SUMMARY:

• IBM Enterprise Computing
• Data Center Migration & Consolidation
• Information Security
• RFP Writing & Preparation
• BYOD Security
• Microsoft Office 2007 & 2010
• Government Compliance - FISMA & FISCAM
• Quality Assurance & Testing
• Project Management
• Desktop Technology - Intel x86 & 64 CPU
• Mainframe - z/OS & z/VM
• Data Center Security Compliance and Audits

CORE SKILLS:

• z/OS MVS & z/VM
• Sysplex - Parallel and Basic
• RACF, Confidential & Top Secret
• TSO & ISPF
• FTP
• NDM Connect Direct
• Tivoli Access Manager
• VTAM & TCP/IP
• Firewall & Routers
• VSAM & IDCAMS
• Tivoli Access Manager
• Microsoft Windows 7 & Vista
• Active Directory & GPO
• IOF & SDSF
• Tivoli Netview
• Computer Associates ETrust
• Project 2007 Professional
• SMP/E
• SuSE Linux
• Microsoft Office 2007
• Visio 2007 Professional
• Acronis
• FDR/ABR
• Tivoli Storage Manager
• RMM
• SMF, MXG, RMF
• Tivoli Identity Manager
• CA-1
• CA-7 & CA-11
• Omegamon
• JCL
• JES2 & JES3
• Unix System Services
• DFDSS, DFHSM, ICKDSF
• IBM Global Parallel File System Platform
• CICS Transaction Server
• CICS Gateway Server
• LDAP
• CA-Compliance
• CA-Audit
• Vanguard Integrity Suite
• SAS v9r2
• SAS MACRO Language
• CA-ASM2
• CA-IDMS
• Z/OS Assembler
• HCD
• Clist
• ISPF Dialog Manager
• RAID Storage Configuration

EXPERIENCE:

Confidential, New York, NY

Principal Consultant - Information Security and Systems Engineer

Responsibilities:

• Develop technology partner relationships for research, testing and customer engagement delivery.
• Project delivery: demonstrated strong analytical skills, hands - on and proactive approach to investigating emerging technology.
• Experience working with other vendors in client setting.
• Partner resource: key consultant who fosters successful teamwork and communication with client stakeholders.
• Ability to work independently to identify and resolve issues. Emphasis on best practices and quality assurance.
• Public speaker technology conferences and vendor presentations
• Microsoft Business Partner, focus on desktop security software and Intel vPro technology.

Confidential

Information Security Engineer

Responsibilities:

• support for clients using IBM RACF, Computer Associates Confidential (project and staff augmentation).
• Knowledge referencing National Information Exchange Methodology Confidential, configuration, computer forensics best practices.

Systems Engineer

Confidential

Responsibilities:

• Maintain software configuration of IBM z/OS platform using TSO, ISPF, JCL, Assembler Language, SMP/E and vendor management tools.
• Perform configuration and customization of commercial-off-the-shelf software products and work with vendor to implement any required patches and maintenance.
• Manage highly complex hardware and software technology. Determine hardware resource requirements necessary to maintain and/or expand service levels or tune hardware and software components for optimum performance
• Problem determination SME assistance with data center and operations staff as required.
• Test and diagnose component issues with GTF, IPCS and VTAM Trace.
• Manage deployment of IBM and vendor software on z/Series processors with testing, proof of concept and activation into production mode.
• Scripting using Rexx Language, CLIST and Batch TSO. Basic SAS Programming with use of SAS MACRO.

Confidential, Livingston, New Jersey

Information Security Engineer

Responsibilities:

• Subject Matter Expert advising corporate policy and operational procedures for ensuring protection of corporate mainframe, midrange, virtual server, desktop, key technology assets and data. Enforcement of compliance measures which protect mainframe operating systems (z/OS, AS400, Linux, Unix, Windows), client production data and executable program files.
• Monitor unauthorized access and modification.
• Programming using SAS, SyncSort, DFSORT and Rexx to report on security data.
• Writing and presentations to C-level and senior management audience.
• Mentoring to junior and intermediate staff persons. SAS Programming using base SAS and MACRO developing reports of CA-Top Secret and RACF security metadata from extracted flat datasets.
• Administered mainframe's PKI management of ownership and permissions across z/OS LPAR images.
• Coordinate RACF and CA product rollouts, and contingency testing.

Confidential, Baltimore, Maryland

Subject Matter Expert

Responsibilities:

• Examined federal agency's security compliance in a large scale enterprise environment consisting of z/OS, z/VM, virtual Linux, Unix Server clusters, and Windows client desktops.
• Identified key review areas using Confidential .
• Evaluated agency security management at all mandated levels which included entity-wide (site), system, and business process application.
• Report findings identified deficiency areas, and confirmed compliance to Confidential requirements.
• Security management software consisted of RACF, Confidential and CA-Top Secret for mainframe platform.

Confidential

Responsibilities:

• Examined using RRFS, RACF database copy/merge utility software to produce a common Group tree hierarchy, SETROPTS configuration, privileged user accounts and exits. Wrote SAS v9r2 programs that examined IRRDBU00 extract files and produced ad-hoc reports of historical and live metadata isolating data ownership, permissions by group and user, SURROGATE user ids, z/OS Started Task Id configuration and CICS Transactions. z/OS upgrade of MVS, CICS, DB2, IMS and third party software.
• Provide Subject Matter Expert support for Confidential to RACF Security conversion to Confidential and ACS Outsourcing staff members.
• Used HCD, SMP/E, TSO, ISPF, JES2, NDM Connect-Direct. Subject Matter Expert for Confidential 's Confidential to RACF migration (sandbox and production).
• Support and maintain: IBM z/OS environment using SMP/E, TSO, JCL, ISPF, HCD, Assembler programming, SVC (IBM, ISV and internal), JES2, Proclib maintenance, Unix System Services, HFS, NFS, IPCS, VTAM, third party vendor methodology.
• Preplanning research with IBM and OEM vendors, create Sandbox LPAR platform, coordinate user community testing and change control deployment into production mode.
• Maintained Syslog console, SMF and Netview event log data with retention periods conforming to client information security standards.
• In a architect role, developed storage strategies with disaster-recovery measures for client firms.
• Addressed client business and technology requirements with a service level agreement approach operational databases and operating system disk storage with a solution that guaranteed recovery performance and high availability (Used FDR/ABR, DFDSS and DFHSM) for mainframe hardware, application and database backup protection as Confidential transitioned from using outsource provider to in-house operations of its storage management. worked with team using HCD to examine new z10 processor.
• Made recommendation of testing of Confidential Linux, Java, Websphere and Unix System Services applications requiring RACF protection replacing Confidential (used by outsourcing providers)

Confidential, Bloomfield, Connecticut

Responsibilities:

• Conducted infrastructure security audit technical review targeting configuration of z/OS LPAR images protected by Confidential running batch, TSO, Unix System Services, CICS, IMS, DB2, J2EE applications, Websphere and development platform.
• Constructed areas of review using technology defense in depth criteria advised by Department of Defense STIG for z/OS and z/Linux.
• Advised client to implement SAF Confidential protection of Unix System Services files, directory structure and Super user credentials, including Confidential SMF record logging.
• Submitted report of findings and recommendations to executive sponsor. reviewed SDLC cycle with development and database support teams to secure project LOB applications using new z/OS features (SAML, two factor authentication, role based access control, centralized management of entitlements).
• Modernized information security policy and procedural standards for z/Linux file system hosting Websphere, application production and development software to maintain segregation of data for a major insurance company and CMS Medicare claims provider.
• Delivered written policy and standards, within technical spec.
• Incorporated SAML as an application security best practice for JAVA API used in line of business applications
• Recommended that all Confidential files, directories and resources be fully integrated with Confidential replacing ACL protections.
• Recommended that Confidential applications integrate Confidential security standards for Confidential, encryption and secure file transfer.

Confidential, New York, New York

Responsibilities:

• Provided subject matter expertise to a Confidential corp project vendor building an entitlements solution using CA Compliance to manage more than 145 data centers running RACF, Confidential and CA-Top Secret with single-sign-on and organizational departmental function using SOA .
• Examined audit and security administrator reports showing bank's mainframe controls, including user account naming convention.
• Reviewed Rexx, Java API invocation, SQL queries and SAS programs reporting on Confidential corp security protection and metadata.
• Reviewed operational use of secure FTP (sftp) and NDM Connect Direct for data transfer.
• Contributed use case documentation for entitlements requirements definition and proposed testing.
• Evaluate single sign-on proof of concept using business role entitlements, considering corporate identity management standards.