20+ years of highly focused Identity Management (IDM) solution design, deployment and technical consulting
Strong expertise architecting, implementing, and integrating Identity Management technical solutions in large - scale corporate environments including: Directory Services, User Account Provisioning, Access Control, Privileged Identity Management, Governance, Privileged Access Management
Responsible for enterprise software architecture/engineering, requirements gathering, implementation planning, product installation/customization, and product training in regard to Identity Mgmt. consulting engagements.
Excellent communication and customer training skills.
Microsoft Active Directory
Microsoft AD LDS (ADAM)
Sun Directory Server
Sun Identity Manager
Confidential Directory Server
Confidential Identity Minder
RSA Federated Identity Manager
Oracle Access Manager
IBM Directory Server
Oblix Oracle IDM
Radiant One VDS
Oracle Internet Directory
Radiant One ICS
Consulting, Engineering and training Experience
TEMPPrincipal Consultant, Access Management and FederationFeb. 2014 - Present
Serve as TEMPPrincipal Consultant, Access Control and Federation in CTI’s Professional Service Group.
Worked at a large Financial Institution to upgrade their current CyberArk environment from 7x to 9.2. Onboard new platforms and accounts, create new policy exceptions and AIM integration.
Architected and implemented a global CyberArk solution for a multi-national company which spans global regions. Including disaster recovery, business continuity, multiple platforms, policies and geographies.
Worked wif a large Aerospace company to halp plan their migration to OAM 11g and OTD 11g from OAM 10g from a technological, governance and industries standards view.
Working wif a large shipping company to implement a fault tolerant, global LDAP Directory infrastructure.
Worked wif an EMR company to upgrade Ping, implement SharePoint connector and custom connectors.
Worked wif a CyberArk customer to upgrade their environment 7.x to 8.6 and use AutoDetect to verify usages of ‘superaccounts.’
Helped architect an install of a new CyberArk clustered implementation at a client and migrate the old implementation to the new.
Stepped in to Administer, Engineer and Architect PingFederate at a large corporation when their Ping Engineer left. Onboarded new adapters/applications, worked wif developers to code their software to work wif PingFederate, worked wif SAP to connect implement a mobile solution, built out the new engines globally and solved end user issues.
Stepped into a Healthcare company to Engineer, support and manage and grow their Ping Infrastructure when their Engineer left.
Also in the process of formally certification to deliver Ping Identity product training to customers across North America (dis is in partnership wif full approval of the Ping Identity training department).
Served as the Lead Technical Consultant, Team Lead and Team Member on IDM/Access engagements for customers such as JP Morgan Chase, Adobe, Nike, Toyota, Confidential, Confidential, Confidential and Confidential .
Re-architected a local CyberArk solution to be global, managing Unix, Windows and Session Management for accounts wif elevated privileges.
Designed and set up CyberArk to manage elevated accounts in a cloud environment and application passwords.
Completed engagement to re-architecture a deployment of Confidential SiteMinder/IM to support the infrastructure, users and business units as well as application security.
Set up CAs Secure Access (PIM)to manage Mainframe accounts at a large bank.
Completed engagement to implement Ping Identity’s token translation technology as a bridge between an old version of SiteMinder and a new OA implementation. dis design bought time for an auto manufacturer to port over applications from SiteMinder to OA.
Completed engagement to design a comprehensive plan for Identity, Access, and Governance at an Energy Provider taking into account the small bastions of installed products already in separate business units. Deploy the first stages of dis plan including both an upgrade of the current access management and the solution for shared accounts to fix an audit issue. Designed a solution to integrate different Access Management product via Ping Federate and a SiteMinder Upgrade.
Evaluated Ping Architecture and designed plans going forward at a large healthcare company. Ping was used to integrate internal applications to the SSO platform as well integrating a couple of outside partner applications. The critical external application was for student physicians wif the local medical school.
