SUMMARY:

• 20+ years of IT experience in US. Industries - Finance, HealthCare, Engineering, Media & Telecommunication.
• 14 years of IT security experience with on premise and cloud infrastructure, OS/application security for cloud applications.
• 12 years of experience in support and development of strategic initiatives, execution of critical information sensitive IT security projects, risk mitigation, contingency planning, commercial analysis and vendor management.
• 10 years in Virtualization - Xen, VMWare, KVM, Hyper-V.
• 6 years of design and implementation of Enterprise, Hybrid, Private and Public Cloud technologies. Secure SPI/ Secure SDLC.
• Strong experience with Cloud Solutions (Design/Architecture), HPC (High Volume Securities Trading Platforms).
• 9 years with time critical investment banks, derivatives, fixed income, Hedge Fund and Equities.
• 8 years of experience in Implementing cloud operational processes, continuous integration, continuous delivery, best in class operating model for the cloud.
• 8 years of providing technical guidance and give decisions on the best security design and engineering.
• 8 years of developing enterprise-wide and cross-functional Security Solutions.
• 2 years of mobile security, secure applications for Android and IOS, leverage OWASP best practices for secure mobile app development, Identify and mitigate threats to mobile apps. Protect mobile application data at rest and in motion.
• Budgeting, forecasting and timely change management reports to senior leadership. Reduce expense.
• ITIL V3 Certified. Adherence to ADM/CMMI, ITIL and internal audits.
• Certified by Office of Business Continuity (COB expert- Citi certification).
• Certified in IT Export Licensing Compliance (ELC)- Data Privacy Laws.
• Certified in IT Process improvement, Compliance.
• Certified in IT application security.
• Six Sigma - Certified.
• Experience with implementing complex AWS solutions, worked with Rackspace/ClearDATA Managed Security Service Providers.

TECHNICAL SKILLS:

Hardware:: RISC/x86 platforms, CISCO UCS 5108, NetApp FlexPod, Nutanix, IBM (Flex System, Power7-8), HP c7000, Dell M1000e-M Blade Servers.

Storage:: EMC, Hitachi, 3PAR, NetApp.

Operating Systems:: HP-UX, Red Hat, OpenSUSE, Ubuntu, AIX, SCO Open Server, UnixWare and MS.

Virtualization: Citrix (Xen App/Xen Server), VMWare- (ESXi/VSphere 6/VCenter SRM/Horizon/vCloud Suite/VDI/WorkSpace Suite/ NSX Network virtualization/Project Enzo), KVM, Hyper-V.

RDBMS:: MySQL, MS-SQL, PostgreSQL, Oracle, Geneva (Advent), MongoDB, DynamoDB, ElastiCache, Amazon RDS, RedShift, GemFire, Greenplum.

IT Software Packages/ Cloud Tools:: Apigee API Management, ServiceNow, FireEye / Mandiant, CloudPassage, Dome9, REST, SOAP, LAMP, Netcool, VCOPS, VRealize, New Relic, Cacti, Graphite, Logstash, Nagios, Ganglia, Splunk, Hyperic, Office 365, DI. JBOSS, J2EE, Drupal CMS, Magento, Autoscaling, CI/CD tools - Salt Stack, Ansible, Puppet, Chef, Docker, BitBucket, Jenkins, Dynatrace, RightScale, ArcSight, Alert Logic, IDS/IPS, In-line and SaaS DLP, Cleo Trust/Lexicom, CyberArk, SailPoint, BitSighttech, Fortify, AppScan, Contrast Security (DVA), AWS Security Hub, AWS Macie, AWS Inspector, AWS GuardDuty, Palo Alto s Redlock & McAfee s Skyhigh for Continuous Assurance.

Big Data: Apache Hadoop, Hana, Pivotal Big Data Suite, EMR and OpenStack Swift.

Security Standards:: ISO27001, HIPAA, SOX, GLBA, PCI- DSS, NIST, ITCAM, CYBEX, SCAP, OASIS, SOA, TOGAF-SABSA integration, MPAA, CSA STAR, WS-SAML, OWASP (Top 10), NIST, REST, FIPS 140-2, and 4BF.

Cloud: AWS, Azure, Google.

PROFESSIONAL EXPERIENCE:

Confidential, NY

Sr. Cloud Security Architect (Consultant)

• Enterprise Cloud Security reviews.
• Cloud Threat Modeling.
• AWS Security - SME.
• Azure Security.
• GCP Security.
• Cloud Practice - SaaS, PaaS and IaaS cloud deployment security reviews.
• Position Papers and Security Blueprints on numerous Cloud Services.
• Prepared Cloud Security Baseline Policy document.
• Created Cloud Continuous Assurance program.
• Recognized for outstanding performance.

