We provide IT Staff Augmentation Services!

Senior Systems Architect Resume

5.00/5 (Submit Your Rating)

Richardson, TX

SUMMARY:

Acquire a senior architect level hands on technical position involving Big Data, ERP, Financials, Asset Management, Security using Attribute Based Access Control, Identity Management, Risk Assessment, Architecture, Cloud development, design, configuration, testing, deployment, maintenance, DevOps automation and upgrading of Corporate level Information Technology Infrastructure and Security including Enterprise Servers, Big Data Analytics & Corporate Big Data Strategy Development, Blockchain integration in GL and Asset Management modules, High Availability Storage, & Disaster Recovery Systems either using in - house data center or public virtual Elastic On-demand Cloud environment adhering to code and standards from TOGAF, ArchiMate, ABAC, HIPAA, HITECH, IRS Code, FISMA, FedRAMP, ITIL, COBIT, NIST, ISO, IEC, FFIEC codes.

TECHNICAL SKILLS:

Development Tools: IBM CICS, Confidential CASE Tools for Informix 4gl, Eclipse, Spring Tool Suite, JDeveloper, and Visual Studio installing a LAMP (Linux, Apache, MySQL, PHP) stack on virtual servers. Spring 2.0, iBATIS, TAM5.1, JSF, StrutsFramework1.2/1.1, Signix, Velocity, Roller, Server side Java, AppLogic, HTML, DHTML, Hibernate, AJAX, WAP, ASP, PERL Script, Neon Shadow Driver, WEB2.0.

WORK EXPERIENCE:

Senior Systems Architect

Confidential, Richardson, TX

Responsibilities:

  • Team lead with hands on technical capabilities for a full enterprise systems design, Risk Assessment, Big data, ERP software, Asset Management, Security Information and Event Management (SIEM), SSO, OLTP and OLAP data warehousing, DR & HA system architectural planning, design, test, and deployment. Confidential end user companies having thousands of users performing online transactions on enterprise infrastructure.
  • Confidential has OEM partnership agreements with IBM, Oracle, SUN, Microsoft, EMC, Amazon AWS and others so a fully integrated system including Identity Management, data warehouse design, ERP software, hardware servers, storage systems, user access control, networking, work flow, and disaster recovery infrastructure could be architected, designed, tested, deployed, and maintained for end clients for the complete life cycle of the solutions.
  • Served as a technology subject matter expert to analyze complex technology from various vendors' enterprise system solutions ranging from IBM Big Data, Hadoop, ERP, Asset Management, Financials, SIEM, WMS, and Identity Management.
  • Deployed Identity and Access management solutions using SAML, OAuth, LDAP, Active Directory, RACF, OKTA 5.4, Oracle IM, OAM, BIG-IP APM.
  • Collected input data and converted in to workload requirements to calculate resulting end solution. Worked on software products generating over 13 million lines of codes. Using PLSQL, 4GL, Confidential, Eclipse JAVA IDE, JAVA GlassFish, Apache Tomcat, IBM WebSphere, Sprint Framework Tool Suite 3.9 for Java, HADOOP, HIVE, Spark, and Apache Tomcat. Deployed using VMware vSphere ESXi, vCenter, vCenter Site Recovery Manager, KVM-32, Puppet Enterprise, Git etc for RHEL, IBM AIX, Microsoft 2008 and 2012 Servers.
  • Collected business requirements and then converted into operations systems, applications, DevOps, Analytics, storage, virtualization in a fully integrated technical solutions architecture for a full software development and deployment life cycle. Used IBM Blockchain MQ and IBM Blockchain Bluemix to design and structured database schema for FourGenBIT GL & Asset Management modules.
  • Provided hands on project design, configuration, and deployment of ERP, Financials, Asset Mangement, and WMS systems using Workday, Peoplesoft, Oracle, SAP BASIS, SAP NETWEAVER, SAP S/4HANA, SAP SD, SAP PS, IBM Director, and IBM Maximo products.
  • Provided Risk and Audit functionality for system and enterprise wide IT operation using IBM OpenPages GRC and SAP GRC. Followed and adhered to standards and guidelines as developed under TOGAF, ArchiMate, NIST SP 800-53, NIST SP 800-37, ISO/IEC 27001 Information Security Management, & ISO 27005 Audit, ISO/IEC 38500, FISMA, FedRAMP, and COBIT. Architect and designed schema for Confidential GL for Blockchain General Ledger for transparent deployment for GL posts for financial transactions for credits and debits and also integrated Blockchain technology for Asset Management module of Confidential using IBM Blockchain Bluemix.

