SUMMARY:

• Expert knowledge of z/OS and predecessor operating systems (20+ years)
• Expert knowledge of z/OS security and encryption experience (18+ years)
• Strong experience in z/OS PCI preparation and Security Health Checks
• Expert knowledge of CA - Top Secret (18+ years)
• Strong experience in disaster recovery planning and implementations
• Strong knowledge of DB2 for z/OS (7.1, 8.1 & 9.1)
• Strong knowledge of CICS and MQ
• Strong experience with a variety of IBM and ISV products
• Strong experience with Windows and UNIX

TECHNICAL SKILLS:

Tools: Putty, SSH, Roscoe, TSO/ISPF, SDSF, DFSMSdfp, IDCAMS, Ultraedit, FDR/ABR, FDREPORT, DFSMSdss, FTP, TN3270, Xpediter, SMP/E, ServerPac, SQL, REXX, Bash, Microsoft Office, IND$FILE, TSO Transmit, PKWARE, WinRAR, WinSCP, Windows XP/7, Bluezone, PCOMM, Cisco VPN, Host on Demand, IBM Utilites, DFSort, ICETOOLS, Syncsort, CBT Utilites, PDSMAN, TDMF, FDRPAS, IPCS, AbendAid, FileAid, Ant, jar, zip, compress, vi, SMTP, Sendmail, RPF, Fileman, Fault Analyzer, GTF, trace, traceroute, ping, SAS, Assembler, Cobol, Strobe, RMF, TMON, Omegamon

Training: MVS Structure (IBM) OS390 Diagnostic Data and Procedures (IBM) OS/390 HTTP Server Workshop (IBM) CICS 2.1 Installation and Configuration (IBM) IBM 370 Assembler & IBM Cobol (University of Cincinnati)

PROFESSIONAL EXPERIENCE:

Confidential

Sr. Systems Consultant

Responsibilities:

• Top Secret/Security - consult on security vulnerabilities, PCI, performance, USS security and general security policies
• Architecture & Technology - evaluate current infrastructure for improvements:
• ICF justification for z114 processor
• Programmer performance
• Change control and auditing
• TCPIP - High Availability implementation OSA port failover, static VIPA by LPAR, dynamic VIPA by application, subplexing and sysplex distributor.
• CICS - provided support for CICS. Project to implement CICSPlex and work with programming staff to enable applications to run within the CICSPlex.
• Logger - RRS setup, Logstreams for User logs within CICS and planning with programmers how to convert to logstreams from VSAM logs.
• FTPS - setup FTP TLS and FTP AT-TLS with Policy Agent for client and server connections
• SFTP - moved private keys into Top Secret. Developed USS scripts for various transfers to limit the impact of new functions on support personnel.
• SOA Gateway - evaluate industry leading products for integration with CICS and z/OS. Implement ICRX Identity propagation between DataPower and CICS. Verisign certificate format conversions using OpenSSL for certificate imports.
• ICSF - implement new key resources to extend control over CSFKEYS, XCSFKEY, RDATALIB. Use of SMF 82 records and OMVS trace to debug problem areas. z/OS - part of z/OS 1.12 implementation providing guidance for maintenance strategy, read-only root, TCP/IP
• Evaluation of Co:Z Toolkit for z/OS as a variant of z/BX structure for selective MIPS redirect.
• DB2 - part of a team doing a DB2 proof of concept. Provided support for initial installation.

Confidential

Sr. Systems Engineer

Responsibilities:

• Confidential - Applied maintenance to back-leveled DB2 V8 regions. Install DB2 V9, DB2 Log Analysis, DB2 Object Comparison, DB2 Admin Tool, DB2 Utilities Suite, DB2 Explain, QMF, and provide DB2 Connect upgrade support. Worked closely with DBAs and Application Programmers to complete testing and verification. Performed migration from V8 NFM to V9 CM and V9 CM to V9 Confidential . Reworked WLM stored procedure address spaces to silo functionality and improve stability.
• Policy Agent proof of concept - setup Policy Agent for use on test system at customer site.
• Z9 migration - upgrade responsibilities CA- Common Services, CA-Panvalet, CA-Top Secret, CA-Intertest, CA-Sort, CA-Spool, JES2 migration z/OS 1.4 to z/OS 1.7 to z/OS 1.9 migration - Created secondary copy of most of the production systems with FDRPAS to setup proper testing/verification process. Upgrade responsibilities were z/OS upgrades and migration actions, system exits, TMON CICS, various MacKinney products, EMC VSAM Assist, CICS administration and project coordination.
• ADABAS V7 to V8 upgrade - Upgrade ADABAS V7 to V8 including Natural, Natural CICS, Natural Security, Natural Advanced Function, Predict, Software AG Editor, Natural DB2 and Natural VSAM.
• ICSF and Crypto Express 2 Activation - Assist client in ICSF setup and activation, review security protection, provide Master Confidential guidance and impact to disaster recovery procedures.
• EKM Installation - Install and configure EKM on z/OS using RACF certificate storage, assist customer in setting up recovery procedures.
• TKLM Installation - Assist customer in TKLM installation on z/OS, configuration and create a disaster recovery procedure to meet customer requirements
• DASD Migration - assist customer using FDRPAS to perform DASD migration zSecurity Health Check - perform analysis of customers z/OS setup and Top Secret data base, present findings to customer and strategize solutions to best meet customers need zSecurity Remediation - meet with stakeholders in order to achieve stated goals, assist customer in implementing new security model
• System Assurance - z9 BC & z10 BC System Assurance and installation assistance
• Writing various statements of work
• Security & Cryptography consulting z/OS consulting
• General customer assistance for various z/OS related questions
• Sales support

Confidential

Principal Systems Programmer

Responsibilities:

• Confidential - In order to manage 60,000 symmetric keys, achieve PCI compliance and reduce costs, I achieved full production implementation of ICSF and Trusted Key Entry Workstation ( Confidential ) to support CEX2C across 2 sites with 8 production LPARs, 2 development LPARs in a parallel sysplex and 1 disaster recovery site. Completed all security design and setup for Confidential and CEX2C. Completed all security and auditing design for CA-Top Secret’s governance of ICSF.
• Confidential - Design and implement a high availability solution for CA-Top Secret’s Confidential server. MODDVIPA, ARM and 3DNS were all used in conjunction to give the enterprise directory reliable access to Top Secret’s Confidential connector.
• WebSphere Application Server - Completed evaluation of WAS 6.0 on z/OS.
• WebSphere Platform Comparison - Performed cost benefit comparison between WebSphere Application Server on z/OS v.s. WebSphere Application Server on AIX. Used early version of RACEv to perform the analysis.
• Confidential - Project was to move internal certificate management from Windows to a combination of Confidential and Venifi. Performed all installation and configuration for HTTP Server, TDS Confidential, SENDMAIL and all security rules for CA-Top Secret. Designed and setup required recovery for Disaster Recovery.
• Multi-Site Parallel Sysplex - Heavily involved in planning, design and implementation of a two site 10 mile separated parallel sysplex. The migration included movement of the primary 6 production systems to the new site.
• CICS transaction gateway installation and support.
• JAVA Application - Homegrown Online system required a front-end in order to properly communicate with customers SOAP enabled front-end. Performed all research into running JAVA on z/OS via JZOS as a STC. Worked out deployment to z/OS from ClearCase. Setup MODDVIPA to allow the address to seamlessly move between LPARS.
• CA-Top Secret - responsible to perform all upgrades and exploit new features. Responsible for creating rules for all new system services.
• Assisted with VTAM and TCP/IP configuration. Implemented SMTP, FTP, and Telnet services.
• Security configuration and consultant on z/OS setup and implementation.
• Provided extensive systems-related troubleshooting using IPCS dump analysis, TMON/MVS, TMON/CICS, NetView, and GTF traces. Also assisted in solving applications-related abends using Abend-AID, Fault Analyzer and Expeditor.
• Explored using z/VM to achieve FEP replacement. Completed z/VM classwork and basic implementation including Linux for z setup and use.
• Wiki Project - Setup mainframe to provide technical services wiki for documentation that would always be available. Installation and customization of TOMCAT to run JSPWiki with SAF logon constraints. Setup a basic backup/restore failover for disaster recovery. Due to the initial success, the project grew to include multiple wiki’s and Compuware’s Strobe product

Confidential

Middleware & z/OS Systems Programmer

Responsibilities:

• Senior person managing a team providing installation, customization and support for WebSphere Application Server, MQSeries, DB2 v7.1, DB2 UDB and DB2 Connect. Additionally, provided OS/390-z/OS support and Top Secret support.
• WebSphere Application Server - Installed, customized and debugged WebSphere Application Server 4.0.x, 5.0.2 & 5.1 in over 100 production servers across platforms Windows, AIX, Solaris and z/OS.
• WebSphere MQ - Installed, customized and debugged MQ Series 5.2 and 5.3 on Windows and AIX. Supported MQSeries on z/OS.
• DB2 z/OS Systems Programmer - Responsible for DB2 on z/OS. Maintenance, configuration and performance for 6 DB2 regions V7 and V8.
• DB2 UDB – Responsible for DB2 UDB on AIX. Performed all “system programmer” related activities (Install, customize, debug, monitor, upgrade). DB2 versions 7 & 8.
• DB2 Connect Gateway – Responsible for all DB2 connect gateways. Installed, customized, debugged DB2 Connect Gateways on AIX. Creation of configuration scripts to ease administration. Designed and implemented high availability solution for connectivity to DB2 z/OS using DB2 Connect and Big IP. DB2 versions 7, 8 & 9
• DB2 Connect Clients – Responsible for all DB2 clients. Installed, customized, debugged and upgraded DB2 Connect Clients on Windows, AIX and Solaris. Created deployment/configuration scripts for UNIX and Windows.
• Various 3rd party vendor package support of J2EE applications Mobius, Fitch-Risk, Medavante. Responsibilities were to deploy and configure each application. z/OS 1.4 – Responsible for managing z/OS 1.4 upgrade.
• Top Secret CPF – setup command propagation strategy to propagate changes to remote site. Setup involved two systems sharing a security file and one remote system.

Confidential

MVS Systems Programmer

Responsibilities:

• Part of a four person team providing systems programming support for MVS-OS390-z/OS, CICS, DB2 and communications.
• Parallel Sysplex comprised of two CECs, eight systems and one CEC for off-site disaster recovery.
• DB2 – secondary system programming support for DB2 v6.1 and v7.1.
• Processor Upgrades – Involved in planning and implementation all processor upgrades and new installations (multiple generations of 9672).
• MVS 5.2.2 Upgrade – Migrated from MVS 4.3 with JES2 2.2, CICS 2.1 and CA-Top Secret 4.2 to 4.3.
• OS/390 1.2 & 2.6 Upgrades – Performed ServerPac customization, CA product installations Roscoe, Librarian, 11 & CA-Top Secret as well as other ISV products.
• OS/390 2.10, OS/390 “Refresh” - Responsible to upgrade 8 lpars and all ISV products across 2 locations. Created project plan, managed involvement by system programmers, programmers and users. Project from beginning to finish was four months, including initial builds, full disaster recovery test of all applications and a complicated production rollout schedule.
• Y2K – Support, testing and verification for every part of OS/390 and all “home grown” utilities.
• Planned and implemented a scheme of a system setup to allow any system to be IPL'd in any LPAR within the sysplex.
• System Relocation – Performed the movement of the production and disaster recovery systems from Toledo Ohio to Grand Rapids Michigan.
• Various catalog maintenance (IDCAMS - cleanup, merge, split and performance)
• Designed and implemented a Disaster Recovery procedure that allowed for recovery in 1.5 hours from the original time of 6 – 8 hours.
• Designed coded (assembler) and implemented an off-site change control propagation system.
• Mobius Security – reworked security exit for Mobius to use Top Secret and to gather list of all security groups to work similar to DB2 group security.
• Reworked security exits to ease Security Administration.
• Converted and re-coded in-house modifications for table loading and security to the Phoenix Software product Falcon.
• Planned and converted from a "home grown" DASD management system to SMS (SMS FIT).
• Acting in-house security consultant and responsible for all new system services definitions for CA-Top Secret
• Assembler exit coding and modifications (IEBCOPY, SVC 26, etc.)
• Application Development Support – 5/3 designed a new web-based system for back office which required access to CICS. Performed all support for ensuring LU 6.2 worked properly and all security requirements were met.
• Implemented SMS ACS propagation to allow SMS ACS routines to be the same regardless of location.
• Application Library site automatic migration – design backup, transmission, restore and implement scheme from primary site to secondary site.
• Information Security Programming – general support and upgrades for payroll synch. Setup customer addition / deletions driven from customer file feed.

Confidential

Mainframe Security Administration

Responsibilities:

• Payroll synchronization – wrote a series of programs (assembler and COBOL) in order to auto-provision new users and remove previous employees.
• CICS Security Conversion – Assume control for 30+ CICS applications documenting new procedures and analyzing security setup.
• CICS Application Security standards – standardized user ID assignments eliminating application passwords by means of EXEC CICS ASSIGN USERID to pass the signed on user’s ID to the application.
• CICS external security – provided interface examples and coding support for moving CICS applications to use Top Secret instead of using internal security.
• Policy and Procedures – Document security policy and procedures for all applications
• Onlines Security Conversion – “Home grown” online system had to be reworked to interface with Top Secret. Provided design support, security expertise and SAF macro support.
• CA-Top Secret – Responsible for all upgrades and migration actions.