Confidential, NJ

Enterprise Technology Architect II (AWS Security SME)

• Enterprise Technology Planning and Governance.
• AWS Cloud Design and implementation.
• Cloud Application Security.
• ClearData Managed Cloud Services.
• Google Cloud- Apigee.
• Informatica - DIH.
• DevOps CI/CD security.
• Prepared Cloud Application Baseline security policy.
• Security assessment of all cloud projects (end to end).
• Working on Security initiatives like Certs, KMS, Network/Endpoint DLP, Skyhigh, SIEM-Splunk-ArcSight, PAM-CyberArk. OSS Security using Sonatype Nexus Firewall, API Gateway security, Pen-test(all).
• Threat Modeling.
• Enterprise Security Tech Arch.
• Informatica DIH cloud security.
• Strong AWS security- AWS services including ECS/Geo/WAF/Shield.
• Hortonworks Hadoop security.
• ElasticSearch Security-Kibana/Logstash.
• Secure MFT.
• WAM security.
• TSCO TrueSight Security.
• Dynatrace security.
• Best Performer - Recognition certificate award.

Confidential, NJ

Sr. Cloud Security Architect (Consultant)

• Design, implementation and deployment of mission-critical healthcare applications on AWS Cloud.
• Cloud Security Alliance - CCSK, Data Dispersion, DAM, FAM, IDS/HIPS/NIPS, DLP MFA, PKI/PKO, Key pair, volume encryption (FDE), AES 256 encryption, SSL/TLS, IPsec VPN, Firewall rules (SG, ACL), IdEA, EDRM, Security as a Service expert.
• Worked on Cyber Security - policies, framework and procedures, risk management and standards - SABSA, FedRAMP, NIST/FISMA/RMF, DoD, HITECH/HIPPA.
• Risk assessment for critical quality functions (e.g. patient, personnel, public and/or product safety, product quality, efficacy, and/or performance)) of new systems and major changes such as a Failure Mode and Effect Analysis (FMEA), Hazard Analysis and Critical Control Points (HACCP), Fishbone diagram, etc.
• Engaged in following areas: eRIM Assessment for New IT Systems, eRIM Assessment for Existing IT Systems, Data Privacy Plan, Validation Plan (for quality system or validation strategy in project plan/change).
• Migration/Conversion Plan, Software Design Description (containing System Architecture Description), Detailed Design, Database Design, Interface Design, Design Verification Testing (e.g. Unit Test) (Critical Quality Feature) Code Review, System Performance Testing, Test/Validation Protocols, Traceability, Cloud Data storage and backup, infrastructure and software installation qualification (IQ) or equivalent procedure, Business Impact Assessment (BIA), Strategic Recovery Strategy, Application System Recovery Plan, Installation and Deployment Plan,
• Identification of Supporting System, AWS System Certification.
• AWS Professional- SME.

Confidential, NJ

Sr. Application Security and Advisory (Consultant)

• Responsible for the risk management of in-house and vendor provided systems.
• Performing application security assessments for new - existing applications, on- premise and cloud, mobile device security.
• Co-ordination, control and execution of vulnerability assessments and penetration tests.
• Provide assurance and audit to various technologies and business processes by continuous internal and external vendor vulnerability assessments.
• Participating in reviews and updates of internal security policies and procedures.
• Perform vulnerability reviews, scans and audit of all external facing web and application systems
• Interacting with the IT owners, business owners and application vendors to enforce company security policies and make the staff aware of industry best practices.
• Creation of road maps, project plans, new proposals, business report and new security policies.
• Assisted in the training of local staff on security technologies and best practices.
• Performing analysis and review of new security products and technologies for the organization.
• Security advisory in-charge of Global Markets, Capital Markets, Client Management, ITTF and Secure Services applications at BNPP.
• Working on hundreds of time critical application on secure design posture.
• Provide technical guidance and give decisions on the best security designs.
• Develop Enterprise-wide and cross-functional cloud security solutions.
• Monitor, benchmark and report progress and performance of Security systems management and service levels.
• Designed secure Azure environment.
• Expert CyberArk. Advance threat protection, cloud and virtualization security.
• Expert in ArcSight SIEM. Real time threat detection, Application Monitoring.
• Expert in Contrast Security - Dynamic Source Code Analysis for Internet facing and high sensitive applications.
• Expert in Fortify - Static Source Code Analysis.
• Expert in Access Control using tools like SailPoint, Arcot, MFA, Kerberos, SiteMinder.
• Make presentations to c level, CIO dashboard on security reviews.
• Vendor Risk Management using tools like BitSight Technology and Hiperos.
• Regulatory Compliance.
• Governance.
• Regulatory risk, Risk Scoring.