Confidential, Houston, TX

Senior Systems Architect

Responsibilities:

  • Performed capacity planning and risk assessments of enterprise wide applications, infrastructure, business and technology vendors using criteria for policies, risk acceptance levels, & exceptions to the rules against defined risk frameworks as NIST SP 800-30 and OCTAVE.
  • Deployed applications via IBM WebSphere and secured by OKTA 5.4 integrated SEIM with IBM z/os RACF, IBM QRadar 7.2 thru 7.3, IBM Tivoli Workload Scheduler 9.1, IWS 9.3 Capacity Planning, F5 BIG-IP Application Security Manager, Global Traffic Manager, and F5 BIG-IP Local Traffic Manager v 11.4.
  • Developed learning/blocking settings, learning speed, and assessing violations for periodic policy adjustment.
  • Optimized performance to reduce false positive blocking. Performed ASM configuration and developed policies and block list for entities such as attack signatures and a safe white list for entities such as file types, URLs, parameters, and cookies to establish ASM policies manually or automatically thru Artificial Intelligence machine learning. 6 week periodic signature import manually or automatically daily to add to the policy.
  • Developed brute force login protection, geo location enforcement, and web scraping protection policies.
  • Used Hadoop, HIVE, Spark, YARN, and IBM Cognos BI tools for ETL and analytics.
  • Followed and adhered to standards and guidelines as developed under TOGAF, ArchiMate, NIST SP 800-53, NIT SP 800-30, OCTAVE, ISO/IEC 27001 Information Security Management, & ISO 27005 Audit, ISO/IEC 38500, FISMA, FEDRAMP, and COBIT.
  • Deployed dozens of public and private clouds for thousands of applications and cloud projects adhering to FISMA, FedRAMP protocols and assisted agencies to receive their ATO certification for the cloud projects .

Confidential, New York City, NY

Senior Systems Architect

Responsibilities:

  • Mentored junior staff on troubleshooting tasks for BIG-IP LTM commands as tail, tcpdump, and ssldump etc.
  • Used Hadoop, HIVE, Spark, and Cognos BI tools for ETL and analytics.
  • Deployed BIG-IP APM Access Policy Manager as a SAML identity provider (IdP), a SAML IdP service to provide SSO authentication for external SAML service providers (SPs) for Single Sign-on.
  • Configured and deployed BIG-IP Application Security Manager .
  • Performed ASM configuration and developed block list for entities such as attack signatures and a safe white list for entities such as file types, URLs, parameters, and cookies to establish ASM policies manually or automatically thru Artificial Intelligence machine learning.
  • Provided Enterprise Systems capacity planning, configuration, sand box testing, and deployment of IBM zEnterprise BC12 2828-A05, System z9 2094-701 with designed to provide capacity planning calculations for IBM's z Systems and LinuxONE processors running LPAR configurations with thousands of workload environments under z/OS, Z/OS MF, z/OS MF-TEST, z/VM, z/VSE, KVM, Linux, zAware, zACI, and CFCC. Capacity results are based on IBM's LSPR data supporting all IBM z Systems and LinuxONE processors.
  • Performed configuration, production workflow and capacity planning using IBM TWS and IWS Automation and Capacity Planning tools.
  • Deployed IBM VTS TS7700 series virtualization engine with TS3500 and TS4500 in conjunction with physical tape drives.
  • DevOps included Virtualization Service Delivery and testing was done using Azure Data Lake, COSMOS, & SCOPE, JIRA, VersionOne, CUCUMBER, SmartBear TestComplete, and ParaSoft Virtualize.
  • Confidential has OEM partnership agreements with IBM, Oracle, Microsoft, EMC, Citrix, F5, Cisco, Amazon AWS Cloud, and others so a fully integrated system including software, hardware servers, storage systems, networking infrastructure, and disaster recovery infrastructure could be designed, tested, deployed, and maintained.
  • Provided hands-on technical infrastructure planning, design, acquisition, configuration, deployment, and maintenance using IBM zEnterprise BC12 servers, System p Power 795, SUN SPARC Enterprise T5440, IBM Tivoli TS4500 using Linear Tape-Open Ultrium 6 drives, EMC ViPR using ScalelO and VMware vSAN. ID and A ccess Control integration and upgrade of CA TopSecret, CA ControlMinder, CA SiteMinder & CA AuthMinder 9.2 to 12.1 versions.

