- Enterprise Information Security & Risk Management | Cyber Security Planning | IT Strategy & Infrastructure
- A solution - focused executive with over 20+ years of demonstrated success in planning, directing and managing enterprise-wide information security, cybersecurity, IT risk management initiatives in competitive, high-risk environments.
- Proven track record of leading large-scale, complex projects for Confidential and the Financial Community, improving processes and balancing security initiatives by identifying and mitigating potential discrepancies, threats, and vulnerabilities within the system to minimize security risk.
- Strategic advisor and analytical problem-solver, instrumental in working collaboratively with clients and teams, leveraging technical guidance in building cohesive security structure and compliance plans for the enterprise to effectively address state, federal statutory and regulatory requirements. Influential leader, hands-on in building, mentoring and leading cross-functional teams to achieve organizational goals and implement projects on-time and under budget.
AREAS OF EXPERTISE:
- Product Design & Life Cycle Management
- Enterprise Network & System Security
- System Architecture
- Business Continuity & Disaster Recovery
- Continuous Process Improvement
- Project Planning & Execution
- System Security Design & Implementation
- Information Risk Metrics
- Total Quality Management
- Team Leadership & Training
- Budget & Fiscal Management
- Demand Flow Technology
- Consulting & Solution Advice
- Security Audit & Compliance Assessment
- Regulatory Compliance
Senior CLOUD SECURITY Enterprise ARCHITECT Manager
- Slashed technology cost by 40% through robust infrastructure design, process restructuring, and improvement.
- Directed and executed large-scale, complex information and cybersecurity projects within budget and time constraints.
- Rendered global leadership in the successful implementation of Information, Cyber Security, Standers across the company, providing in-house training to staff and senior management across Europe and Asia.
- Expanded company products across the globe; developed and implemented new technology enabling the Sales Force to better provide clients with produces and financial information.
- Mitigated potential risks and vulnerabilities within the system through vulnerability management, threat intelligence, incident response and processing of all cybersecurity-related tickets.
- Drove continuous improvement facilitated recommendations to mature programs by developing and reviewing operating procedures and processes for initial standup of Cyber Security Operations.
- Led the implementation of the industry-standard security framework, regular assessments against framework, setting and maintaining targets to achieve maturity.
- Conducted rigorous Cyber Security Architecture reviews and Information Risk Assessments; provided subject matter expertise, strategic guidance, and security oversight for various initiatives including customer engagements and corporate projects.
- Provided guidance on industry best practices, regulatory compliance, and security assurance as it relates to Corporate Security Policies, Procedures, and Standards while architecting private and public cloud services.
- Working with government systems and authorities operate (Fisma, FedRAMP) architecture/designs in Public cloud architecture and design. with Business intelligence and analytics oriented, work to implement security and compliance best practices.
- Working with security tools (IAM, vulnerability remediation, sniffers, log correlation tools)
- Discover and Analyze the drivers motivating a client to move to the Cloud and present findings and observations.
- Discover the current state of the client infrastructure and applications and present findings and observations related to readiness.
- Discover the current state of the client IT organizational structure and present findings and observations related to readiness.
- Discover at a high level the current state of the client IT related processes and present findings and observations related to readiness.
- Develop and present end state Cloud Architectures based on the current state discovery.
- Develop and present detail Roadmaps and plans to transition to the defined end state Cloud architecture.
- Offer CenturyLink integration opportunities for non-Cloud assets working with CenturyLink teams to maximize the client opportunity.
- Build the business case for moving to the cloud.
- Analysis of current IT depreciation schedule and how it can be maximized related to Total Cost of Ownership via cloud services.
- Work with the client to develop the Cloud TCO / ROI analysis / and Funding requirements.
- Assist in the development of internal communication plans to enable adoption.
- Assist in the development of required organizational processes and structure for Cloud adoption and management.
- Analysis of current SLA’s if applicable and offer observations relevant to a Cloud deployment.
- Assist in the development and training of client personnel for adoption and management of Cloud assets.
- Offer the development of a Cloud Center of Excellence (CCOE).
- Assess change management processes for cloud applications.
- Evaluate on-boarding cloud operations tools.
- Offer candidates for retirement given deployment of Cloud architectures and related processing.
- Document a plan for future scalability and innovation using cloud infrastructure
- Serve as an Advisory Consultant / Pre-Sales Engineering / Solutions Architect to advise their customers/clients on various topics within the security space and help the sales team close deals, In the client/customer locations
- Create state-of-the-art solutions leveraging various cloud-based security solutions cutting across Infrastructure, Application and Data
- Create tailor made solutions based on customer’s business and technical security requirement, design processes and systems integrations requirements.
- Execute and deliver engagements cutting across cloud security lifecycle of strategy definition, architecture, design and implementation spanning across multi-cloud environment in line regulatory and standards like PCI-DSS, SOX, HIPAA, GDPR, ISO, FISMA, etc.
