Kal Biswas, Developer in Maidenhead, United Kingdom
Kal is available for hire
Hire Kal

Kal Biswas

Verified Expert  in Engineering

Solutions Architect and Developer

Location
Maidenhead, United Kingdom
Toptal Member Since
October 12, 2022

Kal is an architect with 28+ years of experience in a broad spectrum of technologies, including information security and identity and access governance and management domains. He has profound skills in identity as a service (IDaaS), protocols for federated identity such as OIDC and SAML, and biometric multi-factor authentication. Kal also specializes in next-gen technologies, verifiable credentials, self-sovereign identity, DevOps, IaC, and CI/CD patterns.

Portfolio

Keyless
OpenID Connect (OIDC), SAML-auth, Xcode, iOS SDK, Node.js...
DXC Technology
OpenID Connect (OIDC), SAML, TOGAF, COBIT, Confluence, Jira, Azure...
Self-employed
Amazon Web Services (AWS), SAML, OpenID Connect (OIDC), IBM Db2, LDAP...

Experience

Availability

Part-time

Preferred Environment

Linux, MacOS, Visual Studio Code (VS Code), Xcode, Docker Compose, Kubernetes, MongoDB, Amazon Web Services (AWS), Azure, Okta

The most amazing...

...thing I've run is a POC to secure a tax portal for a European government covering 20 million tax-paying entities, simulating a peak load of 20,000 sessions.

Work Experience

Senior Solutions Architect

2021 - 2022
Keyless
  • Integrated and documented Keyless biometric MFA solution for Salesforce and a host of IDaaS vendors: PingOne, ForgeRock Identity Cloud, OneLogin, Amazon Cognito, and Auth0.
  • Created public documentation and instructional videos about Keyless solutions.
  • Ran multiple projects to integrate Keyless MFA solutions to customer applications using mobile SDK for iOS and Android and OIDC and SAML protocols.
Technologies: OpenID Connect (OIDC), SAML-auth, Xcode, iOS SDK, Node.js, Amazon Web Services (AWS), Azure, DevOps, Kubernetes, TOGAF, Amazon Cognito, IT Security, Single Sign-on (SSO), Swift 5, Multi-factor Authentication (MFA), Security, Agile DevOps, Identity & Access Management (IAM), Confluence, Duo, Active Directory Federation, OAuth 2, User Authentication, Active Directory Synchronization, Web Security, Web App Security, Mobile App Security, Web Application Architecture, Authentication, iOS Authentication, React Native, Cloud, APIs, Cloud Architecture, DevSecOps

Advisor Solution Architect

2020 - 2021
DXC Technology
  • Implemented MFA for a bank in the UK to enable access via Cisco AnyConnect VPN.
  • Contributed to a solution architecture proposal that was part of an RFI response for a government client to leverage verifiable credentials and SSI technologies for citizens' access.
  • Delivered a cyber maturity review for a client in the defense industry and privileged access to IT resources for employees.
  • Played a key role in building an IDaaS solution for workforce IAM for a client in the insurance industry.
  • Contributed to an identity governance solution leveraging SailPoint IdentityIQ for a client in the defense industry.
Technologies: OpenID Connect (OIDC), SAML, TOGAF, COBIT, Confluence, Jira, Azure, Amazon Web Services (AWS), Agile DevOps, Okta, SailPoint, Jupyter Notebook, Security, Identity & Access Management (IAM), Single Sign-on (SSO), OAuth 2, User Authentication, Active Directory Synchronization, Architecture, Security Architecture, Web App Security, Web Application Architecture, RADIUS, Application Security, Cybersecurity, Cloud Architecture, DevSecOps

Architect

2015 - 2020
Self-employed
  • Migrated an on-premise CIAM solution to an insurance client's virtual appliance-based infrastructure.
  • Delivered an access management solution, workforce IAM, for a major client in the transportation sector, leveraging the IBM Access Management suite of products.
  • Migrated workforce IAM to IDaaS solution in Okta for a client in the insurance industry.
Technologies: Amazon Web Services (AWS), SAML, OpenID Connect (OIDC), IBM Db2, LDAP, IBM WebSphere, IBM Tivoli Access Manager (TAM), Identity & Access Management (IAM), TOGAF, COBIT, Multi-factor Authentication (MFA), Security, Swift 5, Agile DevOps, Confluence, Single Sign-on (SSO), OAuth 2, User Authentication, Web Application Architecture, Web App Security, Web Application Firewall (WAF), Authentication, Cloud, APIs, Objective-C, Application Security, Cybersecurity, Cloud Architecture

Senior Solutions Architect

2012 - 2014
RSA
  • Oversaw the architecture and deployment of an identity governance solution for a bank in Belgium, starting from a proof of concept and pilot-to-production rollout using Aveksa and RSA Identity Governance products.
  • Contributed to an identity governance solution for a bank in Germany.
  • Worked actively on an identity governance solution for a pension fund in the Netherlands.
Technologies: LDAP, Oracle 9g, Aveksa, IBM WebSphere, JBoss, MuleSoft, TOGAF, COBIT, Security, Identity & Access Management (IAM), Security Architecture, Data Governance, Cloud, Authentication, APIs, Cybersecurity, Application Security

