SUMMARY:

• Experienced cyber access & identity management (AIM) architect, wif broader cyber security expertise spanning InfoSec practices, privacy, risk - based decision systems, incident response, anti-fraud, and anti-money laundering; building Internet-scale, consumer-facing, SaaS platforms
• Proven technology leader that has successfully delivered multiple mission-critical solutions and managed technical teams globally; thriving through creative and experimentation-driven execution that accelerate innovation. me am teh inventor of an ed US-patent in teh area of rick-based autantication (US 20180234411 A1) and 3 more research patents on password less autantication .
• me has specialized in Identity and Access Management (IAM), wif over 20 years of experience. me has published numerous articles and blogs, and has been a speaker at conferences and events.
• Specialties: Product Management, SaaS, Start-ups, Identity Management, Cloud, Privacy, Access Management, Collaboration, HCM, Payroll, Product Development, UX

TECHNICAL SKILLS:

• Identity Management Security Managed Services Product Management Cloud Computing
• SaaS Information Security Program Management Integration Business Development

PROFESSIONAL EXPERIENCE:

Confidential, Roseland, NJ

Director, Application development

Responsibilities:

• Successfully Lead globally initiatives in teh areas of IAM, Fraud prevention, orchestrating across multi-functional business and product teams across Confidential to reduce risk and threat surface for our client-facing products and applications KYC and Transactional surveillance platforms.
• Currently leading a Next-Gen IAM across Americas / APAC / EU wif advanced features like Cloud based autantication systems, SLO (Single logout), multi Factor autantication (MFA), Password less autantication, Trusted autantication, Advanced autantication schemes, adaptive autantication etc.
• (Phase 1 of Next gen is already in production, which has reduced “forgot password / user ID calls by 45%. Teh self-service recovery has been quiet TEMPeffective; we also has 30% password less autantication adoption which is rapidly becoming popular across clients) and compliance management.
• Identify and developed security architectural standards, design patterns, and architectures to in corporate consistent and appropriate application and infrastructure security controls globally.
• Lead R&D in new and emerging security technology spaces wif teh appropriate partnerships, to deliver Confidential 's globally converged technical security roadmap.
• Revamped teh entire UX for self-registration pages, Autantication phases and all teh forgot user name and password flows up to teh latest tech stack using React JS, Kubernetes on in prem and AWS (All teh 4 phases are completed and we has single point of entry to all 70+ Confidential apps allowing us to has fine grained control over IAM and Global security, Sensitive info tracing / Logging, DDOS attacks and other advanced security features).
• Delivered global money movement protections to prevent theft of client funds using Actimize global money (phase 2 is already in production, we are fully audit compliant by US fed for anti-money laundering, all pay rolls are audited and reports to US Fed incase suspicious events)
• Director of a team responsible for teh design, architecture, Implementation and support of teh Confidential private cloud ( Confidential Web Tier / Tier 0 Services).
• Teh cloud also centralizes all Identity and Access management for ~ 70 million users wif RBAC, risk based multi-factor autantication using Arcot and device assurance.
• Application firewall and security using ASM (F5 module) is responsible to ensure that all top 10 OWASP and other application vulnerabilities are trapped at teh edge along wif forensic reporting and risk analysis.
• Tier 0 also offers teh Web Services (SOAP / WS-Security and REST) using Layer 7 and Federation (SAML & WS-Fed) interfaces out of teh box for an application integrated wif it.
• Teh private cloud offers an API portal for clients to test out teh SaaS offerings from Confidential . This is done using Layer 7.
• Providing Autantication as a service using social identities (OAuth / Open ID) Head of a team responsible for teh design, architecture, Implementation and support of teh Confidential private cloud

Confidential

Principal Architect

Responsibilities:

• Integration wif RSA AA for advanced risk scoring as part of autantication.
• Design and implement multi factor auth schemes.
• Migration strategies from Site Minder / ARCOT to Forge Rock.
• Mobile federation using OAUTH 2.0 / Layer 7 for Major Confidential client
• Teh private cloud offers CDN, Presentation, and security as a service. Examples include SSL, caching / compression, traffic optimization, full layer 7 proxy, application routing, AAA etc.
• Application firewall and security using ASM (F5 module) is responsible to ensure that all top 10 OWASP and other application vulnerabilities are trapped at teh edge along wif forensic reporting and risk analysis.
• Web Tier also offers teh Web Services (SOAP / WS-Security and REST) using Layer 7 and Federation (SAML & WS-Fed) interfaces out of teh box for an application integrated wif it.
• Teh private cloud offers an API portal for clients to test out teh SaaS offerings from Confidential . This is done using Layer 7.
• Providing Autantication as a service using social identities (OAuth / Open ID)
• Designing and developing application on spring boot / Docker deployable images.
• Custom reporting on splunk using Python / Splunk R.
• Designed and built a time series d Confidential base using OpenTSDB / Kibana / Elastic search / Log stash, remained as a POC since we standardized on splunk
• Designed an Application monitoring system using configuration management API for brokers, which will monitor real time health of teh broker and other critical server parameters. (Broker Health Check)
• Production boxes were running out of JVM heap size frequently for a particular executions group, researched it independently, and wrote java based JMX tool which will monitor teh heap size periodically and when teh heap size goes to teh danger level, a new instance of teh execution group will be started automatically and will balance teh load. This is currently running successfully in production, where we process close to a million messages per day.
• Creator and designer of “ESBGateway” a MQ4java tool using which a message can be saved as a file wif teh proper Confidential header and body (Message to file), and a file can be sent as a MQ message (file to message), teh tool takes care of segmentation and aggregation. More TEMPthan 17 teams in Confidential use this tool in production and teh tool process up to million he messages a day.

Confidential, New York

Senior Middleware engineer

Responsibilities:

• Configured and deployed tangasol for application cache which involves teh entire FXDD trader trading application. Rewrote some portion of teh FXDD trader application to support those changes.
• Redesigned Trade back office module as a part of performance revamp. Used HP JMeter and load runner for performance tuning teh existing trade sales / Dealing desk code.
• Architected teh entire “demo account” wif teh FXDD trading system.
• As a part of teh application server migration, was responsible for setting up a new trade environment. Teh application was migrated from WebLogic 8.1 to 9.1 which includes creating server / clusters, JDBC connection pools / JMS setup / Security.
• Architected 3 bank integrations namely Confidential, Chase Manhattan, Confidential using MQ, swift, JMS, FIXML