Kal Biswas, Developer in Maidenhead, United Kingdom
Kal is available for hire
Hire Kal

Kal Biswas

Verified Expert  in Engineering

Solutions Architect and Developer

Maidenhead, United Kingdom

Toptal member since October 12, 2022

Bio

Kal is an architect with 28+ years of experience in a broad spectrum of technologies, including information security and identity and access governance and management domains. He has profound skills in identity as a service (IDaaS), protocols for federated identity such as OIDC and SAML, and biometric multi-factor authentication. Kal also specializes in next-gen technologies, verifiable credentials, self-sovereign identity, DevOps, IaC, and CI/CD patterns.

Portfolio

Keyless
OpenID Connect (OIDC), SAML-auth, Xcode, iOS, Node.js, AWS, Azure Design...
DXC Technology
OpenID Connect (OIDC), SAML, TOGAF, COBIT, Confluence, Jira, Azure Design, AWS...
Self-employed
AWS, SAML, OpenID Connect (OIDC), DB2, LDAP, Web Development...

Experience

Availability

Full-time

Preferred Environment

Linux, MacOS, Visual Studio Code (VS Code), Xcode, Docker Compose, Kubernetes, MongoDB, Amazon Web Services (AWS), Azure, Okta

The most amazing...

...thing I've run is a POC to secure a tax portal for a European government covering 20 million tax-paying entities, simulating a peak load of 20,000 sessions.

Work Experience

Senior Solutions Architect

2021 - 2022
Keyless
  • Integrated and documented Keyless biometric MFA solution for Salesforce and a host of IDaaS vendors: PingOne, ForgeRock Identity Cloud, OneLogin, Amazon Cognito, and Auth0.
  • Created public documentation and instructional videos about Keyless solutions.
  • Ran multiple projects to integrate Keyless MFA solutions to customer applications using mobile SDK for iOS and Android and OIDC and SAML protocols.
Technologies: OpenID Connect (OIDC), SAML-auth, Xcode, iOS, Node.js, AWS, Azure Design, DevOps, Kubernetes, TOGAF, Amazon Cognito, IT Security, SSO Engineering, Swift 5, Multi-factor Authentication (MFA), Security, Agile DevOps, Identity & Access Management (IAM), Confluence, Duo, Active Directory Federation, OAuth, System Security, Active Directory Synchronization, System Security, System Security, Mobile App Security, Web Application Architecture, Authentication, iOS Authentication, React Native, Cloud Engineering, APIs, Cloud Architecture, DevSecOps

Advisor Solution Architect

2020 - 2021
DXC Technology
  • Implemented MFA for a bank in the UK to enable access via Cisco AnyConnect VPN.
  • Contributed to a solution architecture proposal that was part of an RFI response for a government client to leverage verifiable credentials and SSI technologies for citizens' access.
  • Delivered a cyber maturity review for a client in the defense industry and privileged access to IT resources for employees.
  • Played a key role in building an IDaaS solution for workforce IAM for a client in the insurance industry.
  • Contributed to an identity governance solution leveraging SailPoint IdentityIQ for a client in the defense industry.
Technologies: OpenID Connect (OIDC), SAML, TOGAF, COBIT, Confluence, Jira, Azure Design, AWS, Agile DevOps, OKTA, SailPoint, Jupyter Notebook, Security, Identity & Access Management (IAM), SSO Engineering, OAuth, System Security, Active Directory Synchronization, Architecture, Security Architecture, System Security, Web Application Architecture, RADIUS, Application Security, Cybersecurity, Cloud Architecture, DevSecOps, Active Directory (AD)

Architect

2015 - 2020
Self-employed
  • Migrated an on-premise CIAM solution to an insurance client's virtual appliance-based infrastructure.
  • Delivered an access management solution, workforce IAM, for a major client in the transportation sector, leveraging the IBM Access Management suite of products.
  • Migrated workforce IAM to IDaaS solution in Okta for a client in the insurance industry.
Technologies: AWS, SAML, OpenID Connect (OIDC), DB2, LDAP, Web Development, IBM Tivoli Access Manager (TAM), Identity & Access Management (IAM), TOGAF, COBIT, Multi-factor Authentication (MFA), Security, Swift 5, Agile DevOps, Confluence, SSO Engineering, OAuth, System Security, Web Application Architecture, System Security, Web Application Firewall (WAF), Authentication, Cloud Engineering, APIs, Objective-C, Application Security, Cybersecurity, Cloud Architecture

Senior Solutions Architect

2012 - 2014
RSA
  • Oversaw the architecture and deployment of an identity governance solution for a bank in Belgium, starting from a proof of concept and pilot-to-production rollout using Aveksa and RSA Identity Governance products.
  • Contributed to an identity governance solution for a bank in Germany.
  • Worked actively on an identity governance solution for a pension fund in the Netherlands.
Technologies: LDAP, Oracle Development, Aveksa, Web Development, JBoss, MuleSoft, TOGAF, COBIT, Security, Identity & Access Management (IAM), Security Architecture, Data Science, Cloud Engineering, Authentication, APIs, Cybersecurity, Application Security

Senior Consultant and Architect

1998 - 2012
IBM
  • Used the federated identity manager to work with early users of identity federation protocols SAML, WS-Federation, WS-Trust, and OpenID.
  • Contributed to access management and CIAM solutions for a few major European banks based in Belgium, Norway, Denmark, Spain, Sweden, Germany, and Turkey.
  • Built an identity provisioning and management solution on the IBM Security Identity Manager product suite for a few European customers from Denmark, the UK, Belgium, Turkey, and Spain.
Technologies: IBM Tivoli Access Manager (TAM), IBM Tivoli Identity Manager (TIM), DB2, IBM DataPower, IBM WebSEAL, Web Development, Java, Enterprise Java Beans (EJB), TOGAF, COBIT, SSO Engineering, SAML, Multi-factor Authentication (MFA), Security, Identity & Access Management (IAM), Active Directory Federation, OAuth, System Security, Security Architecture, System Security, Web Application Architecture, RADIUS, Web Application Firewall (WAF), Database, Data Security, Authentication, Cloud Engineering, APIs, C++98, C++, Cybersecurity, Application Security, System Security, Active Directory (AD)

Passwordless Biometric MFA for Salesforce

https://docs.keyless.io/workforce/identity-and-access-management/salesforce
Earlier in 2022, the Salesforce platform made it mandatory to enforce multi-factor authentication to access the Salesforce portal. This solution was built to showcase how passwordless authentication technology from Keyless that is used to provide Salesforce users with a frictionless authentication experience. Keyless performed biometric authentication using facial recognition technologies. This specific solution was built using a SAML identity provider to send SAML assertion to Salesforce about a successful biometric authentication performed on the Keyless platform, i.e., Keyless mobile authenticator and its back-end SAML identity provider service.

Biometric Passwordless Authentication for Gaming Industry

It provides the ability to perform facial recognition-based biometric authentication to a mobile (iOS and Android) gaming platform to reduce friction without compromising security, enhancing security posture using a mobile SDK.

Identity Broker Implementation

An identity broker solution to authenticate users across multiple identity providers to authenticate applications that traverse multiple host organizations leveraging identity federation protocols SAML and OIDC implemented on top of Auth0.
1997 - 1998

Master's Degree in Computer Science

Johns Hopkins University - Baltimore, MD, USA

1990 - 1992

Master's Degree in Business Administration, Information Systems, and Manufacturing

Indian Institute of Management - Ahmedabad, India

1986 - 1990

Bachelor's Degree in Computer Science

Indian Institute of Technology Bombay - Mumbai, India

NOVEMBER 2023 - PRESENT

AWS Certified SysOps Administrator

Amazon Web Services

OCTOBER 2023 - PRESENT

Certified Calico Operator: Level 1

Tigera

JULY 2023 - JULY 2026

AWS Certified Security - Specialty

Amazon Web Services

MAY 2023 - MAY 2026

AWS Certified Developer – Associate

Amazon Web Services Training and Certification

MARCH 2023 - MARCH 2026

AWS Certified Solutions Architect – Associate

Amazon Web Services Training and Certification

Libraries/APIs

Node.js, RADIUS, Auth0 API, Auth0 Management API v2

Tools

IBM WebSEAL, Docker Compose, Xcode, Confluence, Jira, SailPoint, IBM DataPower, Amazon Cognito, Auth0, AWS IAM

Languages

SAML, C++98, C, Java, Swift 5, Objective-C, C++

Paradigms

Web Application Architecture, DevOps, DevSecOps, Object-oriented Programming

Industry Expertise

Cybersecurity

Frameworks

OAuth, iOS, TOGAF, COBIT, React Native

Platforms

AWS, Azure Design, Linux, MacOS, Visual Studio Development, Kubernetes, Web Development, Jupyter Notebook, JBoss, MuleSoft, Duo, AWS Lambda, iOS

Storage

MongoDB, Database, DB2, Oracle Development, Database, Azure

Other

OKTA, OpenID Connect (OIDC), SAML-auth, LDAP, IBM Tivoli Access Manager (TAM), Identity & Access Management (IAM), Security, SSO Engineering, Multi-factor Authentication (MFA), System Security, Security Architecture, Application Security, IT Security, Architecture, Cloud Architecture, Active Directory (AD), Distributed Software, Decision Support Systems, Freelance Programming, Agile DevOps, Aveksa, IBM Tivoli Identity Manager (TIM), Enterprise Java Beans (EJB), Active Directory Federation, Active Directory Synchronization, System Security, System Security, Mobile App Security, Web Application Firewall (WAF), Data Security, Data Science, Authentication, iOS Authentication, Cloud Engineering, APIs, System Security, Project Calico, AWS IAM Identity Center, AWS Managed Microsoft AD

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring