFederate, facilitating the adoption of modern authentication protocols such as SAML, OAuth, and OIDC. His technical leadership extended to configuring and optimizing IAM products like PingFederate, PingAccess, and PingID while managing a skilled team focused on delivering scalable and secure identity solutions. Before Capital One, Harsha worked as a Senior System Administrator at IQsoft, where he gained hands-on experience in system administration, automation, and security best practices. He holds prestigious certifications, including AWS Certified Solutions Architect – Professional and Certified Information Security Manager (CISM), further solidifying his expertise in cloud security, IT governance, and risk management. Beyond his professional work, Harsha contributes to academia as a researcher on Academia.edu, focusing on science and technology advancements. His technical skills include expertise in UNIX shell scripting, WLST scripting, WebLogic administration, performance tuning, and troubleshooting issues related to memory leaks, JVM heap size adjustments, and garbage collection optimization. With a strong background in enterprise security, cloud IAM, and infrastructure automation, Harsha Kendyala continues to be a driving force in the field of identity and access management, making significant contributions to securing digital ecosystems and advancing authentication frameworks in enterprise environments.
Skills & Expertise
Cyber Security
Linux
Windows 9x/XP
IAM
SOC
Cybersecurity
WebLogic
MFA
OAuth
Cloud Security
Authentication Protocols
IT Governance
Web Logic Server
Information Risk
Security Controls
Hybrid cloud
Multi-Cloud Cybersecurity
Transmit Security
Forgerock
Single Sign-On (SSO)
PingID
Ping Identity
OpenID
WebLogic. Admin
Weblogic.Deployer
Jboss
Apache tomcat 6.0.
Sun Solaris 8/10
Research Interests
Cybersecurity
Performance Tuning
Cloud Security
Security
Enterprise Architecture
Multi-Factor Authentication
IT Governance
Identity and Access Management
Inbound/Outbound Federation
SSO Migration
Adaptive Authentication
API Security
Cross-Domain Single Sign-On
Infrastructure Automation
Garbage Collection Optimization
Enterprise Authentication
Production Support
Outage management
incident/problem management.
Connect With Me
Experience
Vice President of Software Engineering
- Leadership in Global Identity & Access Management (CIAM): Directed and managed the Customer Authentication platform, ensuring secure and seamless user experiences across global operations. Technical Leadership for PingFederate & Transmit Security: Served as the Subject Matter Expert (SME) and technical lead for PingFederate and Transmit Security, driving innovation and operational excellence. Product and Team Management: Led the management and development of teams and security products to ensure robust identity and access solutions. Application Migration to PingFederate: Successfully migrated applications from legacy systems like SiteMinder to modern solutions with PingFederate, enhancing security and efficiency. Successful Data Center Migration: Spearheaded the successful migration of critical systems to a new data center, ensuring minimal downtime and enhanced performance. AWS Cloud Migration Expertise: Directed and completed a smooth migration to AWS, leveraging cloud capabilities to enhance scalability and security. Custom Security Solutions Development: Designed and implemented custom solutions to transition from legacy authentication patterns to modern protocols, including SAML, OAuth, and OpenID Connect (OIDC). • Strategic Management and Platform Ownership: • Managed the Authentication Everywhere Platform, delivering robust Customer Identity & Access Management (CIAM) solutions to support global business operations. • Directed the Authentication Security Token Service (ASTS) and Non-Worker Authentication Service (NWAS) Delivery/Engineering teams, providing technical leadership and ensuring high-quality outcomes. • Designed and implemented scalable identity federation solutions using PingFederate and Transmit Security, aligning with organizational objectives and industry standards. • Technical Leadership in Authentication Solutions: • Defined and executed the overall technical design, development, and deployment of authentication solutions for the AUTHE platform, addressing enterprise-wide security needs. • Delivered seamless deployments of ASTS and NWAS from development to production environments, ensuring high availability and resilience. • Led architecture and protocol implementation for ASTS (PingFederate) and NWAS (Transmit Security), providing subject matter expertise in industry-leading authentication