SUMMARY:

• Confidential is a CISO level, Senior Security Officer/executive and trusted advisor to C - Levels, Board of Directors in the Healthcare and Finance industries as well as Federal Agency heads .He is an expert at managing a global IT and network security organization providing IT, network and security operations center functions for major Fortune 500 and Federal intelligence/homeland security agencies.
• He has provided 7x24 NOC, SOC, Service desk ITIL standardized functions. Expert vulnerability threat assessment and mitigation, CSIRT, watch desk, firewall/ proxy management. Deployment and 7x24 operations of SIEM systems, ArcSight, Netcool, ISS, Entersys, EPO, WSUS, Splunk etc. He has provided technical guidance in security architecture, security applications design, and deployment in a cloud environment.
• Experienced in evaluating networks and security vulnerabilities, daily management of production security systems including firewalls, intrusion detection/prevention, antivirus, patch management, and encryption. Deployment of infrastructure with FISMA, NIST, FEDRAMP, NISPON, HIPAA and PCI frameworks/standards.
• Recognized expert at Program managing multi-disciplinary teams of personnel consisting of security, engineering, applications software developers and business functional leads.

TECHNICAL SKILLS:

IT Security Infrastructure: Netcool, MARS, Arc Sight, EPO, WSUS, ISS- Proventia, Enterysys, OPENLDAP, OPENAM, PING IDENTITY, HP Openview. IP routers, switches, firewalls, proxies.

IP Networking and Telecommunications Technologies: IP networking. MPLS, IP routers, switches, firewalls, proxies Design, engineering and implementation of large fiber optic networks. Network surveillance and alarm monitor systems. Design, engineer and implement Broadband CATV networks (cable, HFC telephony, Internet). Packet switching with Dynamic Alternate Routing. Recognized expert at developing and deploying IP networks with MPLS. LAN/WANS. Satellite, Cellular and wireless (802.11) transmission technologies Security, Network and SD operations centers deployment with ITIL

Software: Enterprise Security systems MARS, ArcSight, Netcool, ISS, Entersys, EPO, WSUS. Remedy DNS, DHCP, Radius, Hp Openview, Netcool, Mercury Interactive, Metasolv) Applications Portal billing, CRM (Clarify, Siebel), ecommerce (Broadvision), supply chain management (Peoplesoft, JD Edwards, SAP, Oracle), ACCESS, EXCEL.

Management: 150 plus software architects, designers and integration personnel on large developmental programs.1200 network and IT personnel. Over 20 million in revenues.

PROFESSIONAL EXPERIENCE:

Confidential, Denver, CO

Service Area Manager, Senior Managing Consultant

• Focus on Security products and applications. Security Skunkworks.
• Assembled entire spectrum of security functions--ID and access management, single sign on, certificate of authority, end point management for 400k employees, graded trust, multifactor authentication, virus/malware management, and encryption.
• Upgrade/modify best of breed Confidential /non Confidential products
• Integrate and create unique new capabilities e.g. Cognitive. Release into Confidential Corp infrastructure.
• Agile with DEVOPS.
• Technologies-Java, PERL | PHP | Ruby | Python, Relational database design/development (e.g. DB2 | MySQL), NoSQL database design/development (e.g. MongoDB | HBase), Web Application Development (HTML | CSS | JavaScript), Front end toolkits (DOJO | jQuery), Hadoop / Big Data analytics platforms, Data visualization, Linux | AIX, scripting and system administration, WebSphere Application Server and other middleware
• NAVY ABL 14 Data Center Consolidation and integration. Chief Information Security Systems officer. This project is the consolidation of 14 global data centers into 3, their global networks and associated security infrastructure into a survivable and recoverable complex.

Lead Architect and Technical lead

Confidential

• Assembled a team of architects from various Confidential divisions.—with Oracle DB, Microsoft, Sun Solaris, Citrix, Networking, VMWare, Storage, SOA, IT Security expertise.
• Provided a zoned 3 data center architecture meeting NIST 800 specifications.
• Architected and deployed a global network connecting the ‘to be’ 3 data centers in a Navy private cloud architecture.
• Drove the team to successful on time delivery of the ‘to be’ 3 data center complex.
• Migrated to the Chief Information Security Systems role.
• Architected a Defense in Depth security overlay for the Navy private cloud.
• Assembled the team to deploy and turn up into service Identity and Access management, IDS/IPS, continuous monitoring, malware detection and remediation, encryption of data at rest and in motion, virus and applications scanning system into a Security Services Management pod servicing the 3 data centers

Confidential

PM and technical lead

• Process mapped all business flows. Based on the process flows security risks were identified in the business processes as well as in over 320 major software applications, shared network storage devices and sharepoints. Remediation activities were recommended and carried out.
• Initiated a Roles based access controls methodology. Defined roles, responsibilities and associated rights and privileges Enterprise wide.
• Deployed Enterprise Identity and Access Management (IAM) solutions implemented. Hardening and vulnerability assessments carried out on all servers in all data centers.

Confidential

Interim CISO and Risk Officer

Responsibilities:

• Inserted into the institution after a data spill as interim CISO.
• Assisted the C-levels (CEO, CIO, and CISO) in assessing damage and developing a remedial POAM.
• Established guidelines and benchmarks for a defense depth infrastructure.
• Created a hybrid of NIST 800 and PCI standards to establish High level of Security framework compliance.
• Led PCI-DSS 2.0 audit preparation activities and guided the CIO in implementing supporting technology and effective security control processes within the development and operation environments.
• Led successful recertification of PCI-DSS 2.0 Tier 1, which is a mandatory requirement, for the bank which processes over $10B in customer transactions world-wide.

Confidential

Chief Information Systems Security Officer

Responsibilities:

• Security systems architect, team lead and CISSO ( Chief Information Systems Security Officer) for the project and the operating platform at the Federal Data Center
• Provided a complete DS&P framework of policies, practices and deliverable artifacts based on a systematic analysis of the project, applications and customer requirements.
• Provided a detailed version of a NIST 800-53 ver 2 based GSA TMS Security Plan.
• Architected a private cloud based SaaS solution using Confidential Cloud ID Service, Confidential Cloud Security enforcer
• Provided Security functional inputs to the Watson Cloud team at the Boulder Federal Data center.
• Provided Authentication Authorization, Access Management and password management.
• Collaborated with the functional team to identify business processes, a roles based access methodology.
• Lead and Supported the C&A activities of the GSA client at the Boulder FDC.
• Lead and supported the Pen testing of the GSA TMS platform. Accepted the vulnerability scans and POAM received from the GSA client and responded with POAM responses. Lead the remediation/ mitigation of the POAM items.
• Directed multiple weekly vulnerability scans performed by the FDC. Coordinated the remediation/ mitigation of vulnerabilities between the FDC and the Confidential GSA TMS applications development team.
• Successively completed and delivered the POAM to the GSA client, passed an intensive audit resulting in the granting of an interim Authority to operate certificate.