Project Management Support, Metropolitan Transportation Authority


The Metropolitan Transportation Authority (MTA) is a public benefit corporation responsible for public transportation in the New York City metropolitan area of the U.S. state of New York. The MTA is the largest public transit authority in the United States, serving 12 counties in Downstate New York, along with two counties in southwestern Connecticut under contract to the Connecticut Department of Transportation, carrying over 11 million passengers on an average weekday systemwide, and over 850,000 vehicles on its seven toll bridges and two tunnels per weekday.

Project Scope

The client was looking for a vendor to develop and maintain the Enterprise-wide Identity Access Management (IAM) program. The vendor was required to perform activities related to securing and expanding the foundation to support the IAM operation for all MTA agencies Operational and Information Technology Networks.


V Group as a prime vendor was responsible for an architect, recommending solutions, supporting, maintaining, and developing the security infrastructure to support all MTA Agencies under a centralized Identity Access Management (IAM) System. We also provided administration and support of privileged access management (e.g., BeyondTrust Password Safe), two-factor authentication (e.g., Duo Security, Azure), and smart card (e.g., Yubikieys, Certificate, etc.) technologies. Our team provided administrative support for the MTA Enterprise-wide IAM and the associated systems and also assisted with validating requests connecting applications Lead the application integration requests into the IAM operation. V Group tested and recommended patches and upgrades related to the Directory infrastructure, tested and implemented advanced authentication methods, and coordinate maintenance on all associated IAM servers. We also established and maintained the approval workflows required for each connecting application and managed the web interfaces used for user logins and user password self-service systems. Apart from these below were the responsibilities of V Group as a prime vendor to provide the required support to MTA:

  • Assist with coordinating the build-out of IAM connectors to requested applications or systems.
  • Investigate and report back to management all issues and problems with published workflows.
  • Support and maintain the user password self-service systems.
  • Research and implement the upcoming technologies related to user authentication.
  • Assist with managing the login and access control lists (ACL), such as but not limited to:
  • Application Client, Single Sign-On, and Client Trust services.
  • Maintain production application(s) in a running state on a 24 hour, 7 days a week basis. Assist with the timely and appropriate conduct of all mandated Security related access certifications and audits.
  • Participate in all disaster recovery drills.


  • IAM
  • SAML 2.0
  • WsFed
  • Kerberos
  • Active Directory
  • LDAP

Word from Spearhead

Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos qui ratione voluptatem sequi nesciunt.