Previous engagement to deploy PingFederate and CyberArk to amend two issues. One was deploying federation wif partners and the other to fix the issue of privileged account management and hosted solutions security. These were both initial implementations and architecture wif CyberArk and PingFederate
Engagement to verify the initial install of CyberArk and plan for a full company rollout to Unix systems and Databases. Also architect a rollout of privileged session manager globally.
Engagement to evaluate a Confidential IDM/SiteMinder implementation and document system current abilities, suggest tuning and modifications to the implementation so it would perform to customer requirements.
Designed and deployed a Directory replacement and SiteMinder upgrade in a large Finance Company for an Auto manufacturer to protect both the customer and partner portal.
Upgraded a SiteMinder and Identity Minder deployment at a large Entertainment Company. Designed the second phase of the deployment adding functionality.
Gathered requirements and evaluated products to make recommendations for replacement of Sun IDM at large Insurance Company.
Designed and implemented a federated gateway between for a small company using Novell Federation and a Sun and Novell Directory.
Developed solutions from RSA products from pre-sales to custom implementations including documentation for all. Worked wif customers such as Citi, Tyco, Hasbro and Juniper.
Upgraded RSA secure token at a network provider to verify and add to documentation. Isolated unique problems wif the old install that effected the upgrade process planned the fix and deployed the new version.
Upgraded RSA Secure Token technology for a large multinational company verifying documentation and upgrade plans for preciseness and ease of use during the upgrade.
Migrated another secure token product to RSAs at a banking institution. Did initial design and architecture for a small DLP POC and SIEM implementation.
Served as a Confidential Architect in the areas of Access/Directory/Identity Management for customers such as Confidential, Detroit Diesel, Catholic Health
Designed and deployed added new functionality to a large automotive manufacturer’s SiteMinder deployment. Planned and trained contractors to continue wif the next phases of the Access Management rollout.
Gathered requirements, designed and deployed SiteMinder to protect a partner and training portal at a large Engine Manufacturer. Trained employees to manage and support the system.
Gathered requirements, mined roles/groups, designed and deployed Confidential Access Management for a large Tractor company.
Created tuning documents for large Confidential Directory Implementations. Verified the gains in resource utilization in closely monitored testing.
Upgraded the SiteMinder implementation at a large Automobile manufacturer.
Served as a Novell Sr. Architect in the areas of Access/Directory/Identity Management for customers such as Confidential, Detroit Diesel, Catholic Health, City of LA
Evaluated current usage of Novell’s IDM/AM suite, Designed and planned next steps roll out for a large city deployment. Including proximity card and physical access control card integration.
Developed, planned and ran workshops to introduce the concepts of IT Governance to Customers. These workshops were presented to C levels and another one was directed to the technical population of Architects and Developers.
Assessed the impact of a Directory replacement and IDM upgrade at a multinational company for both Governance and technical issues. Identified potential problems, documented and rectified these issues prior to the rollout so that the rollout was successful.
Designed, replaced and completed data cleanup for a Directory at a Global Investment bank for their external portal.
Evaluated, troubleshot and upgraded an Access Management Solution at a large internet travel company that serviced the customer portal.
Designed and implemented an Access Management/IDM/Biometric solution pilot for a medium sized Hospital Network. Designed the larger rollout to the entire Network.
Served as the MetaDirectory/Directory/IDM/Access Management lead in the Allied Customer Engineering (ACE) group.
Redesigned a deployment for a small energy company. Rolled out new deployment, tested and planned production roll out in one week.
Architected, deployed and upgraded a messaging, metadirectory and directory implementation for the Federal Government. Designed and deployed Sun IDM into the infrastructure after the system proved its worth.
Architected solutions for two large French Companies after initial architecture failed. Deployed into test and monitored though production release.
Deployed SunOne beta components at Greek airport prior to the Atans’ Games. Returned to upgrade to final release components.
Taught general and specific customer focused classes in US, EU and APAC for System Engineers, Post Sales Consultants and Customers.
Architected deployments of Sun IDM for Universities both in the US and EU.