TECHNICAL SKILLS

Tivoli Security Products: Confidential Security Access Manager for e - business ISAM 9.x, ITAM 6.x, Confidential Tivoli Identity Manager version 5.x/6.x, ISIM 7.x, Confidential Websphere Application Server 7.0/8.x, IDS/ISDS, ITDI/ISDI and DB2 respectively to ITAM/ISAM version migrations, Cisco Threat Grid, PhishMe Triage, Splunk, Tainium, RegShot, Cisco IornPort, FireEye, RSA, Cipher Suites, Cryptography, and currently MaaS360 and Mobile Protect

Primary Languages and Scripts: Shell, Python, Bash, Kshell, Java, C, C#, C++, JavaScript, JSP, HTML, VB, .NET, Ruby, Perl, PHP, XML, Python

Database: Oracle 8.x/9i/10g and DB2 7.1, 8.x, 9.x, 10.x, 11.1

Tools & Platforms: PHP, VB6, CSS, Studio. Net, Active X, ForeSite, C, C++, Assembler 68xxx, 80xx, Pascal, FORTRAN, PERL, CGI, HTML, DHTML, Voice xml, Flash MX, Shell, SQA, ASP, NetDynamics (JAVA), JAVA, J2EE, JDBC, ADA, JCL, WinBatch, REXX, VMI Systems, SOA (Service Oriented Architecture) & Data Power, mySQL, Ruby, Flash, H264, DRM, EJB, Glassfish, JMS Open MQ, Maven, Hudson, Final Cut Pro, CS4, Toast Titanium, Logic, Maestro, iDVD, Clarify, ZenOss, Agile, Voldemort, UNIX, AIX, Solaris, Vista - Ultimate, MS-DOS, Windows 3.X, Joomla 2.5 & 3.0 w Extensions in the Cloud, VCloud, HACMP w.r.t Cloud Physical/Virtual, Windows 9X, NT, 2000, Advanced Server 2000, Site Server, ME, XP-Pro, LINUX, OS X.1, Netware, Lotus Notes, Dreamweaver - Ultra Dev 4, Premier, Windows 2003 Enterprise Server, TIVOLI, WebSphere, Weblogic, SQL Server, Apache Web Server, MS Access, IIS, Sybase 11, Oracle, Visual Source Safe, Clear Case, DVD authoring, SSL (Thawte, VeriSign Digital Certificates), SSO, Micro | Focus / NetIQ, Clear Trust, RSA, LDAP ( Confidential Directory Server / Sun One), DB2, IAM ( Confidential Identity Management and Access Management), Confidential Directory Integrator, ITCAM, TDS,Tivoli Output Manager, TFIM, TLCM,ITNM, Omni Bus WebSphere Portal and other selected Tivoli Products, Discovery - Security Management(CA) & CA View, Oracle 11g (Waveset), Blade, On-Call (on/off shore support), Scala, Agile, Waterfall, Groovy, SAP – CRM Upgrade. InfoSphere, IAM – Application Integration (Data Power, InfoSphere, Cognos, Informatica, Informix, Tibco and other custom applications), myEclipse,ICA – Confidential Content Analytics, Enterprise, Confidential WebSphere Portal, WCM, APPSCAN, JSR 168 & 256, AWS, Azure, Ansible, Python, Ruby on Rails, REST API, Oracle Service Bus, Data Power Integration, PTES, MacOS Sierra (OSX 10.12.4), Kali Linux, Oracle Fusion, Oracle Application Server Platforms, Agile, WCM 8.5.x and others.; Scrum Agile, MS Project

PROFESSIONAL EXPERIENCE

Confidential

Senior Cyber Security & Enterprise IAM Architect / Engineer

Responsibilities:

• Governance / IGA / GDPR Security and Compliance
• Benchmark and POC ( Confidential Cloud, Google Cloud, Sailpoint, Oracle, Azure, Ping, AWS EC2 and VMWare for IAM Solutions)
• Parrot, BlackArch, Kali with w.r.t to Penetration Testing and Software Development
• Python (Selenium, OS, Tweepy, Wurl, Wget, NodeJS and many others)
• Mobility as a Service - DLP - MaaS360; PaaS & SaaS
• DLP for SQL Server, TeraData, Oracle, Hadoop, DB2, MySQL {Dataguise}
• AIML (Artificial Intelligence & Machine Learning)
• Review threat management systems to classify and quantify risk and threat vectors, including but not limited to IAM with respect to Architectures that allow for different IAM Solutions to run simultaneously with a phase out one solution for the other while maintaining compliance ( Confidential, NetIQ, AD360, Ping, Oracle, Sun, etc.).
• ForgeRock (openAM, openIDM, openDJ), MuleSoft, Confidential Security Access Manager for e-business ISAM 9.x, ITAM 6.x, Confidential Tivoli Identity Manager version 5.x/6.x, ISIM 7.x, Confidential Websphere Application Server 7.0/8.x, IDS/ISDS, ITDI/ISDI and DB2 respectively to ITAM/ISAM version migrations, CA - Siteminder, Cisco Threat Grid, PhishMe Triage, Splunk, Tainium, RegShot, Cisco IornPort, FireEye, RSA, Cipher Suites, Cryptography, and currently MaaS360 and Mobile Protect, Shell, Python, Bash, Kshell, Java, C, C#, C++, JavaScript, JSP, HTML5, VB, .NET, Ruby, Perl, PHP, XML
• Develop techniques and processes to identify anomalous behavioral patterns
• Identify, evaluate, test, deploy and implement complex technical security solutions to address a variety of business requirements
• Network perimeter device and system log analysis
• Install, Configure, Integrate and Evaluate APPSCAN /Mcafee results
• Cloud Identity & Access Management - CIAM
• Programming tools using Perl, Python, Unix Shell Scripts, Java, Jason etc.
• Worked with BMC & Others for monitoring and Change Management - McCafe
• Develop Automation scripts using Python and Ansible to control various aspects of ATT Cloud Servers.
• PTES, Vulnerability Remediation, Black Box Dynamic Testing, Manual Penetration Testing, NMAP, PCAP, AppScan, Burp Suite, SDLC (Secure Development Life Cycle)
• Lead or/and participated in CMS Security Assessment Process including but not limited to NIST rev 3 and NIST rev 4
• Develop Training Documentation, Operations & Support Guide, Status, Installation & Configuration including but not limited to WCM 8.5.x,
• Architecture, Detailed Design, Functional Specifications, Memo and other Technical & Business Documentation
• Collaborations using SharePoint 2013, WCM, TLS, Confidential WebSphere Portal, Quicker & CCMDB
• Integrate POC template for Application integration complete with Roles
• Provide IAM (ITIM 5.x ISIM 7, ITAM 6, ISAM 9 & TFIM 6.x / ISAM & SIM) Application Integration roadmap for applications that include but are not limited to: Data Power, InfoSphere, Cognos, Informatica, Informix, Maximo, Tibco, NetCool, QRadar, Alien Vault and others.
• Developed custom LDAP schema to support IAM - Application Integration efforts via (LDAP, ITIM, Unix, VPN) as it pertains to application authentication and subsequently authorization in Governance (IGA).
• Evaluated Azure and AWS for inclusion into TFIM and ISIM specifically with respect to PIM
• Developed Scala Monitor Proposal with respect to Temporal Domain Reflectometry.
• Provided on going Security Assessments, Vulnerability Analysis, Threat Detection & Correction.
• Developed TCPIP countermeasure protection monitor to counter (Ophcrack, MetaSploit, WireShark, SAINT - and its historical derivatives and Buffer Overflow)
• Refined ITIM, ITAM Architecture with respect to agent and agent-less adapters working with enterprise LDAP (Work Flow, API Customization, Upgrades and impact analysis w.r.t applications, Java, AIX, Linux, VMWare, and other technologies
• Developed Strategic Monitoring for IAM / SIM / SAM / TFIM using ITM, TDI, Custom Scripting (Shell & Perl), Data Power, ITCAM, NetCool, QRadar & .NET
• Developed several POC for /DataPower/TDI/Perl/Shell/SIM / SAM; currently deploying Data Power POC with respect to MFA including but not limited to OAuth.
• Oracle Application Server Platform Integration
• Developed Custom GUI (Java J2EE compliant) interface to better handle recertification process for multiple users with respect to one Manager. Out of box recertification does not support easy recertification of multiple users by one manager.
• Developed ISIM / ISAM 6.0 Architecture for deployment at Customer Location; Developed Re Architecture for BNSF, State of Maryland, State of Michigan.
• Performed vulnerability assessment on OAuth 2.0 Authorization client /server
• Proactive monitoring of the health of ISAM 9.1 components
• Proactive monitoring of the health of applications.
• Develop LDAP and directory synchronization processes
• Experienced in Active Directory, Network Load Balancers, Windows Server 2012/2008, SQL Server, Internet Information Services (IIS), and Windows Firewall for heterogeneous environments
• Expertise in configuring Cells, Nodes, clustering, JDBC Providers, Data Sources, Virtual Hosts, session management.
• Migrations of ITIM /ISIM 4.5-5-6-7x/ITAM/ISAM 5-6-7-8-9x and respective stacked components to current versions.
• Provided Production Application Support and Business operations 24/7 and worked with Confidential L2 support during Outages and on complicated issues resolution in Production.
• oAuth, SAML, Security Token Design and Customization, openID Connect, Federations, AAC, Policy Server Deployment & Configuration, Authorization
• TDS, TDBM —> ISDS, ISDBM (environmental integration)
• Experienced in Installing Upgrade Fix Packs and Migrating to latest versions

Confidential

Senior Security Architect / Engineer

Responsibilities:

• RICOH, PayPal / EBay, Confidential, Verizon, AMGEN, Northrop Grumman, Kaiser, US Army
• Sr System Admin/ITIM/TAM Consultant & SOA Specialist
• Primary responsibilities include Installation and configuration of multiple instances of ITIM, WebSphere, LDAP - Confidential Directory Server and IDI
• Provided 4 th , 5 th and 6 th Level support for PayPal NOC
• Provided Performance tuning tasks and set up enterprise monitoring SLA’s
• Provided method and means for AMGEN to regain control of out sourced aspects of their business
• Experience of installing, configuring and upgrading/migrating Confidential Security IAM solution components
• Provided IDS migration and configuration support for RICOH
• Experience with the Confidential suite of identity management suite of tools preferred including: Tivoli Identity Manager and Confidential Security Identity Manager; experience with Microsoft Active Directory
• Wrote the crontab scripts for automated recycle of ITIM
• Installation and configuration of end point agents and ITIM Services
• Provided trouble-shooting and configuration of WebSEAL and all components with-in the TAMe/Identity Management space
• Configuration and Administration of ITIM - Design org tree structure, Create provisioning and de-provisioning policies, Implementation of ID policies, password policies and Service definition for End Point Agents
• Created groups for corporate LDAP using ITIM and IDI
• Done the performance tuning by tweaking WebSphere configuration parameters like JVM heap size, DB connection pooling, class load sequence, thread pooling etc.
• Provided trouble-shooting for ITIM, ITAM and WAS (WCM 8.5.x).
• Identified areas of improvement and develops action plans to improve application performance and Business operations
• Responsible for scheduling installations and upgrades and maintains them in accordance with established policies and procedures.
• Developing Technical documents for support and internal use for TFIM, WAS, TAM workflows and installations.

Confidential

Senior Security Architect/Engineer

Responsibilities:

• Designed and implemented and power reducing technique that saved Toyota over 20 million dollars in 1 year by Re- Architecting their Applications to run on one large Confidential Server as opposed to many large Confidential servers. This was achieved by interviewing various departments and support teams to confirm and validate the move to virtual solution. It was very successful and is probably still saving them money.

Confidential

Senior Security Architect / Engineer

Responsibilities:

• Primary responsibilities include Installation and configuration of multiple instances of ITIM, WebSphere, LDAP
• Experience of installing, configuring and upgrading/migrating Confidential TIM/TAM solution components
• Experience with the Confidential suite of identity management suite of tools preferred including: Tivoli Identity Manager and Confidential Security Identity Manager; experience with Microsoft Active Directory
• Wrote the crntab scripts for automated recycle of ITIM
• Installation and configuration of end point agents and ITIM Services
• Provided trouble-shooting and configuration of WebSEAL and all components with-in the TAMe/Identity Management space; delivered WCM
• Configuration and Administration of ITIM - Design org tree structure, Create provisioning and de-provisioning policies, Implementation of ID policies, password policies and Service definition for End Point Agents
• Created groups for corporate LDAP using ITIM and IDI
• Provided new method for quicker installations and configuration by using TSM and intelligent configuration files together with automation scripting
• Done the performance tuning by tweaking WebSphere configuration parameters like JVM heap size, DB connection pooling, class load sequence, thread pooling etc.
• Provided trouble-shooting for ITIM, ITAM and WAS.
• Identified areas of improvement and develops action plans to improve application performance and Business operations
• Responsible for scheduling installations and upgrades and maintains them in accordance with established policies and procedures.
• Obtained additional Tivoli Certifications in ITIM and TFIM to complement existing Tivoli (1995) Consultant Certification required to train Confidential and other fortune 500 companies.

Confidential

Senior Tivoli Architect, Specialist & Developer

Responsibilities:

• Designed and Implemented the POC for self-healing server (to govern 50,000+ servers
• Designed and Implemented the first web front end for Tivoli
• Provided LDAP and Siteminder user administration and integration into ITIM
• Designed, Architected, and Implemented Enterprise Management Solution to include two networks (TCIP, InfraRed) to ensure highly available enterprise system solutions