- Provide customers with strategies, experiential learning and innovative solutions in area of cloud security
- Conducting assessment spanning across cloud readiness, cloud security maturity
- Contribute and maintain a showcase of cloud security solutions covering public (AWS, GCP) cloud and hybrid cloud platforms
- Build and orchestrate cloud security strategy plans and roadmap in line with cloud security framework and industry best practices
- Mentor, guide and support cloud security management group share best practices, solving specific business problem differently from knowledge and experience
- Supporting Marketing events - conferences, customer demos, capability show case, webinars, etc.
- Architect application development, configuring technologies such as Docker/ Containers, Kubernetes and PCF to automate the provisioning of environments using Terraform, Ansible and other tools etc. Working with Azure SQL, Azure API Management Azure AD, Oauth, Open ID Connect, Azure DevOps Pipeline, Azure Resource Management, Azure Powershell and Azure CLI
- Supporting technical concepts, effort estimations and feasibility studies work with Agile (Scrum/Kanban) and SDLC methodologies analytic and problem solving, experience in DevOps tools (Jenkins, TeamCity, Maven, Docker, Kubernetes, Ansible, Nexus, Sonar, Fortify, Confluence, Flow JIRA, Elastic Search Tool Stack, Splunk etc.), Testing/test automation tools such as Selenium, Robot Framework, JMeter, Cucumber etc. Configuration Management & CICD)/ Cloud & PAAS:, programming languages (Python, Go, Java, etc.) pen-source configuration, orchestration, and CI/CD tools.& technologies such as Prometheus, Grafana, AppDynamics, Dynatrace, Splunk. Handling large numbers of diverse systems with configuration management systems like: Puppet, Chef, Ansible, and Salt.
- Built clients Cloud Migration projects, technical architect role using service and hosting solutions such as private/public cloud PaaS and SaaS platforms, in application portfolio rationalization and migrating large scale enterprise application to cloud platform PaaS, SaaS
- Architecting and designing technical solutions for Microsoft-centric solutions based on industry standards using (Azure) IaaS, PaaS and SaaS capabilities.
- Implement and deploy applications to Azure PaaS services like App Services, Storage Services, Serverless code, Containers, APP Gateway, API Management, design Solution using Containers, Microservice, API complete with Angular, MVC, ASP.NET, C#, Microservice, WebAPI with DevOps tools like Azure DevOps, Jira and IaC ARM, Ansible etc. and manage end-to-end application lifecycle management multi-geography, multi-tier service design and management with any claims-based authentication (SAML/OAuth/OIDC), MFA, JIT, and/or RBAC / Ping etc.
ConfidentialSECURITY Enterprise ARCHITECT
- Architecting & designing solutions on Big Query, python on GCP
- Work with Solution Cloud Sales Forces/Technical Account manager/Solutions engineer, to Identify Sales Accounts with Vertical Sales & GCP PDM/Vertical Teams
- Managing White Board sessions, customer meeting, writing solutions to client
- Engage customers in GEBU and Cloud Level 1 conversations across all propositions
- Present the customer GEBU and Solutions desk
- Identify customer needs, Conduct cloud days, Proposal review, commercial modeling
- Manage the Sales proposal, Win Themes, Competitive differentiation, Orchestrate with Solutions and Bid teams, and GCP alliance+ PDM teams for support as needed, Involved in RFP
- Performance tuning on Big Query and working with Cognos & clients handling with offshore team coordination
- Docker, Kubernetes, Apigee, Cloud SQL, Microservices, Cloud Migration Architect, Big Query, Google Kubernetes Engine, Cloud Functions, Cloud DataProc, Cloud Dataflow, CloudFormation
- Work with Google Cloud Discover and Analyze the drivers motivating a client to move to the Cloud and present findings and observations, Discover the current state of the client infrastructure and applications and present findings and observations related to readiness, Develop and present end state Cloud Architectures based on the current state discovery.
