SUMMARY

• Enterprise Cloud Security SME - Complexity Scientist - Action Researcher - Quantum Computing Developer
• Augmented Intelligence Designer - ISO Certified EU General Data Protection Regulation Practitioner (GDPR P/GDPR F)
• Certified Ethical Hacker - Computer Hacking Forensic Investigator

PROFILE SUMMARY

• 31 years developer 27 years Datacentric developer 27 Years Trainer and Curriculum Developer 23 Years Project Manager experience Patent Developer and Patent Holder All project Manager positions held did include Chief/Enterprise Architect Role 11 years MSF Methodologist .NET 15 years (.NET 2.0/.NET 3.x/Net 4.x) C# 15 years 6 Years AS/400 experience 6 Years Mobile Device Development experience 8 Years IBM SNA/SAA Architecture experience 5 Years developer experience 18 Years UNIX (Linux/Ubuntu/Apache/AIX/Solaris/Silicon Graphics/SCO) 7 Years java SOA 12 Years COA 2 Years SQL > 20 years MSDN WinCE 5.0 Certified Doctorate in Business Administration (Complexity Scientist/Action Researcher)

EXECUTIVE SUMMARY

• I work since 6 years on a daily basis with Windows Azure/Cloud Hybrids and have practical experience on the same as Azure Solution Architect.
• I hold a Professional Developer certification for Azure: “PRO: Designing and Developing Windows Azure Applications”
• My business holds the Windows Azure Competency as Confidential Solution Provider for 6 consecutive years
• Daily work experience with Confidential Data Center Technology (Azure)

SECURITY ARCHITECT EXPERIENCE

• Architecture/Design/Detailed Design and Implementation of an ISMS (Information Security Management System) to comply with ISO/IEC 27001 and achieve System Accreditation in the EU for compliance with the EU Data Protection Law 2003 and Nevada Gambling Law.
• Architecture/Design/Implementation for Product certification to comply with ISO/IEC 15048.
• This Security Certificate confirms the results of testing according to the CC/ITSEC.
• Architecture/Design/Implementation to comply with SAS70, the Statement of Auditing Standards (SAS) number 70.
• SAS70 is an auditing standard developed by the American Institute of Certified Public Accountants.
• Architecture/Design/Implementation for compliance with Control Objectives for Information and related Technology (COBIT) to provide objective security standards, currently lacking in SAS 70.
• Compliance with Confidential requirements (ITSEC) and establish an ISMS (27001:2005/27002)
• Source Code Analysis of existing code for compliance with Sarbanes-Oxley and HIPPA
• Responsible for Security Architecture and Security Modeling as well as actual Security Implementation for Confidential Applications (www. Confidential .org)
• Definition and Implementation of Technical Controls for compliance with Sarbanes-Oxley.
• Confidential USA / Confidential: “How to write secure code” Security Architecture for Confidential ’s Security Department.
• Team Lead for international SME for .NET and pre. .NET Security. Curriculum and Course Development for Confidential ’s Security Department for Confidential ’s internal staff education.
• Web Services Security for .NET & IBM Websphere, Security Architecture Sessions for Architects at Confidential /Atlanta.
• Web Services Security Specifications/Platform independent Security Architecture via SAML and WSE 2.0.

SCIENCE/RESEARCH EXPERIENCE

Confidential

Doctorate Business Administration

Responsibilities:

• Constraint satisfaction paradigm in BigData (Azure HDINSIGHT/ Hadoop)
• Primal Constraint Graphs practical application development for online storages (MapReduce/Graph Databases)
• Structure-driven algorithms (tree-clustering) depicting constraint networks as graphs
• Design of belief networks via directed acyclic graph over nodes
• BigData Search - BigData BI: Complexity theory, database theory and graph theory (Trinity/Neo4j/HypergraphDB)
• Cloud Bigdata: PolyBase technology & Confidential Analytics Platform (formerly known as the Parallel Data Warehouse appliance, or PDW).
• Clustering of warehouse and Hadoop servers in same appliance.
• Simplification of big data queries for relational and nonrelational data with T-SQL queries across PolyBase Hadoop/SQL 2012.
• Solution development: Quipper (Haskell), QCL, F# v3.1, C#, Cloud Foundry, Azure & Office 365 E3/E4 integration