Confidential, Albany, NY

Architect

Responsibilities:

  • Deployed Attribute Based Access Control (ABAC) so the access rights are granted to users through the use of policies which combine attributes together with IF/THEN Boolean conditions.
  • The policies used various type of attributes as user attributes, resource attributes, objects, and environment attributes and sub-categories.
  • Used XACML and SAML in a cross enterprise Federation to Federate entities use of users SSO functions using SAML and then using XACML for the policy logic to control granular access control on the application or data serves.
  • Collected business requirements and then converted into operations systems, applications, DevOps, Analytics, storage, virtualization in a fully integrated technical solutions architecture for a full software development and deployment life cycle.
  • Deployed dozens of Cloud environments and thousands of cloud applications and assisted the Cloud Service Provider and the Agency using the cloud service to obtain Authority To Operate (ATO) before using the CSP’s offerings. Preparing the end user agency for the ATO required extensive steps as follow while adhering to TOGAF, ArchiMate, NIST SP 800-53, NIST SP 800-37, ISO/IEC 27001 Information Security Management, & ISO 27005 Audit, ISO/IEC 38500, FISMA, FedRAMP, and COBIT:
  • Designed and deployed ERP, Warehouse Management, Financials, and Asset Management modules from IBM MAXIMO v. 6.2 and v. 7.4 with SAP HANA AR, GL, AM, SD, PS and Confidential with Oracle APPS 11i, Peoplesoft 9.1, and Workday v. 28.
  • Provided Agile ScrumMaster and Project Owner leadership roles for concept thru development and deployment and testing of ERP, Financials, and Asset Management application upgrades including Confidential, IBM MAXIMO, SAP AP, GL, AM, SAP BASIS, SAP NETWEAVER APPLICATION SERVER, from old ERP enterprise legacy asset management application.
  • Developing solution for the cloud service provider's offerings VMware ESXi server farms, vCenter server, and KVM-28; while adhering to FedRAMP protocol. ERP packages including Confidential, Oracle, SAP BASIS, and SAR, GRC, and other Security modules of various applications secured by OKTA 5.3 integrated SEIM with IBM z/os RACF, IBM QRadar 7.1, F5 BIG-IP Application Security Manager, Oracle Identity Manager, Oracle Access Manager, IBM Tivoli Identity Manager, IBM QRadar, IBM TWS 9.1, IBM IWS 9.3, Tivoli Access Manager on RHEL, SLES, AIX, Microsoft 2012 & 2016 Server operating systems Active Directory/MIM.
  • Performed Capacity Planning for production and development environments. Developed the plan, implement, and manage IWS Workload Scheduler objects to create a production day plan. Managed changes to objects, the plan, jobs, events, and job streams. Performed optimization of production workflow, troubleshoot plan problems, and manage dynamic and event-driven workloads.
  • Developed capacity planning documents and instruments to forecast the hardware and software configuration required to support an IBM Workload Scheduler workload.
  • Performed analysis of capacity plan vs actual work load for Database replication results update for mirroring, Dynamic Agent scheduling, and User Interface scalability for over 350000 jobs per day and 140000 concurrent users.
  • Architected and deployed a complex ABAC attribute-based access control p roviding dynamic, context-aware and risk-intelligent access control to resources allowing access control policies that include specific attributes from many different information systems to be defined to resolve an authorization and achieve an efficient regulatory compliance.
  • Designed a mechanism for ongoing imports of CSP scans, POA&M items, or other continuous monitoring materials into agency systems.