- Develop and present detail Roadmaps and plans to transition to the defined end state Cloud architecture Work with the client to develop the Cloud TCO / ROI analysis / and Funding requirements Assist in the development of internal communication plans to enable adoption Assist in the development of required organizational processes and structure for Cloud adoption and management Evaluate on-boarding cloud operations tools Offer the development of a Cloud Center of Document a plan for future scalability and innovation using cloud infrastructure, use Google Cloud Console and the command-line interface to perform common platform-based tasks to maintain one or more deployed solutions
- Setting up a cloud solution environment Planning and configuring a cloud solution Deploying and implementing a cloud solution Ensuring successful operation of a cloud solution Configuring access and security
ConfidentialSECURITY Enterprise ARCHITECT
- Configure and manage Identity and Access Management (IAM) in AWS
- Cloud Security Monitoring Tools Cloud Checkr, Qualys Cloud Platform Symantec CloudSOC Cloud Access Security Broker (CASB), AWS services like, S3, Scala AWS ((Dynamo DB, ECS, EC2, SSM) SQL query Jenkins Docker
- Symantec Secure Web Security Services (WSS)
- Cloud Security Compliance
- Assessing client’s workloads and technology landscape for Cloud suitability, develop business case and Cloud adoption roadmap
- Work on the alerts from SIEM (IBM QRadar, Splunk) on Qualys Cloud Platform
- Work with a back-end scripting language - Java, Node, Python
- Regulatory compliance requirements and their impact on data security / data residency
- Identity and Access Management
- Technology solutions applicable for Data Security PKI, Database Encryption, Database Activity Monitoring
- Includes accountability for all areas of security with freedom to influence and shape the program as I see fit. Responsible for; IR, VM, Threat, AppSec, GRC and protection of user and customer information. Full oversight of regulations and compliance aspects (e.g. GDPR, CCPA, PCI, SOX), and consumer privacy. In addition, I have management responsibility for Cloud Security and Data Security SMEs in support of the Digital Platform technology environment of Confidential business clients, I report directly to the SVP & CISO, of that area and work to collaboratively and effectively with Global Information Security
- Experience in defining new architectures and ability to drive project from architecture standpoint
- Use best practices and market trends pertaining to Cloud and overall industry to provide thought leadership (seminars, whitepapers etc.,) and mentor team to build necessary competency
- Ability to quickly establish credibility and trustworthiness with key stakeholders in client organization
- Provisioning and spinning up AWS Clusters
- Build scalable production systems (load balancers, Memcached, master/slave architectures)
- Monitor and analyze the Software Development Life Cycle (SDLC) concepts and practices, providing application security guidance to development teams working on Agile/Scrum and Waterfall development projects.
- Consistently maintain awareness of all known vulnerabilities in application technologies used within the company.
- Review comprehensive information security and cybersecurity program, including practices and procedures, the incident response plan and regulatory requirements; deliver recommendations to enhance programs to meet industry standards.
- Critically review information security controls and practices of critical or high-risk vendors utilized or proposed by the company to evaluate the adequacy of their programs and to mitigate potential risks.
- Led the evaluation and assessment of Platform as a Service, Infrastructure as a Service, and Software as a Services offerings to be incorporated into client-facing applications, Business Process as a Service solution, and service management solutions.
- Serve as a Cybersecurity resource and SME for a Product and Platform centric organization ensuring integration of security architecture, and governance with solutions during development.
- Regularly interact with client delivery teams to ensure adherence with Cognizant’s corporate information security architecture, policies, procedures, baselines, and guidelines. Leveraged technical capabilities to provide security governance over complex applications and projects while articulating multifaceted security concepts to non-technical audience.
- Engage with resources across governance, compliance, and technical architects during the lifecycle of a project, supporting the sales cycle, to interact with prospective clients and client teams to provide security assurance, guidance, and advisory.
- Experience architecting end to end cloud solutions for complex enterprise applications.
- Hands-on, advanced experience architecting, engineering and managing cloud solutions on AWS, Google, Azure Clouds and Microsoft AI Platform.
- Experience designing, building and maintaining high performance and highly scalable distributed systems in the cloud.
- Strong knowledge of Cloud architecture and implementation features (OS, multi-tenancy, virtualization, automation orchestration, elastic scalability).
- Establishing and managing cloud-based file and object storage (Amazon S3, Google Cloud Storage) with data archiving, backup and disaster recovery to the cloud.
- Establish and build automation for cloud infrastructure through tools such as Terraform, Ansible and CloudFormation Deliver continuous integration and continuous delivery pipeline and standards by enabling common DevSecOps tooling in cloud environment and providing development teams with the ability to execute builds, run tests and deploy in automated fashion
- Integrate with existing tool sets and automation, logging and monitoring capabilities where applicable, and integrating with cloud and third party approved monitoring and scanning tools
- Automate data ingestion and storage by leveraging tokenization capabilities and building standard automation for common use cases of moving and storing data of common types
- Collaborate with cloud governance and security teams to establish key guardrails for adoption of cloud while ensuring that all guardrails are either enforced through automation and/or have monitoring and alerts if any deviations have occurred
- Build and automate highly available, elastic and secure cloud-based infrastructure to support the needs of the client workloads.
- Work with infrastructure automation languages such as Shell Scripting, Python, Golang, etc. and with general purpose programming languages such as Java, C, Scala, Python, Erlang, Docker, Swarm, Kubernetes, Cloud Foundry, etc. configuration management software such as Ansible, Puppet, AWS SSM, etc., using code tool-sets such as CloudFormation, Terraform and Cloud, Deployment Manager, working in an agile team oriented environment using Serverless technologies such as Lambda, Google Functions and Azure Functions and AWS Connect.
Senior Security & Risk Manager
- Led the identification of high availability risk for NYC and other remote locations, including Building location, Systems, Applications, Communications, clients and banks that interface daily for business, service providers and Staff of each location.
Head of Technology Development
- Directed the development of new technology to be the standard platform for building the Space Station Program.
- Managed worldwide offshore resources for Confidential .
- Negotiated with scientist and government on approach and best practices and contracts agreements.