PROFESSIONAL SUMMARY

Confidential - Deerfield, IL

Global Security Principal Architect, Deerfield, IL

Responsibilities:

• Global iPaaS (integration Platform as a Service) strategy chief architect Azure Security Stack Google Cloud Security Stack IBM SoftLayer AWS
• Transition of Confidential global on-premise into Multi-Cloud/on premise iPaaS (integration Platform as a Service) processes
• In charge for Confidential Global Security Architecture determination to handle hundreds of millions of data in Hybrid/Multi Cloud.
• Definition of processes, best practices and technical private compliant controls covering PCI DDD v3.2, ISO/IEC 2, HIPAA, EU-GDPR, EU ENISA- IAF, AICPA SOC 2, FedRAMP and ISO/IEC

Confidential - Tampa, FL

Enterprise Information Security Cloud Architect Tampa, FL

Responsibilities:

• Leads project teams to ensure technical quality of security-focused deliverables and adherence to security standards, governance and controls practices
• Conduct technical research to setting direction and strategy
• Works with teams to evolve legacy products to adherence to Enterprise Information Security Architecture (EISA)
• Actively contributes to and participates in the Architecture Steering Committee, Application Architecture Council and appropriate architecture roundtable meetings
• Provides technical guidance to cross-functional application development teams
• Contributes to the technology strategy, Confidential, requirements, and solutions for enterprise initiatives
• Designs, develops, and implements new security technologies as necessary to support business and technology solutions
• Integration of O365 and non-Azure (AWS) into ARM (Azure 2.0) Azure Active Directory Application Proxy envrionments for Hybrid production environment for ~50k Company owned and Confidential users Cloud Power BI Architecture in Azure/O365 design/architecture/implementation
• WFE Cluster, Power BI Back End Cluster
• Data Storage Architecture, Tenant Creation
• Datacenters and Locales, User Authentication
• Authentication Sequence, Data Storage and Movement Data at rest
• Dataset, Reports, Dashboards and Dashboard Tiles
• Data Transiently Stored on Non-Volatile Devices Datasets Data in process User Authentication to Data Sources Power BI and ExpressRoute Power BI Security
• Architecture, Design, and detailed design for Azure Information Protection (AIP) classification, labeling, and protection of documents and emails.
• Global/regional regulatory compliance design for data protection and forensic via Azure Rights Management service (ARM)
• Deployment of Azure Rights Management connector in hybrid scenarios for Office 365 (SharePoint, Exchange, File Server) in U.S., EU, Singapore Azure Datacenter

Confidential - Miami, FL

Azure Infrastructure and Mobile Device Integration

Responsibilities:

• Azure Security or internationalization of Mobile Access patterns
• Automation of DevOp envrionemnt
• Definition and Implementation of 24/7 SOPs
• Integration of iOS and Android apps into Service Bus and Notification Hub environment
• Transformation of IaaS from Traditional Azure 1.0 towards ARM (Azure 2.0) for IaaS, PaaS components and integration of Confidential Azure AD Domain Services and upgraded VM v 2.0.

Confidential - Seattle, WA

Global Cloud Security Architect

Responsibilities:

• Definition/Re-architecturing of ≥ 15K VM on-premise 3-tier Architecture into multi cloud (Google/AWS/Azure)
• Definition of Governance and Auditing standards for PaaS/SaaS
• Integration of Confidential Action Methodology for Enterprise Systems) to transform project interactions and reduce project failure

Confidential - Houston, TX

Global Lead Cloud Architect

Responsibilities:

• Definition of uniquely powerful data service standard & interoperability framework service for the global energy industry sector
• Architecting a cloud technical solution as advancing energy industry standard
• Enable global access from many organizations, distributed deployment, with elasticity to scale up and down as cloud technology, while still providing the level of security expected by global energy companies
• Establish a clear runway to support the roadmaps
• Build global Hybrid (on-premise & cloud) systems
• Grow internal knowledge and experience in building cloud-based solutions
• Single Sign up (multiplicity of SSOs) for User Identity, Application-to-Application and Data Identity for the Confidential & Gas industry for on-premise, mobile and cloud infrastructures
• SharePoint claims authentication Upgrade & Cloud integration
• Infrastructure optimization via Chef, Powershell
• Office 365 E3 integration

Confidential - Chicago, IL

Identity & Access Revamp into Cloud Identities Chicago, IL

Responsibilities:

• Current State and Capability Maturity Architecture
• Conducting a current state assessment of an Confidential ’s IAM capabilities leveraging an IAM capability maturity model.
• Future State and Roadmap
• IAM Roadmap and Strategy M
• Identity and Access Intelligence
• Enabling Business Through Cloud-Based IAM
• Detailed design to move into Multitenant Confidential Azure Active Directory
• SharePoint claims authentication Upgrade & Cloud integration

Confidential - Philadelphia, PA

Internet Scale Architect/ Access Manager

Responsibilities:

• Architecture, Desing, Development and Prototyping of multitenant access management for Cloud Security and Cloud Secure Coding Guidelines for transitioning of 1 milion user for planetary access utilizing Confidential globaly distributed logon infrastructure for authentication/authorization of:
• User, Applications, Devices, Cloud (private), Cloud (public: Confidential, Salesforce, Confidential ), Mobile and Confidential .
• Infrastructure Design & automation via Chef, Powershell & Puppet
• Windows Azure Multi-Factor Authentication Server Mobile App Web Service for Windows Store, Windows Phone, Windows Store, Xamarin iOS
• Xamarin Android, Android HTML, PhoneGap Sencha, Appcelerator
• Using WAMS with iOS/Android devices utilizing Apple Push Notification Services (APNS)/Google Cloud Messaging (GCM )
• Multiple SharePoint, Office 365 E3 claims authentication Upgrade & Cloud integration
• Use the iOS client library for Mobile Services, Creation, Mobile Services client
• Table references, Query data from a mobile service
• Filter returned data, Using the MSQuery object, Sorting returned data, Returning data in pages
• Limiting the returned fields, Specifying additional querystring parameters
• Insert data into a mobile service, Modify data in a mobile service, Authenticate users
• Server-managed login, Client-managed login (single sign-on)
• Cache authentication tokens, Handle errors
• Global Data Privacy Compliance via OS Customization (PaaS/SaaS) - Azure OS programming
• C# coding: Auto scale - Constant-time performance, irrespective of the size for SAML1.0, SAML 2.0, OAuth2, SWT, JWT, Federated and Claims authentication and authorization
• Confidential Forefront Identity Manager 2010 R2 (FIM 2010 R2)
• C#: Generic LDAP and WaaD connector for Forefront Identity Manager
• Forefront Identity Manager Connector for Windows Azure Active Directory (WAAD)
• Declarative and non-declarative attribute flows to transition 750K user from LDAP v3 into WAAD
• Creation of Hadoop, Mahout, Neo4j, Azure Table and Cassandra Cluster on Windows Azure
• Deployment of multiple Cassandra instances in the same Windows Azure Cloud Service

Confidential, Austin, TX

Internet Scale Architect

Responsibilities:

• Desing and development of Cloud Security and Cloud Secure Coding Guidelines for transitioning of 750k User from classic Mainframe-Client/Server into C# COA Secured Data and Process security
• Consolidiation of scattered SSO islands (Oracle Identity Federation (OIM/OIA/OAM), LDAP, RACF PassTicket, ADFS, SAP Enterprise DUETT 2.0 (OAuth 2.0)) into HTTP Identities for Applications
• SharePoint claims authentication Upgrade & Cloud integration
• Architecture and Design an ITSEC Security Assurance level E3/CC Assurance level EAL4 & PCI DSS comparable cloud solution hosting an appropriate combination of assurance components in Confidential Windows Azure
• ISO/IEC Certification for Application Security according to ISO Standard 15048, ISO/IEC 27304 Application Security and ISO/IEC 27001/2/3 for Cloud
• Desing and development of .NET Security and .net Secure Coding Guidelines
• Revamp from Mainframe/Java into MS Windows Azure Cloud Access Control Security (ACS) & OAuth 2.0 via custom C# applications
• Revamp of device based security into .NET/Cloud/Azure Hybrid security solutions
• Decomissioning of COBOL and Mainframe functionality into COA (Cloud oriented Architecture) for Applications, Data via Internet Serice Bus (ISB), REST API and C# (.Net 4.5)
• SAML, SWT, JWT and OAuth2/OData C# coding guidelines to establish data privacy law compliant identity management
• Mentoring and Training of ≥ 18 staff developers in ISO ISO/IEC 27304 and HIPAA HITECH compliant Application Security
• Cloud based Labs for 24/7 access for mentored staff utilizing Job uploading from Portal for HTML5 playback and console apps using the Media Services SDK that uploads, encodes, and streams videos programmatically. Monetization/Billing via Confidential Media Platform Player Framework for the client on a pay as you go schema
• Transitioning of Mainframe/Jave/.NET workflows into C# Azure
• BIG DATA collective intelligence and predictive analysis via HDInsight: Windows Azure + Hadoop.
• Transition of classic SQL data into NoSQL Azure Table/Blob/Queue - Cassandra
• Responsible for designing, installing, implementing and maintaining NoSQL Azure Table/Blob/Queue
• Cassandra based applications and assisting next level management in application evaluation and platform performance metrics.
• Responsible for engineering, capacity planning, support the creation and the enhancement/maintenance of NoSQL Azure Table/Blob/Queue - Cassandra solution.
• Implementation of SQL Server Hadoop Connector to SQL Server 2012
• Using the SQL SERVER 2012 Hive ODBC Driver as HIVE data warehousing system on top of HDFS as query mechanisms to the underlying HDFS data
• Using sqoop-based connector for data transfer between SQL Server and Hadoop
• Creation of Linked Server in a SQL Server instance using Hive ODBC driver for consume through OLE DB for ODBC
• Implementing Confidential 's Self-Service Business Intelligence Tools via Power View and SQL Server 2012 Reporting Services Service Pack 1 Add-in for Confidential SharePoint Server 2013 Enterprise Edition

Confidential, Raleigh, NC

SharePoint Architect

Responsibilities:

• Statewide Re-Architecting from on-premise SharePoint 2010/FAST towards cloud
• Identity management revamp from classic Windows/Claims/Kerberos upgrade from VMware vCloud Director 5.5 to
• Confidential Virtualization products (Hyper-V / Windows Azure) towards C# OAuth2 / S2S / SharePoint 2013 - Azure ACS (Cloud Identity Management)
• Single Sign On (SSO) across SharePoint, Office 365, Azure and on premise ADFS 2.x
• Best Practice for cloud connectivity via AppFabric Service Bus
• Access control, naming, service registry, messaging, and connectivity services at Internet scale.
• Implementation of Confidential ’s Enterprise Asset Management (EAM) Life Cycle System for Office 365, Windows Azure Active Directory
• VPN-VPN connection: Site-to-Site Cross, Point to - Site, RRAS
• Revamp from MIIS 2008, Forefront Identity Manager 2010 R2, Forefront Identity Manager 2010 R2 Oracle Identity Federation (OIM/OIA/OAM), LDAP into Internet Service Bus and ACS
• Hybrid implementation of IaaS, PaaS and SaaS (Office 365) across on-premises and cloud application through relay service (Salesforce/ Confidential )
• Building a large scale Managed Metadata Farm in Azure Data Centers
• Data Center Consolidation and Migration to HybridCloud (HyC) & Hyper-V Managed Data Center
• Programming with the AppFabric Service Bus

Confidential

MIInternet Scale Architect

Responsibilities:

• SOA: Virtual Platform Strategy
• Cloud-Oriented Architecture (COA)
• AppFabric: Access Control Service
• Protoyping of Enterprise Naming Scheme, Interface Contracts,Security and access controls
• SQL Server 2012 / Azure SQL Server / Windows Server 2012 / Azure Store
• Application Architecture
• Host environment
• Consumer environment
• Middleware
• Integration of WCF Services and SharePoint
• Enterprise Service Bus
• Integration and assembly environment
• Design of public/private namespaces around SharePoint and Azure services
• Technical Design Strategy
• Something-as-a-Service paradigm across Data Center
• Enterprise Design policies, practices, and frameworks provider and consumer processes
• C# implementation for SAML authentication across all farms
• Integration of Intranet Applications via SAML approach
• Enterprise Virtual Records Center (EVR) (≥60 Million documents)
• Migration to external sources for FAST & SharePoint Search
• TOGAF & Platform specific standards
• Building Scalable Multi-tenant Applications
• Metadata sharing between SharePoint and Azure (cloud)
• Prototyping of Metadata sharing between Cloud and on-premise & Autonomy/Open text
• SharePoint Tiered Service Offerings (STSO)
• STSO Design Guideline
• Virtualization of Local storage/BLOB Storage in SharePoint Solutions
• Hybrid solution development for SQL/Azure (cloud)/SharePoint 2010 Business Intelligence
• C# Prototyping of Azure (cloud) Service Bus with SharePoint
• Integration of on premise & Azure (cloud) WCF Services in SharePoint and Office
• Complex event processing
• Analytics and insight into a set of existing data to inform future decision making
• Securing SharePoint and Azure (cloud) Solutions (ITSEC E5)
• Azure (cloud) based access control architecture (ITSEC E6 - PCI DSS 2.0)
• IA for Office (365) Online sites
• Cloud Identity User Accounts for Office 365

Confidential

Internet Scale SharePoint & Cloud Architect

Responsibilities:

• Global Technology Planning for Migration from Lotus Notes to SharePoint and Cloud
• 160K user intranet & 600K user extranet
• In country build (data) requirements
• Global Data Privacy compliance
• Authentication/Authorization revamp to claims based STS
• SharePoint Access Control Architecture (global entitlement) SOA:
• Something-as-a-Service paradigm across global Data Center
• Design of cloud ecosystem / interconnected services
• Exchange data and share processes between Share Point Service Application and Azure COA (SOA)
• Redesign of classic SOA connectivity into hybrid application across both on-premises and the cloud.
• SOA & COA secure messaging and connectivity in compliance with ITSEC E6
• Prototyping of Azure Service Bus with SharePoint
• Decoupling monolithic data-centric and client centric business logic code into SOA-COA application logic
• Securing SharePoint and Azure Solutions
• Technical control design for compliance with 2700x/ITSEC/SAS70/PCI DSS

Confidential

Internet Scale SharePoint- Cloud Architect

Responsibilities:

• Consumption of public/private Data repositories in compliance with global security/data privacy laws
• Training of global staff in Advanced Web Part Development
• Virtualization of Local storage/BLOB Storage in SharePoint Solutions
• C# Hybrid solution development for SQL/Azure/SharePoint 2010 Business Intelligence
• Prototyping of Azure Service Bus with SharePoint
• Integration of on premise & Azure WCF Services in SharePoint and Office
• Securing SharePoint and Azure Solutions (ITSEC E5 (PCI DSS))
• EA PEAF Processes

Confidential

Inntert Scale Web Architectural Advisor, Boston, MA

Responsibilities:

• Technology Planning
• Architecture and Implementation Governance
• Platform upgrades SharePoint2007 to SharePoint 2010
• New Installation
• Prepare organizations for Platform Services implementation on SharePoint Server 2010
• Prepare organizations for SharePoint and Windows Azure Hybrid Scenarios
• Assess current SharePoint 2007 environment and/or environment upgrade requirements
• Provide architectural guidance in designing a single or multi-farm solution and procedural guidance for how to plan the environment and implementation of SharePoint 2010 platform and
• Establish Proof of Concept (POC) lab environment to validate proof points
• Informal knowledge transfer for Customer’s staff working alongside Confidential staff