  • Developed and validated user migration strategy and cutover strategy using learned best practices and various scenarios to pick and validate by sourcing info from end user customers' experiences. Extensively used RedHat and SLES Linux OS with KVM-28 thru KVM-32 Hypervisor or VMWare vSphere for virtualization deployment.
  • Designed and configured commodity non branded hardware white box into shared storage available and deployable on demand via Software Defined Storage methodology tool using EMC ViPR and VMware vSAN. Created a very secured Private Cloud environment for a robust Web Services environment using IBM DataPower XI52 and XS40. Deployed non-mission critical services for public interface via Amazon AWS cloud using EC2 and S3 deployments for computing, storage, and development environments using cluster of virtual servers using RedHat, SLES, WINDOWS Server 2016, Solaris 11.
  • Designed and developed a method to not only back up the OS, Applications, and the data files but also back up the Storage Configuration to know (during disaster recovery) how many disks are on the system, partition table structure, logical Volume management, and the file system. That allowed to recover the system on dissimilar hardware system and also allowed Physical to Virtual, Virtual to Physical, and Virtual to Virtual migration or recovery environments.
  • Used IBM Spectrum Scale to provide scalability, flash accelerated performance, policy based storage tiering from flash to disk to tape media. This data and file management solution is based on IBM General Parallel File System which allows for the global data to be locally stored near the users or applications which need to use it quickly.
  • Performed a design evaluation cost analysis of Software Defined Storage from EMC and IBM vs Proprietary Hardware Storage from IBM, Oracle/SUN, and EMC to calculate Total Cost of Ownership of 2.3 Petabyte of storage. Reduced the storage costs by 56% ($1.2 Million) when compared to the original deployment of non SDN methodology. Replicated the same low cost design for 36 various client companies and customers to realize huge cost savings over traditional proprietary storage hardware platforms.
  • Big data analytics for Business Intelligence was done in HADOOP, HIVE, Spark- Streaming, PIG-LATIN, MapReduce, and COGNOS BI.
  • REDHAT OpenStack design, configuration, and deployment for cloud environments. Designed and deployed Containers to be able to commission ERP Endura application deployment in minutes instead of months. That allowed very elastic On-Demand enterprise ERP application to be able to go live for thousands of users on PC to laptops to smart phones to system z and virtual PC terminals using VMware vSphere, Puppet Enterprise, Puppet Discovery, Puppet Pipelines, & BOLTS .
  • Integrated IBM Director functionality with OpenStack BMC for Event Monitoring, GLANCE for Virtual Image Services, CHEF to build Cloud, HORIZON for Cloud Dashboard, KEYSTONE for Identity Management, RABBITMQ for Cluster Management and Messaging, SWIFT for High Availability Storage Nodes. Deployed and interfaced with IBM DataPower SOA appliances XI52 using OS such as AIX 7.2, RHEL, SLES, Microsoft 2016 server for ERP SAP HANA, PeopleSoft, Oracle, Workday security integration of Oracle IM, Oracle AM, IBM NetIQ, Microsoft Identity Management, and OKTA.
  • Queried data from OpenStack projects every .1 second and stored in Informix, Oracle, SQL and DB2 database tables to be read by IBM Director and Tivoli Identity Manager and Tivoli Storage Manager applications to provide the systems administrator or the executive Dashboards to view critical system or application information.

Confidential

Senior Systems Architect

Responsibilities:

  • Enterprise level Financials, ERP, Asset Management, Warehouse Management application integrated and deployment Applications deployed via KVM-28 , VMware ESXi , and vCenter server. Used IBM TS7700 Virtualization Engine R2.0 thru R3.2 provided modular and scalable architecture for the tape virtualization design, while allowing to better customize the system to meet particular requirements.
  • The TS7700 Virtualization Engine functionality provided 600 MB/sec peak data through put, 6 TB of high performance cache and 4Gb Confidential ® host attachments using disk cache and virtual tape library for HA and DR capabilities.
  • Designed a cluster network for High Availability and Disaster Recovery capabilities.
  • Performed Business Continuity Impact Analysis to correlate specific system components with the critical services that they provide, and based on that information, to characterize the consequences of a disruption to the system components.
  • Identified key business processes and functions, detailed documentation of mission critical operational functions, then established requirements for business recovery and determine resource interdependencies
  • Collected business requirements in JIRA & VersionOne and then converted into operations systems, applications, DevOps, Analytics, storage, virtualization in a fully integrated technical solutions architecture for a full software development and deployment life cycle of Peoplesoft, Oracle, SAP, Workday, Confidential application products.
  • Used inhouse micro clouds or public AWS offerings as Amazon EC2, S3, RDS, DynamoDB, RedShift, and NoSQL .
  • Designed multiple IBM System P server appliances using IBM AIX 6.1 and AIX 7.2, IBM Security Network IPS V. 4.0.2 for dedicated server for Layer 2 network security appliance integrating Confidential Security. Deployed these servers at the gateway and the network to prevent and block network intrusion, spyware, denial of service attacks, malicious code, backdoors, peer-to-peer applications, and new developing threats without requiring extensive network redesign nor reconfiguration.
  • Developed DR strategy, designed detailed plans for DR, then deployed and tested periodically with updates as needed using IBM z/OSMF-TEST R2.2 thru 3.4.1 . Coordinated annual independent 3 rd party review and audit of the DR plan. Developed a testing procedure using z/OSMF TEST to automate testing online and in batches. Recorded test scenarios once & replayed many times over for automation. Compared test results as part of the automated process using z/OSMF-TEST .
  • Provided Network Functions Virtualization and Software Defined Network functions using OpenStack with RedHat Ceph Storage and a spine-leaf fabric for each pod controlled through a Neutron plugin to RedHat’s OpenStack Platform.
  • Developed detailed data architectures for OLTP and OLAP configurations and also merged the two configurations to provide temporary tables for on the fly transaction and for analysis at the same time. Developed data warehouse and backup/recovery methodology using Oracle and IBM databases DB2, IBM IMS, and IBM Informix. Application servers were CICS Transaction Server for z/OS and IBM WebSphere. Configured and deployed and mentored junior staff on various IBM Tools for Database administration:
  • Information governance
  • Performance management
  • System management using z/OS Managment Facility & IBM Director
  • Transaction management
  • Backup and recovery
  • Data replication
  • Database change management
  • Testing and migration management using z/OS MF-TEST
  • IBM Rational Test Virtualization Server
  • Utilities management
  • Used zEnterprise tools to improve deployment and transaction work loads' efficiency. CICS Interdependency Analyzer for z/OS for dynamic discovery tool to understand the relationships, dependencies and flows of CICS applications. CICS Deployment Assistant for z/OS: to provide a centralized model of your CICS infrastructure to improve data discovery using a policy-driven engine to accelerate deployment of new CICS capabilities. CICS Performance Analyzer for z/OS: for off-line reporting tool to help tune and manage CICS systems. CICS Configuration Manager for z/OS: To administer and maintain CICS resource definitions. Provided detail audit, reporting and lifecycle change management control facilities to support the build, management and deployment of complex mainframe CICS applications.
  • SailPoint IdentityIQ deployment and configuration for a comprehensive system, application, field within an app, PC, smart phone, datacenter to a rider in the elevator access control. SalePoint IdentityNow interfacing Single Sign-on, PW Management, Provisioning, Access Certification features with Confidential Security. Dramatically reduced the security concerns and increased the average detection time from breach to detection to under 11 seconds. Completely denied unauthorized access to internal users based on role and predefined criteria.
  • Reviewed various products from Cisco, Broadband, A10 Networks, Big Switch Networks. Recommended BigSwitch’s Big Cloud Fabric for software-defined networking controller software managing Cisco and Dell switches.
  • Integration of Confidential Security module to SAP Governance, risk, and Compliance v. 7 thru 10, SAP GRC Access & Process Control, Risk & Fraud Management modules to be able to provide a fool-proof proof access and risk management environment from full enterprise system using hand-held device to laptop to workstation to mainframe terminals.
  • Provided comprehensive integration of ERP applications in a Cluster Server deployment with backup and shadow servers for architected and designed the schema for SAP HANA, Oracle, DB2, Informix, SQL, HyperSQL databases available online on demand for clustered application load balancing in a scalable environment.
  • Deployed integrated Security modules with IBM NETIQ Novell Identity Manager 3.6.1, IDM 4.0.2, and IDM 4.5 versions for RHEL 3, RHEL 5, RHEL 7, SLES 9, SLES 10, and SLES 11 on LINUX and also AIX 5, AIX 6.1, and AIX 7.2. Extensively configured and deployed Identity Manager engine, One SSO Provider (OSP), Identity applications, Identity Reporting, Designer for Identity Manager (Designer), and Identity Analyzer on both .Net 2.0 thru 4.5.2 and Java 1.4 thru 1.7 versions for various clients. Deployed IBM DataPower SOA Appliance XS40 for Security management services.
  • Performed NetIQ configuration, deployment, and maintenance tasks and provided troubleshooting, repair, and escalation of problems for the NetIQ Identity Manager Center computing environment
  • Provided preventative measures for proactive monitoring and initiated self - healing capabilities to limit outages that impact service delivery
  • Documented the current existing architecture of NetIQ and developed any user guide and operating procedures.
  • Performed User ID Administration Activities using the NetIQ Identity Manager Application
  • Extensively used Identity Manager's integration modules for common customer systems to develop and deploy a comprehensive High Availability system in a Cluster Application Server configuration. Extensively used the tools such as eDirectory, Microsoft Active Directory, LDAP v3 Directories, Novell GroupWise, and Lotus Notes as every deployment was unique and custom configured.
  • Integrated IBM Tivoli Access Manager R 3.1 thru 8.0 and IBM VTS TS7740 and TS7720 for ERP apps and Oracle Access Manager on client deployments and stitched together an enterprise wide solution consisting of a wide array of heterogeneous systems as enterprises and companies merge or spin off etc.
  • Provided hands-on technical infrastructure planning, design, acquisition, configuration, deployment, and maintenance using IBM zEnterprise BC12 servers with z/OS & z/VM, IBM System p & System x servers with AIX & RedHat Linux or Windows Server, IBM Power 795, AS/400, SUN SPARC Enterprise T5440 with SUN Solaris, IBM Tivoli TS4500 using Linear Tape-Open Ultrium 6 drives, Tivoli TSM, IBM VTS, TS7720, TS7740, Tivoli IDM, Oracle AM, Microsoft Active Directory Federated Services, IBM Security Server RACF, CA ACF2, CA Top Secret, Novell Access Manager, EMC ViPR using ScalelO and VMware vSAN.
  • Used ScaleIO for Storage design and optimization to transform the server and storage performance and address the system's critical needs. Capitalized on the advantages from the ability to manage bandwidth consumption & eliminated application "hogging", to innovative data backups with unique writeable snapshots which may be recovered or restored on the fly.
  • Performed detailed analysis of the business processes, internal control risk management, IT controls and how they conform to the related standards including SOX, HIPAA, HITECH ACT, Internal Revenue Code, Public Health Service Act, and Affordable Care Act.
  • Evaluated and analyzed complex business and technology risks, internal controls, risks, and related opportunities for internal control improvement to develop visible demonstrable evidence to show that compliance requirements and standards are met for HIPAA, SOX, IRS Code, Public Health Service Act, and Affordable Care Act, and HITECH Act 26 CFR 54.9801 - 5, 29 CFR 2590.701 - 5, and 45 CFR 146.115.
  • Played a key role in winning over client employees to have 'TOTAL OWNERSHIP' of the goals to make sure a culture of compliance is created in an organization to be able to continue the compliance atmosphere and improvements.
  • Developed methods, tools, guidelines, user manuals, and training material to support consulting service offering for the industry projects in Security, Big Data, Infrastructure, Cloud, and Data Center design and deployment.
  • Designed and developed a custom appliance using Splunk Enterprise SEIM solution on an Intel server with RedHat OS to capture, index, and correlate real-time machine data in a searchable repository from which generated graphs, reports, alerts, dashboards, and visualizations of events to take quick decisions for Intrusion Prevention.
  • Evaluated current business practices and then generate innovative new ideas to challenge the current practices.
  • Provided hands on Architecture, Design, and Configuration of technology-based tools or methodologies to implement SIEM, ERP, WMS products and services for key Confidential clients using PeopleSoft, SAP, Workday, Oracle, JD Edwards, custom AS/400, CICS, DB2, Informix, OS/390 applications in government, manufacturing, services, defense sectors using:
  • IBM Tivoli Access Manager R 3.1 thru 8.0
  • IBM Tivoli Storage Manager R 4.1 thru 7.1
  • IBM Virtual Tape Server R2.0 thru R3.2
  • IBM TS7720 IBM TS7740 IBM TS7760
  • Tivoli Service Automation Manager
  • Oracle Access Manager R 6.2 thru 11g
  • Novell Access Manager 2.0 thru 3.1
  • CA ACF2 R 6.1 thru 14.1 for z/OS
  • CA TOP Secret R12 for z/OS CA ControlMinder CA SiteMinder CA AuthMinder
  • IBM Security Server RACF for z/OS & OS/390
  • Hitachi Password & Identity Manager R 5.1 thru 8.2
  • Performed detailed Identity and resource management tasks in the areas of Role-Based Access Control Security, Single Sign-on and Single Sign-off using Lightweight Directory Access Protocol (LDAP) and stored LDAP databases or temporary tables on servers.
  • Enterprise Directory Architecture and Design using Identity Federation and Microsoft ADFS.
  • Developed directory schema, namespace and replication topology for documentation and implementation.
  • Provided Resource Provisioning using Tivoli Service Automation Manager and developed functional and technical configuration documentations for REST Web 2.0 API, Tivoli Service Request Manager, Tivoli Process Automation Engine Maximo, Tivoli Provisioning Manager to run workflows to automate deployment of software.
  • Experienced managing projects through the full system development lifecycle and maintenance.
  • Developed comprehensive version release plan and strategy and provided hands on troubleshooting and development of software patches, drivers, and Database Independence Layers using IBM AIX 5.3, AIX 6.1, RHEL 5, RHEL 7, SLES 10, SLES 11 Unix and Linux OS.
  • Developed Identity Management strategies based on events, time, roles, geographical locations, team and group provisioning, role reassignments, and precondition triggers for policies.
  • Well versed in planning, design, and deployment via detailed architectures and implementation plans for High Available clustered deployments for online production application servers and shadow servers for load balanced environments. Selected and deployed Oracle-SUN, IBM System p and System z, HPUX, Amazon Machine Image servers.
  • Lead business requirements gathering and translating those into system requirements
  • Facilitated business process design to relate that to managing identities and access privileges.
  • Developed identity management governance plans for applications and Big Data for the user groups from departments, to divisions, to business units, to multi-national corporate environments.
  • Well experienced writing proposal, statement of work and developing pricing models.
  • Leading the design discussions to create design goals then architect the system and develop working prototypes either in house or at IBM Design Center to provide proof of concepts and then driving project phases to closure and finalization. Responsible for test execution working with QA teams located in Dallas, India, Dubai, and Philippines.
  • Developed and validated user migration strategy and cutover strategy using 'best practices' and various scenarios to pick from by end user customers.
  • Designed and configured commodity non branded hardware white box into shared storage available and deployable on demand via Software Defined Storage methodology tool using EMC ViPR and VMware vSAN.
  • Designed and developed a method to not only backup the OS, Applications, and the data files but also back up the Storage Configuration to know (during disaster recovery) how many disks are on the system, partition table structure, logical Volume management, and the file system. That methodology allowed to recover the system on dissimilar hardware system and also allowed Physical to Virtual, Virtual to Physical, and Virtual to Virtual migration or recovery environments.
  • Used IBM Spectrum Scale to provide scalability, flash accelerated performance, policy based storage tiering from flash to disk to tape media. This data and file management solution is based on IBM General Parallel File System which allows for the global data to be locally stored near the users or applications which need to use it quickly.
  • Performed a design evaluation cost analysis of Software Defined Storage from EMC and IBM vs Proprietary Hardware Storage from IBM, Oracle/SUN, and EMC to calculate Total Cost of Ownership of 2.3 Petabyte of storage. Reduced the storage costs by 56% ($1.2 Million) when compared to the original deployment of non SDN methodology. Replicated this learned lesson for the same low cost design for 22 various client companies and customers to realize huge cost savings over traditional proprietary storage hardware platforms.
  • REDHAT OpenStack design, configuration, and deployment for cloud environments. Designed and deployed Containers to be able to commission ERP Endura application deployment in minutes instead of months. That allowed very elastic On-Demand enterprise ERP application to be able to go live for thousands of users on PC to laptops to smartphones to system z Mainframe and virtual PC terminals
  • Integrated IBM Director functionality with OpenStack BMC for Event Monitoring, GLANCE for Virtual Image Services, CHEF to build Cloud, HORIZON for Cloud Dashboard, KEYSTONE for Identity Management, RABBITMQ for Cluster Management and Messaging, SWIFT for High Availability Storage Nodes.
  • Queried data from OpenStack projects every .1 second and stored in Informix, Oracle, SQL and DB2 database tables to be read by IBM Director and Tivoli Identity Manager and Tivoli Storage Manager applications to provide the systems administrator or the executive Dashboards to view critical system or application information.

Senior Infrastructure Architect

Confidential

Responsibilities:

  • Full Systems Hardware & Software Development Life Cycle responsibilities. Lead a team of 6 software engineers and provided end customers of FourGren and Endura ERP Software users, hands-on technical infrastructure hardware planning, design, acquisition, configuration, deployment, and maintenance using JAVA servlets, JAVA applets, IBM zEnterprise BC12 servers, System p Power 795, SUN SPARC Enterprise T5440, IBM Tivoli TS3500 using Linear Tape-Open Ultrium 5 drives, and VMware. Developed a MS Windows based tool written in C++ to calculate capacity planning for IBM System z architecture consisting of z/OS, z/LINUX for SLES, REDHAT, OpenBSD, and NetBSD.
  • Tivoli Identity Manager and Tivoli Storage Manager configuration and maintenance. Designed HA and DR systems to be deployed in a grid cluster located across the state or the continent.
  • Interviewed department heads, end users, and consulted with Sarbanes-Oxley compliance teams to set up the roles, policies, and Workflow.
  • Deployed inhouse micro clouds or public AWS offerings as Amazon EC2, S3, Oracle, DB2, and Informix.
  • Developed detailed data warehouse and backup/recovery methodology using Oracle and IBM databases DB2, IBM IMS, and IBM Informix. Application servers were CICS Transaction Server for z/OS and IBM WebSphere.
  • Tivoli Identity Manager setup configuration of Roles, Policies, Services, Workflow, and app server installation. Installed adapters for Exchange, Notes, SAP, Informix, Confidential, and Oracle DB.
  • Integrated Confidential Security module with SAP GRC, Access & Process Control, Risk & Fraud Management to provide the end users a seamless interface within SAP environment instead of having to use two separate systems.
  • Web and Network access management using Novell Access Manager (now NETIQ).
  • Provided Web and Federated SSO
  • Protected HTTP/Non-HTTP enterprise servers
  • Provided SSO to Legacy Web Servers. That allowed customers to extend and develop Authentication Mechanisms using Authentication SDK, Authentication against Custom User stores using LDAP Server Plugin, and Policy Engine using Policy Extension API.
  • AIX 5.3, AIX 6.1, Redhat RHEL 3 thru RHEL 5 and SLES 8 thru SLES 11 Architecture, Configuration and Deployment
  • Designed and Architected schema for IBM DB2, Informix DB, Oracle DB, SQL, HyperSQL, including in-memory database
  • Provided hands on disaster recovery expertise and system deployment for physical and virtual servers either in our own data center or Amazon Machine Images or IBM Cloud hosting services.

Engineer- Security and Data Architecture

Confidential

Responsibilities:

  • Tivoli Identity Manager and Tivoli Storage Manager configuration and maintenance. Interviewed department heads, end users, and consulted with Sarbanes-Oxley compliance teams to set up the roles, policies, and Workflow.
  • Tivoli Identity Manager setup configuration of Roles, Policies, Services, Workflow, and app server installation on AIX and zOS and later migrated to OpenBSD v.4 and SLES v8.
  • Installed adapters for Exchange, Notes, SAP, Informix, Confidential, and Oracle DB.
  • Integrated Microsoft Forefront Identity Management & Forefront Security for Share Point, Novel NAM, Tivoli security features into Confidential Security from NetBSD, including IPsec - for both IPv4 and IPv6 -, a file integrity system (Veriexec), a kernel authorization framework (kauth(9)), exploit mitigation features (PaX), disk encryption (CGD), and other internal kernel bug detection features such as KMEM REDZONE and KMEM SIZE.
  • Provided remote and on-site client and customer project management and code re-development to remove the Y2K DATE CODE bugs from the programs and applications for the ERP software packages including Oracle Apps, PeopleSoft, Confidential, Endura and others.
  • Using development environment including Oracle DB, DB2, Informix 4gl, PLSQL, Java, and C++ for application development cycle DevOps from concept, development, testing, and deployment module by module version control in sand box, test, and production servers including shadow servers and load balance servers including IPv4 devices.

Systems Design Engineer

Confidential

Responsibilities:

  • Designed, developed, and deployed corporate IT infrastructure consisting of HP and SUN Solaris servers, IBM System p, System z, CISCO routers and switches, and EMC Storage.
  • Provided hands - on systems administration for Windows and Unix OS systems.
  • Provided Y2k DATE CODE bug fixes and solutions consulting practice to end clients deploying Oracle Apps, WebSphere, Confidential, SAP, and PeopleSoft.
  • Developed quick and replicated methods to identify and locate the 2 digit year vs.
  • 4 digit year date code bugs in thousands of programs and functions consisting of over 13 million lines of code. Provided remote and on-site client and customer project management and code re-development to remove the Y2K DATE CODE bugs from the programs and applications for the ERP software packages including Oracle Apps, PeopleSoft, Confidential, Endura and others.

We'd love your feedback!