SUMMARY:

• Proven IAM Architect with over 10 years of experience in the design, test, and deployment of enterprise access management solutions, such as, CA SSO and WSO2 Identity Server. As a certified Security Engineer, I understand the importance of defining security controls in the project design phase to understand and help migrate vulnerabilities. Ultimately, I am a team - player who works efficiently, listens to the customer, and proactively collaborate across teams using various agile principles.
• “Rational Inventor’s display an extraordinary talent for rising to the demands of even the most impossible situations.”

TECHNICAL SKILLS:

Identity and Access Management Systems: CA SSO (SiteMinder) r12, r12.5x, CA Federation Manager r12.6, Identity Minder 12.5, Secure Proxy Server 6.0(SPS), Open SSO, Ping Federate 7.0, WSo2 Identity Server 5.8/5.9, WSo2 API Manager, WSo2 Analytics Server

LDAP Directories: MS Active Directory, Apache DS, phpLDAPadmin, OpenLDAP

Framework/Languages: .NET, VBScript, Eclipse JavaScript

Web Servers: Apache Tomcat 8, Windows IIS 8.0, Oracle WebLogic 8.1

Web Technologies: SAML 2.0, OpenID Connect, OAuth2, Rest API, SCIM2

Operating Systems/Cloud Platform: Windows Server 2012R2/2016, Red Hat Enterprise Linux 8 (RHEL), CentOS, Ubuntu, AWS ECS, Window Azure

Databases: PostgreSQL, MySql, H2 DB, Oracle DB

Laws/Regulations/: HIPAA, ITIL, CMMI, NIST Publications 800-37, SP 800-63-3, ISO 2700

Applications/IDE: Microsoft Office 2016 Suite: Word, Excel, PowerPoint, Access, Project, Visio, Lync, SharePoint, Citrix XenApp, ShoreTel VOIP system, Crystal reports, SCCM, WSUS, NAMS, EAMS, Symantec Ghost, Postman, WinSCP, PuTTY, Sublime, Docker container

Network tools: Fiddler, Nessus, Nmap, Telnet, WireShark

Internet Protocols: TCP/IP, CRL, TSL/SSL, IPSEC, OCSP, VPN, STFP, HTTP/HTTPS (GET,POST)

PROFESSIONAL EXPERIENCE:

Confidential

Identity Access Management Lead Architect

Responsibilities:

• Design and implement WSO2 Identity Server, API Manager, and Analytic Server solutions as part of an Agile engineering team under the guidance of the VP.
• Gather customer requirements for architecting, designing and implementing Identity and Access Management solution using WSO2 Identity Server
• Develop Restful API payload to return 200 status when validating user exists in external Oracle database
• Designed tool to convert CSV file (containing 50,000 user) to an LDIF, import users, roles, and attributes into Openldap DIT environment successfully.
• Create custom scheme in Openldap which extended the scheme to include custom fields required for user store migration. Create custom claims in WOS2 IS to map to Openldap instance.
• Support the design and implementation of browser-based user authentication pages and integration with WSO2 and existing applications using REST, SAML, and OAuth 2.0 protocols.
• Follow software development methodology and architecture standards.
• Participate in UX/UI design, code, and test inspections throughout life cycle to identify issues/defects; participate in other meetings, such as those for use case creation and SPRINTS.
• Build sequence documents and document installation and configuration for replication into PROD

Confidential, Greenbelt, MD

IDM Engineer

Responsibilities:

• Develop technologies, processes, workflows, and practices required for IAM lifecycle across multiple platforms and applications.
• Subject matter expert providing integrating support for over 3,000 COTS and in-house developed applications in a mixed Windows and Linux/Unix environment.
• Design and deploy federated authentication services for Confidential internal and external systems while providing assistance to partner IT staff where necessary.
• Design and develop workflows and adapters for assets, developing Role Based Access Control (RBAC) entitlements to web applications, implementing role resolution, role mining and role administration user NAMS LaunchPad interface.
• Design and implement Identity and Access Management systems to ensure the appropriate security guidelines, policies and procedures are in compliance based on level of confidence (LOC), Level of risk (LOR), and Level of assurance (LOA) calculations.
• Build policy based rules using SiteMinder SSO products to authenticate against Confidential virtual databases using 2 factor authentication (PIV card, CAC card, mobile device, RSA Token, etc).
• Protect application resources using IAM protocols and architecture (SSO, SAML, OAuth, Federation, etc.)
• Managed risk migrations using RDB (Risked Based Decision) and RBA (Risk Based Acceptance) security controls.
• Manage POAM documentation in a robust services catalog platform.
• Perform Risk management vulnerability scans using Nessus scan tools
• Knowledge of NIST Information Security Guidelines and FISMA Compliance standards

Confidential, Washington, DC

O&M Application Manager - Contractor

Responsibilities:

• Implement and deploy multi-factor authentication components using Ping Federate, CA SiteMinder SSO, CA Directory, and Identity Management on Windows and Linux platforms.
• Help train staff in installation, configuration, tuning and troubleshooting CA SiteMinder Web Agents on the following web servers, IIS, Apache, and IBM HTTP Server.
• Create and maintain operational and support documentation within a SharePoint document repository.
• Managed a team of engineers as the lead application manager with the configuration aspects of protecting websites/applications using SiteMinder HCO policy server.
• Develop SAML based configurations using IdP initiated and SP initiated SAML profiles with different binding methods like POST, Artifact, and Redirect to deliver a custom SSO environment as per the requirement.
• Experience with PKI, SSL Protocols and Online Certificate Status Protocol (OCSP)

Confidential, Washington, DC

Lead NOC Support Engineer - Contractor

Responsibilities:

• Performed Window 10 migrates in an enterprise wide environment successfully upgrading windows 7 to windows 10 using SCCM in place upgrade tools.
• Use DOD approved wipe tools to remove PII and confidential data on asset hardware
• Utilized User state migration (USMT) to streamline user state migrations
• Responsible for performing daily ticket reviews on engineering team tickets to assure SLA compliance.
• Ran daily reporting on all engineering resolved tickets, review to check for proper closing coding.
• Provided lead operations support on Production and SBX IBM Mainframes
• Developed technical documentation which included IT Standard Operations Procedures (SOP), technical guidelines, and best practices.
• Provide lead technical support with Mainframe database operating z/OS, JES2, VTAM, NetView, TSO, and the use of JCL to monitor and initialize Mainframe resources.
• Monitor critical system resources using Nagios IT Infrastructure monitoring tools ensuring up to 99.5% system uptime availability on a daily basis.
• Experience using NOC tools such as SolarWinds, AppDynamics, VMware vRealize and/or Splunk
• Monitor and utilize other tools such as Sensaphone, SolarWinds, ACD, Nlyte, RFID, DVR, ISX Central and InfraDash boards for service availability.

Confidential, Washington, DC

Lead Tier3 Engineer - Contractor

Responsibilities:

• Responsible for performing daily ticket reviews on engineering team tickets to assure SLA compliance.
• Ran daily reporting on all engineering resolved tickets, review to check for closing code errors.
• Provided lead technical expertise to engineering teams supporting AVS and ATO lines of business.
• Responsible for matrix management and validation of analytical procedures which capture engineering work results; provide document for management staffs weekly meeting.
• Provided exceptional customer support for over 2,500 FAA customers onsite and remotely.
• Migrate enterprise wide devices from windows 7 to windows 10 using SCCM in place upgrade tool
• Deploy patches and application upgrades using SCCM
• Created an indexed article database which contains Microsoft KB articles and fixes for a wide array of known errors.
• Developed technical write-up documentation for IT best practices which ended being used as a standard for the department’s technology roadmap.
• Monitored Microsoft Operations Manager (MOM) for performance and application reporting.

Confidential, Washington, DC

Sr. Help Desk Technician - Contractor

Responsibilities:

• Provide lead technical support migrating Windows 10 operating system across multiple Confidential location across the DC Metropolitan Region
• Effectively provided goal-oriented technical expertise support for over one thousand Confidential administrators, staff members, and consultants.
• Created and manage company’s Windows 7 standard golden images using Symantec Ghost utility.
• Performed Q&A testing of custom applications.
• Strategically planned and coordinated the removal, movement, and installation of computer hardware and software, for including transferring user data/profiles.
• Managed company’s Exchange hybrid deployment migration from Exchange 2010 to Office 365 cloud based server tools.
• Deployed a single sign on solution using ESSOM that reduced the volume of created password lock out incidents by over 50%.
• Configure cisco catalyst switches to require layer two port security traffic control on per defined ports.
• Performed re-cabling and port patching on switch panel using LAN toner and Network Probe.

Confidential, Rockville, MD

Remote Support Engineer

Responsibilities:

• Delivered highest level of on-site and remote network support, carrier services, and cloud services to small/medium-size businesses.
• Perform remote support for white label clients within a NOC environment which included hardware, software, and communications devices.
• Remotely assist vendors and clients with the installation and optimization of signal strength for internal and external antenna which include; Yagi, Maestro, Omni and 3G antenna devices.
• Manually manage antenna RSSI signals strength, provisioning, and device firmware updates through TCP/UDP and Telnet connections.
• Maintain vendor relationship with all manager carriers (Verizon, Sprint, and AT&T) to activate and provision sim cards.
• Utilized Google Maps to location nearest cellular towers near customer location, assisted customers with finding the correct coordinates to position the antenna to obtain the best signal
• Provided Tier III support for custom IPAD presentation applications.
• Monitor Nagios server Monitoring tool for infrastructure failures or outages, escalate to on-site technical POC.

Confidential, Alexandria, VA

Desktop Support Analyst

Responsibilities:

• Achieved promotion to senior systems support role, and effectively provided IT leadership for all company hardware and software peripherals.
• Introduced a 24/7 support system which provided IT support to all senior management end-users on internal travel.
• Efficaciously managed a wide range of support, from daily internal controls to large-scale enterprise network migration projects.
• Developed an innovative end user training program, designed to successfully promote efficiency, giving users the ability to provide valuable feedback while accurately managing their equipment.
• Managed a small team of support technicians on related projects/assignments; such as VOIP infrastructure upgrade, Microsoft Office Communicator server configuration, and SharePoint 2010 install and data migration.
• Assisted with successfully implementing ticketing support system for internal users, while providing tailored matrix for management analytics.
• Managed Postini Mail Security for SMTP filtering.
• Managed the Exchange Servers 2007 based server role and mailboxes.