technologies. • Cloud Migration and Modernization Initiatives: • Successfully migrated SSO infrastructure from on-premise to AWS Cloud, enhancing scalability, resilience, and performance. • Migrated 80+ critical applications from SiteMinder to PingFederate, improving authentication processes and compliance adherence. • Innovative Adaptive Authentication Solutions: • Integrated PingFederate with ForgeRock and Transmit Security for adaptive authentication, leveraging risk-based assessment frameworks. • Designed and developed custom ForgeRock and Transmit journeys tailored to organizational risk assessment models. • Delivered OAuth solutions using two-legged and three-legged patterns, enabling secure API access for external clients. • Custom Solutions and High Availability Architecture: • Designed and implemented custom inbound federation adapters, custom data stores, and custom PCVs for PingFederate, supporting unique enterprise needs. • Expanded PingFederate clusters with sub-clustering and adaptive clustering for Line of Business (LOB) requirements, ensuring high availability and optimal performance. • Automated deployments and upgrades of PingFederate across 100+ servers in diverse clusters, significantly reducing operational overhead. • Advanced Protocol Expertise and Integrations: • Expertise in OAuth protocols, including Authorization Code, Client Credentials, Resource Owner Credentials, PKCE, and JWT Bearer Assertion Grant. • Developed solutions for OAuth token translation for legacy systems, enabling seamless integration between SiteMinder, Legacy IDP, and PingFederate. • Customized OpenID Connect (OIDC) solutions to support external client authentication and internal API access. • Strategic Engagement and Vendor Collaboration: • Represented JPMC in commercial licensing negotiations with vendors like Ping Identity and Transmit Security, advocating for organizational needs and driving cost-effective outcomes. • Led technical sessions with auditors and regulators, ensuring compliance with cybersecurity standards and resiliency requirements. • Identity Store Migration and Decommissioning: • Directed the migration of legacy identity stores to Active Directory Lightweight Directory Services (ADLDS), decommissioning outdated systems while maintaining operational integrity. • Managed end-to-end planning and execution, including data and entitlement migration, application onboarding, and compliance assurance. • Business Alignment and Stakeholder Collaboration: • Collaborated with business, product, and program teams to align IAM initiatives with organizational roadmaps and strategic goals. • Participated in technical demos and business presentations, showcasing the value and impact of IAM solutions on enterprise security and efficiency. • Key Project Achievements: • Migrated and onboarded over 400 applications to modern IAM solutions, significantly enhancing the enterprise's security posture. • Successfully upgraded PingFederate and PingAccess across multiple versions, ensuring compatibility with evolving security requirements. • Innovation in Monitoring and Automation: • Deployed comprehensive monitoring solutions for PingFederate environments using tools like FluentD, Logstash, NewRelic, Datadog, and Kibana. • Automated the deployment of Transmit Security and ForgeRock in on-premise and AWS environments, streamlining operations and reducing manual interventions.
Senior Technical Lead
Education
University of Illinois System (UIS)
Jawaharlal Nehru Technological University, Hyderabad (JNTUH)
Conferences & Seminars (1)
Zero Trust Architectures for Enhanced Enterprise Security
Zero Trust Architecture is the new paradigm of enterprise security. This challenges the perimeterbased defense strategy. The older models, where trust was vested in the user or the device within the
network boundary, are failing in an era where cloud computing is rapidly being adopted and remote
work environments and mobile devices are gaining ground. Zero Trust works on the philosophy of
"never trust, always verify," whereby every access request must be continually authenticated,
authorized, and validated by dynamic policies before access is allowed to any resource. Such a
methodology uses a series of critical technologies and procedures, like MFA, IAM, microsegmentation, and continuous monitoring of user activity and device integrity.
Certificates & Licenses (1)
AWS Certified Solutions Architect – Professional
Publications (1)
The proliferation of cloud services has transformed enterprise IT landscapes, leading to a growing need for efficient Single Sign-On (SSO) integration across multi-cloud architectures. This paper expl...
dd