Senior Consultant and Architect

1998 - 2012
IBM
  • Used the federated identity manager to work with early users of identity federation protocols SAML, WS-Federation, WS-Trust, and OpenID.
  • Contributed to access management and CIAM solutions for a few major European banks based in Belgium, Norway, Denmark, Spain, Sweden, Germany, and Turkey.
  • Built an identity provisioning and management solution on the IBM Security Identity Manager product suite for a few European customers from Denmark, the UK, Belgium, Turkey, and Spain.
Technologies: IBM Tivoli Access Manager (TAM), IBM Tivoli Identity Manager (TIM), IBM Db2, IBM DataPower, IBM WebSEAL, IBM WebSphere, Java, Enterprise Java Beans (EJB), TOGAF, COBIT, Single Sign-on (SSO), SAML, Multi-factor Authentication (MFA), Security, Identity & Access Management (IAM), Active Directory Federation, OAuth 2, User Authentication, Security Architecture, Web App Security, Web Application Architecture, RADIUS, Web Application Firewall (WAF), Database Security, Data Security, Authentication, Cloud, APIs, C++98, C++, Cybersecurity, Application Security, PKI

Passwordless Biometric MFA for Salesforce

https://docs.keyless.io/workforce/identity-and-access-management/salesforce
Earlier in 2022, the Salesforce platform made it mandatory to enforce multi-factor authentication to access the Salesforce portal. This solution was built to showcase how passwordless authentication technology from Keyless that is used to provide Salesforce users with a frictionless authentication experience. Keyless performed biometric authentication using facial recognition technologies. This specific solution was built using a SAML identity provider to send SAML assertion to Salesforce about a successful biometric authentication performed on the Keyless platform, i.e., Keyless mobile authenticator and its back-end SAML identity provider service.

Biometric Passwordless Authentication for Gaming Industry

It provides the ability to perform facial recognition-based biometric authentication to a mobile (iOS and Android) gaming platform to reduce friction without compromising security, enhancing security posture using a mobile SDK.

Identity Broker Implementation

An identity broker solution to authenticate users across multiple identity providers to authenticate applications that traverse multiple host organizations leveraging identity federation protocols SAML and OIDC implemented on top of Auth0.
1997 - 1998

Master's Degree in Computer Science

Johns Hopkins University - Baltimore, MD, USA

1990 - 1992

Master's Degree in Business Administration, Information Systems, and Manufacturing

Indian Institute of Management - Ahmedabad, India

1986 - 1990

Bachelor's Degree in Computer Science

Indian Institute of Technology Bombay - Mumbai, India

NOVEMBER 2023 - PRESENT

AWS Certified SysOps Administrator

Amazon Web Services

OCTOBER 2023 - PRESENT

Certified Calico Operator: Level 1

Tigera

JULY 2023 - JULY 2026

AWS Certified Security - Specialty

Amazon Web Services

MAY 2023 - MAY 2026

AWS Certified Developer – Associate

Amazon Web Services Training and Certification

MARCH 2023 - MARCH 2026

AWS Certified Solutions Architect – Associate

Amazon Web Services Training and Certification

Libraries/APIs

Node.js, RADIUS, Auth0 API, Auth0 Management API v2

Tools

IBM WebSEAL, Docker Compose, Xcode, Confluence, Jira, SailPoint, IBM DataPower, Amazon Cognito, Auth0, AWS IAM

Languages

SAML, C++98, C, Java, Swift 5, Objective-C, C++

Industry Expertise

Cybersecurity

Paradigms

Web Application Architecture, DevOps, DevSecOps, Object-oriented Programming (OOP)

Storage

MongoDB, Databases, IBM Db2, Oracle 9g, Database Security, Azure Active Directory

Frameworks

OAuth 2, iOS SDK, TOGAF, COBIT, React Native

Platforms

Amazon Web Services (AWS), Azure, Linux, MacOS, Visual Studio Code (VS Code), Kubernetes, IBM WebSphere, Jupyter Notebook, JBoss, MuleSoft, Duo, AWS Lambda, iOS

Other

Okta, OpenID Connect (OIDC), SAML-auth, LDAP, IBM Tivoli Access Manager (TAM), Identity & Access Management (IAM), Security, Single Sign-on (SSO), Multi-factor Authentication (MFA), User Authentication, Security Architecture, Application Security, IT Security, Architecture, Cloud Architecture, Distributed Software, Decision Support Systems, Programming, Agile DevOps, Aveksa, IBM Tivoli Identity Manager (TIM), Enterprise Java Beans (EJB), Active Directory Federation, Active Directory Synchronization, Web Security, Web App Security, Mobile App Security, Web Application Firewall (WAF), Data Security, Data Governance, Authentication, iOS Authentication, Cloud, APIs, PKI, Project Calico, AWS IAM Identity Center, AWS Managed Microsoft AD

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring