SUMMARY:

• Information Security Architecture with specialization in Identity and Access Management
• Application and Automation Architecture, Solution Design, Development, and Technical Support with specialization in Java, J2EE, WebSphere MQ/JMS, DB2, and AIX ksh
• Performance Management and Capacity Planning with specialization in Unix and Windows environments
• Relational Database Design and Administration with specialization in Confidential DB2 for Linux/Unix and Windows
• Database Stored Procedures, Triggers, and User Defined Functions using Java and DB2 SPL
• Secure Engineering and Application Development with emphasis on appropriate use and deployment of encryption technology
• System Administration on AIX, Linux, and Solaris Systems
• Confidential WebSphere Application Server Administration
• ITIM ( Confidential Tivoli Identity Manager) Administration and Technical Support
• Data Warehouse Design, Development, and Technical Support
• Project Planning and Management
• IIS and Apache Web Server Administration
• RACF Administration
• CICS Application Development
• TCP/IP Network Administration and Support (Cisco 3640 Router, Cisco Catalyst 5500, Cisco PIX Firewall)
• Telecommunications Support (Nortel Meridian PBX Administration, Voice/Data Line Circuit/Fiber Management)
• Windows System Administration

TECHNICAL SKILLS:

Programming languages and API proficiencies: Java (J2EE 1.3 and batch with JDBC, JMS, MDB, and Security and Cryptography extensions), Unix Shell script (ksh/sh), COBOL, REXX, C, VBScript (WSH, ASP, ADO (RDO/DAO) cmd/bat/cscript), TSO CLIST, Command - Level CICS API, CICS LU6.2 API (Mapped and Unmapped), TCP/ IP Socket Programming (TCP and UDP), SQL, JavaScript, XML, Perl.

Software tools and facilities: WebSphere Application Server, Eclipse-Based J2EE/Java EE Programming Integrated Development Environments (RAD, RSA, WSAD), AIX, Solaris, Confidential HTTP Server (a.k.a. IHS) Apache, IIS, MS-Access, MS-Project, Visio, CICS, RACF, TSM, Windows, Cisco LAN/WAN (3640 Router IOS 11.2, Cat-5505, AS/5200, PIX520), Confidential SP2 MPP, CLIOS, Confidential DB2, Axis2, SOAP UI.

Additional hands-on experience: with WebSphere Business Integration Modeler (WBI), BMC Patrol, CA-Unicenter, CICS Debugging Tools (CECI, CEDC), VSAM, Radview WebLoad, VAX/VMS, OmegaMon, TMon, SPUFI, QMF, ISPF/DMS, DITTO, Linux, CA-OPS/MVS, JobTrac, SAS, CA-Librarian, CA-Datacom/DB, MS-Office (Excel, Word, Outlook, PowerPoint), Open Office, Exceed, Tomcat.

WORK EXPERIENCE:

Confidential, NA

Information Security Engineer

Responsibilities:

• Perform design and development of proprietary systems and automation as well as internal infrastructure support and security oversight as a member of the Identity Management Technical Solutions (IMTS) team.
• The primary product is Confidential Security Identity Manager (ISIM) 6.0 hosted on Linux supporting a large number of databases with a Tomcat based Web Service bridge between Oracle Identity Manager and ISIM.
• Assignments to date have included working with IMTS team members to gather and present operational technical information to Confidential internal auditors, setting up Client SSL/TLS Authentication using Trusts, development of receive/respond and error/fault processing for a SOAP Web Service that was used to bridge access provisioning requests made in Oracle Identity Manager to the Confidential Security Identity Manager provisioning engine.
• Additional assignments included update of zOS/MVS REXX/ISPF code in support of migrating in-house written code to CA-Endevor (source code management tool).

Confidential, Phoenix, Arizona

Information Security Developer

Responsibilities:

• Provide ongoing analysis, design, and development services in support of the Confidential Information Security, Identity and Access Management initiative based on the NetIQ 4.5 Identity Manager (IDM) product.
• The NetIQ deployment environment was Red Hat Enterprise Linux (RHEL) 6.7, with Tomcat 7.0, ActiveMQ, and Novell Directory Server V8.8 with MS-SQL Server. Batch processing included automated retrieval and processing of employee and non-employee new-hires and terminations.
• This was done using bash scripts with imbedded Web Service calls to cloud-hosted Web Services to retrieve data followed by XSLT transforms of retrieved XML data into the required IDM format.
• User Modification (employee and non-employee) of access entitlements and details along with Immediate User Termination facilities were provided by the web-based IDM User Application.
• Provide end user and internal team assistance/support for IDM and NetIQ functions as requested
• Perform break/fix support for the production and test NetIQ Deployment environments
• Create additional IDM related features and functionality as directed by the Security Architect
• Collaborate with and provide support to the Security Engineers, Risk Management Analysts, and Security Architect
• Research, develop, and maintain enhancements to the Epic Application Web Service Interface including call request/response processing and WSDL mappings.
• Provide support/assistance to other projects and initiatives assigned to the Information Security IDM team by the CIO or CISO.
• Perform routine and emergency maintenance of NetIQ related s, keys, keystore files, and OAUTH processing configuration.
• Develop solutions using Linux bash and ksh scripts, XML/XSLT, LDAP utilities (ldapsearch, ldapmodify, etc.), LDIF, Java, keytool, and JavaScript to analyze and maintain the data required to support access provisioning.

Confidential

Architect

Responsibilities:

• Developed and documented technical procedures for implementing key-based security for internal applications using Confidential 's GSA (Global Storage Architecture) DCE/ASF Cloud.
• Provided technical guidance to Global teams for construction and deployment of encryption and dual-factor authentication facilities needed to support customer security requirements.
• Developed and documented a Java 6 stream-mode AES256 cipher with zip compression and base-64 encoding to replace instances of an RC4 cipher utility used internally by Confidential operations teams.
• Lead/performed review of IAM (Identity and Access Management) team security practices followed by presentation of findings to those responsible for the work. This resulted in positive changes to automation development and deployment, in-place controls, and documentation.
• Lead/performed design and development of an Identity and Access Management Data Warehouse. The completed solution was compliant with Confidential World Wide Records Management policies and was the go-to location for all audit reporting related to the source systems that it provided services for. It later became a key automation data source for active server inventory and execution of recurring (e.g. quarterly, annual) privileged access revalidation processes against that inventory.
• Lead/performed modification of a J2EE web application with JavaScript that provided high-volume DB2 data reporting for the DW mentioned above. Custom features included secure facilities for data query, end-user customization of reporting web pages, and optional data download.
• Designed/developed and maintained the DB2 ETL (Extract, Transform, and Load) processing and control structures for the Confidential internal IAM Data Warehouse.
• Designed DB2 ETL processing and control structures for the Confidential Global IAM Data Warehouse.
• Lead design and development of a facility that reduced unnecessary processing related to managed server reconciliation with the ISIM server repository by 65%.
• Lead design and development of an ITIM LDAP Referential Integrity (RI) tool that read RI criteria specified in an external file, processed the specified LDAP object classes and attributes, and generated reports and commands (LDIF) to correct any discrepancies found.
• Design and development of an Excel VBA macro that read ITDS ( Confidential Tivoli Directory Services) LDAP Schema source and generated a report of all objects with their attributes and data types.

Confidential

Senior IT Specialist

Responsibilities:

• Ongoing support for a Global Infrastructure Support application that provides technical staff with access to Tivoli Remote Control, desktop and server inventory query and reporting, desktop and Server Software Distribution, Packaging, and Distribution Monitoring, Tivoli Event Consoles (TEC), and TEC Alert Suppression Rules/Calendars. Application components include WebSphere V5.1 on Linux, WMQ Series 5.3 (Servers and Clients), DB2/UDB V7.2, Perl, ksh, and Java 1.3 batch processes.
• Design of secure remote-site initiation of on-premise Cloud server image provisioning, secure user-initiated application source code transport to/from a centrally managed repository (DSL), and secure authorization and tracking services for an enterprise desktop Software Download Facility.
• Design and development of an Excel VBA macro that read DB2 table and column description details and generated DB2 table creation DDL

Confidential

Systems Management Professional

Responsibilities:

• Lead/performed detailed design and development of a site-custom logical access provisioning and reporting application. Key technologies included Tivoli Directory Integrator (TDI), DSML, SPML (draft), Java, DB2, Actuate (V8), and Lotus Notes.
• Design and development of an Application Services Framework that included advanced web application security features, data-driven web sites (menus, data list/search pages, detailed data display and update), and user-selectable levels of detail for event logging. The framework was written for WebSphere/DB2 using Java (J2EE) with JavaScript and provided near-immediate deployment and ROI for low to medium complexity applications.
• Development and ongoing support for a J2EE, DB2/UDB, WMQ/MB application that performed automated server provisioning. Ongoing support responsibilities for this application included end-user support, AIX administration, WebSphere administration, and DB2 administration.
• Encryption alternatives analysis and recommendation followed by design, construction, and tuning of an application-transparent DB2 column-data encryption facility for a global financial customer. The deployed solution included database Triggers, Stored Procedures, and User Defined Functions (UDFs) with native DB2 (RC2 cipher) and Java UDF (RC4 cipher) column encryption.
• Requirements analysis and design for an Confidential -internal Service Delivery data collection and reporting system. The design included migration from a legacy system written using Microsoft Access Front-end with SQL Server as the Back-end. The new application was written using J2EE for WebSphere Application Server V5.1 with DB2/UDB V8.2
• Ongoing application support and security hardening for a global Interactive Voice Response (IVR/VRU) initiated network password reset application.

Lead Software Specialist

Confidential, Phoenix, Arizona

Responsibilities:

• Provide Capacity and Performance related vendor-product technical evaluations and recommendations
• Work with vendor and in-house personnel to resolve complex distributed application performance and availability issues
• Design, construct, deploy, and support in-house written tools related to performance and capacity management and reporting including high-volume secure (3DES encrypted) background script submission, execution, and output management
• Provide technical support and application development assistance for the Capacity Planning and Performance Management web site
• Lead/performed construction of an AMEX internal application cross database that provided rapid access to critical information for technical support personnel during on/off shift emergency support and change planning. Base information included server and application deployment details and was brought into a DB2 database via ETL from SQL Server, MS-Access, Lotus Notes, and server detail extract files.
• Provide input to my management as requested related to new-hire personnel technical interviews, team organizational structure, personnel assignments, procedures, roles, and responsibilities

Network Engineer

Confidential, Phoenix, Arizona

Responsibilities:

• Perform technical research and analysis pertaining to web and distributed application and infrastructure performance problems including
• Problem Determination (both real-time and post-event)
• Pre-launch application stress-testing and tuning (bottleneck analysis, code integrity verification,
• Application and network capacity requirements analysis and forecasting
• Provide verbal and written incident reports as required by circumstance and/or Capacity Planning/Performance Management leadership direction.
• Providing technical support for NT server consolidation efforts,
• Application and server performance data collection, analysis, and reporting,
• Working with vendor and in-house personnel to resolve complex application performance and availability issues
• Design, construction, deployment, and support of in-house written tools.

Open Systems Administrator

Confidential, Tempe, Arizona

Responsibilities:

• Worked with vendor, marketing, and technical support staff as necessary to accomplish customer service and support objectives in an environment consisting of AIX, Solaris, Windows NT, TCP/IP, and DB2/UDB software products.
• Served as primary contact for all local communications carriers and circuit orders.
• Provided day to day technical support for
• Local NT 4.0 servers and desktops
• Northern Telecom/Meridian PBX (with MDF/IDF punch down and line test)
• Local Cisco switches, firewalls, routers, and dialup access
• Phone, printer, and external communications circuits
• Major projects included
• Development and documentation of an Outlook-98 based Change Management application
• Migration of DB2/6000 2.1 to UDB 5.1 (both AIX) with concurrent implementation of UDB online backups and forward-recovery capability.

Lead Analyst

Confidential, Tempe, Arizona

Responsibilities:

• Participate in Year 2000 assessment and planning for non-mainframe systems and business areas.
• Develop and implement online and batch programming for the in-house written CSP, COBOL, CICS, and DB2 applications.
• Provide mainframe technical support and/or assistance to internal staff and management as needed.
• Provide technical support for internal and external application system data feeds and interfaces.
• Major projects included:
• Design and development of local-side processing for FAA mandated airline passenger security system.
• Repair of internal data integrity for a major DB2 application.
• Provided technical assistance and direction on design and implementation of RACF controls for CICS V4.1,
• Creation and deployment of Y2K source management using Endevor SCM
• Provided consulting services and on use of the SHARES-CICS Interface created during my previous employment here.

Consulting Analyst

Confidential, Scottsdale, Arizona

Responsibilities:

• Use native AIX performance monitors and execution statistics to tune and/or recommend tuning changes and diagnose performance issues with online and batch applications and operating system components.
• Prepare monthly performance and problem reports for management and support personnel.
• Research system software and hardware problems and download (or order) and apply maintenance as necessary using IBMLink and Confidential RS/6000 web sites.
• Work with vendor and site technical staff for product evaluations and problem isolation and resolution.
• Developed and documented SP2 Interface Verification Procedures for use by technical staff when performing post-modification tests.
• Designed, developed, and implemented an enterprise-capable distributed processing control system which allowed MVS to perform job scheduling and control of background processing on the SP2 (or any other TCP/IP host connected to the MVS mainframe).