SUMMARY:

• Data Privacy & Protection IT leader with significant IS and IT Risk Management (ITRM) consulting experience, including a proven track record of assessing and managing enterprise IS programs.
• Industry experience includes Digital Transformation experience, assisting customers with the entire API lifecycle (initiation, modeling, publishing, securing, managing), while helping them effectively engage with their developer communities.
• Experience architecting and deploying SaaS and Hybrid APIM solutions in order to help customers achieve business objectives associated with Digital Transformation.
• Significant experience managing large IS consulting practices, and regularly advising and teaming with CxO client executives to meet IT, and regulatory compliance objectives.

TECHNICAL SKILLS:

• Java
• API Management
• Web Services
• LDAP
• PKI/Cryptography
• Network Security Logging and Analytics
• UNIX
• Identity & Access Management

PROFESSIONAL EXPERIENCE:

Confidential, Tampa, Florida

API Management Managing Consultant

Responsibilities:

• APIM Consulting Services leader globally responsible for selling and delivering engagements that entail strategy definition or operational maturity
• As service offering leader, responsible for defining CA related frameworks (e.g. “ What is an APIM Program ” or “ What is a sample APIM Maturity Model")
• Hands - on implementation of CA’s APIM product, including policy development and mobile application integration
• Experience with mobile and API security and management, including Oauth, token to user to device association, API keys, and SLA enforcement
• Serve as Architect on several CA APIM implementations, including online banking strong authentication and Omni Channel solutions
• Career and personnel management of a team of globally deployed practitioners
• Responsible for meeting overall global services booking & sales objectives, including a personal quota of ~$2M across consultative and foundational offerings

Confidential, Los Angeles, California

API Management Services Sales Practice Director

Responsibilities:

• Managed a 3 member team responsible for driving all APIM Services sales globally ($10M USD during tenure in this role)
• Responsible for ~25% growth during this leadership role, attributed to a) definition of comprehensive service offerings easily consumable by global product sales group, b) creation of SOW templates and other tools accelerating scoping and sales lifecycle, and c) defining and rolling out larger dollar engagements focused around strategy/vision, DevOps/automation, and operational maturity
• Team was successfully able to build pipeline for both foundational and innovative offerings, resulting in subsequent investment by management
• Served as lead Architect in several large APIM engagements, including: a) increased operational maturity within muti-tenant APIM deployment, b) defined detailed requirements for next generation online banking authentication platform, including mobile application security and strong authentication

Confidential, Los Angeles, California

Financial Services Office Senior Manager; IT Risk and Assurance

Responsibilities:

• Personal quota in this role was $1M - $1.5M, which was consistently met or exceeded over the 3 years within EY’s FSO practice (Note: Served as Senior Manager and practice leader the entire tenure at EY)
• Supported IS functions within financial institutions, by augmenting the customer’s Chief Information Security Officer (CISO) role or consulting within a customer’s IS program. Services included IS Program maturity assessments (i.e. processes, risks, and controls), and maturity roadmaps
• Led IT audits for West Coast headquartered brokerage and banking customer, focusing on privileged access across legacy and distributed systems. Additional roles for this customer over a 3 year period, included PKI/encryption, network security, and compliance with FFIEC, GLBA and PCI regulations
• Led GLBA program definition and rollout within a large West Coast Bank, including application risk assessments, Risk and Control Self Assessments (RCSAs) and reporting and governance (e.g. Charter definition, PMO, steering committees, etc.)
• Led team of 4 EY Managers and Senior Consultants for a period of 12 months to define and execute a Program Management Office (PMO) for a large global insurance. Portfolio included critical IS related projects (~12) ranging from IAM to privileged access and data encryption. PMO’s responsibility included, technology oversight, operational readiness, organizational change management across global lines of business, communications, issue/risk management, and program financial management.
• Assisted EY leadership with executing aggressive practice growth strategies including obtaining new talent, defining and managing service offerings, and managing relationships with third parties
• Lead several security solution implementation projects, including requirements, design and deployment of SailPoint for an insurer needing to do access recertification and role management

Confidential, Los Angeles, California

Senior Manager; Security & Privacy Services

Responsibilities:

• Personal quota in this role was $1M - $1.5M, which was consistently met or exceeded over the 2 years as a Senior Manager
• Led large IAM implementation project for Federal customer in Washington DC for 1.5 years. Implementation was based around IBM Tivoli’s suite of products. Served as Lead Architect and Program Manager
• Led several IT audit teams (ranging from 2 - 4 practitioners) executing work plans across legacy platforms (zOS, AS400), network security, and logical access controls
• Assisted Confidential leadership with overall practice management, including operating the business (forecasting, increasing margins, invoicing, etc.), obtaining new talent, defining and managing service offerings, and managing relationships with third parties (i.e. helped lead vendor alliance between Confidential and RSA)
• Contributed towards innovation and thought leadership, including reusable components across our implementations, blueprint architectures, and serving as a keynote speaker at industry events (Institute of Internal Auditors and RSA-sponsored roundtables)

Confidential, Los Angeles, California

Senior Consultant & Manager; Security & Privacy Services

Responsibilities:

• Led IAM team in Atlanta for 1 year focused on IS within a large Confidential Consulting platform transformation project. Served as Lead Architect and helped run the PMO
• Lead Architect within Confidential PMO covering ~10 projects for a global financial institution in New York. Role lasted over 1 year, and included technical oversight, recommendations to project teams regarding technology choices, architectures, and global rollout strategies
• Lead developer for IBM Tivoli Access Manager (ITAM) deployment. Responsibilities included native C coding of WebSeal’s Cross­Domain Authentication Service (CDAS) interface in support of customer requirements
• Requirements, design and production deployment of IBM Tivoli’s IAM stack for entertainment customer. Subsequent implementations, included deployment of Tivoli Access Manager for Operating Systems (TAMOS) across all SoX UNIX systems. Implementation replaced decentralized sudo solution, and integrated with ITAM infrastructure for PDP and PMP functionality
• PCI readiness for large entertainment customer, including assessment and remediation services over the course of several months.
• Then served as liaison with external auditor during testing for several months leading up to the Report on Compliance
• Lead developer implementing ITAM’s SAML toolkit, including native C and Java coding in support of customer Identity Federation requirements
• Significant LDAP integration, including JNDI coding and WebSphere Global Security configuration and container-managed security
• Responsible for sales generation and support through sales cycle, including scoping and proposal generation
• Contributed towards innovation and thought leadership, including reusable components across our implementations, blueprint architectures, and serving as a keynote speaker at industry events (e.g. Institute of Internal Auditors and vendor-sponsored roundtables)

Confidential, Carlsbad, California

Software Architect, Programmer, and Professional Services

Responsibilities:

• Java architect and lead developer responsible for developing initial J2EE architecture based on STRUTS framework, and programming key modules including security components (encryption and key management, authentication, and authorization)
• Worked within professional services organization once product was GA, implementing enterprise network vulnerability scanning and reporting solutions across customers global networks

Confidential, San Jose, California

Architect/Programmer

Responsibilities:

• Developed several large websites, including confidential during Dot Com era. Served as Java Architect, and Lead Developer
• Led order management module creation as lead developer and created state full and stateless EJBs for order management and sales order creation components.

Confidential, Mountain View, California

Lead Developer

Responsibilities:

• Responsible for and developed e-Procurement system which was rolled-out across internal organizations
• Responsible for and developed client-server and web applications for internal civil servant organizations and overall center usage through Tango, PERL, and Sybase; led mainframe development