Confidential

Sr Cloud Solutions Security Architect (Consultant-CBS Media)

• Provide technical guidance and give decisions on the best security designs and engineering on AWS and Azure Cloud.
• Develop Enterprise-wide and cross-functional Security Solutions.
• Design and engineer enterprise wide security solutions for on-premise and Off-premise (VPC).
• Design and implement Secure Enterprise, Hybrid, and Private and Public cloud technology solutions. Vertical and Horizontal scaling expert.
• AWS Solutions Security Architect expert - IAM, EMR, ELB, RDS, Redshift, ElastiCache EC2, S3, Glacier, Route 53, Direct Connect, CloudFront, VPC, CloudWatch, CloudTrail, Directory Service, Trusted Advisor, OpsWork.
• Planning/Analysis/Budgeting/Monitoring/Security expert.
• Cloud Security Alliance - CCSK, Data Dispersion, DAM, FAM, IDS/HIPS/NIPS, DLP MFA, PKI/PKO, Key pair, volume encryption, AES 256 encryption, Redshift ECDHE cipher, SSL/TLS, IPsec VPN, Firewall rules. IdEA, EDRM, e-discovery, Security as a Service expert.
• Study, research new security initiatives, updates to standards and make presentation to upper management.
• Vulnerability assessments, penetration testing and design/plan/approve/fix vulnerabilities.
• Direct secure SDLC.
• Adhere to security architectural standards, risk management and implement best available security.
• Monitor, benchmark and report security implementation progress.
• Conduct security technology reviews based on SAS 70/SSAE 16 audit findings.
• Shown ability to drive and thrive in a fast moving, high performance cross-functional organization.
• Mobile apps. Mobile application security. Secure applications for Android and IOS, Leverage OWASP best practices for secure mobile app development, Identify and mitigate most significant threats to mobile apps. Protect mobile application data at rest and in motion.
• ITIL Professional.

Confidential

Senior VP- Enterprise/Cloud Information Security Architect (FTE)

• Study, research new advance security initiatives, updates to standards and make presentation to upper management.
• Develop Enterprise-wide and cross-functional Security Solutions.
• Design, plan and implement penetration testing on each layer of OSI stack. Fix vulnerabilities.
• Risk Assessment and implement solutions.
• Maintain security standards by closely working with Governance (GRC) team.
• Create and maintain documents related to security around information systems.
• Adherence to secure architectural standards, risk management and implement best available security.
• Monitor, benchmark and report security implementation progress.
• Conduct security technology reviews using SAS 70/SSAE 16 audit standards.
• Direct secure SDLC. Orchestrate SSL/TLS in motion, encrypt when data in use (Cached) and at rest. (On premise and off premise-3rd party development/testing).
• Shown ability to drive and thrive in a fast moving, high performance cross-functional organization.
• Interface with external business partners, vendors and subcontractors on issues related to new security solutions, systems portability and using standard.
• Lead the effort to develop Information Technology security standards and procedures.
• Monitor, benchmark and report progress and performance of Security systems management and service levels.
• Budgeting security needs, forecasting and timely change management reports to senior leadership on security. Reduce expense.
• Experience of managing multiple stakeholders and prioritizing book of work in partnership with business Competencies.
• IT data security - Safe guard sensitive data when working on cloud.
• Implemented IPS/IDS, AES 256 encryption.
• Highly articulate communication, influencing and negotiation skills, cost sensitivity and productivity focus.
• Develop and implement Operating mechanisms to measure the execution and effectiveness of security compliance processes. Schedule IT security trainings.
• Secure migration experience on Amazon AWS private cloud via encryption and tokenization. Key-pairs must stay on-premise at all circumstances.
• Certified by Office of Business Continuity (COB expert-certification).
• Certified in IT security (Citi certificate).
• ITIL Practitioner. ITIL V3 certified.
• Star employee - certificate award.
• Champion Performer - certificate award.

Confidential

IT Security Architect-Sr Application security, Operations and Infrastructure Group (Consultant)

• Application Security.
• Operational Security.
• ITIL.
• Six Sigma (Green Belt Certification).