- Over twenty - five years of enterprise architecture experience, focused on identity governance and administration (IGA) and security.
- Industry expert in IGA including, very large-scale identity and access management, privileged access management and security architecture.
- Built successful delivery teams within organizations and consultancy, from transformation through to operations.
- Experience with identity and security in AWS, Azure, and GCP for compliant environments (PCI, FedRAMP, GDPR, CCPA, NYDFS, HIPAA/HITECH, NIST, and SOC2).
- Extensive enterprise applications exposure, including SAP, Oracle, and Azure/Office 365.
Senior Enterprise Architect
- Lead development of B2B and B2C identity solution as a service for global medical device manufacturer, using Azure AD SSO, Okta, and custom developed solutions
- Created an intellectual property offering based on single-sign on for multi-cloud (AWS, Azure, GCP, Rackspace, IBM, Oracle) privilege access management
- Engaged with Fortune 50 healthcare insurance firm to mature identity (Sailpoint) and directory services (Active Directory, Azure AD) and create multi-cloud IAM strategy
- Designed and deployed PAM solution for Fortune 500 insurance firm based on CyberArk technologies to support Azure and AWS identity and access management needs
Head of Professional Services
- Created identity management program to establish new greenfield identity platform on Active Directory to support enterprise wide consolidation (150,000+ users)
- Built SecDevOps team to support identity and cloud functions in 24x7, follow the sun model
- Extended corporate security and identity to AWS and Azure to enable adoption of IaaS, PaaS, and SaaS work loads (including Oauth and SAML based federation)
- Leveraged ADFS, Okta, and Sailpoint for internal and external federation with identity platform
- Lead program to establish and maintain controls to support compliance with NIST, HITECH/HIPAA, NYDFS, and GDPR
- Created incident response program and vulnerability management for AWS and Microsoft cloud and on-premises technologies
- Global Insurance Provider - Global lead for identity management and directory services and responsible for end-to-end Microsoft platform security strategy including threat detection, vulnerability management, security awareness, and system hardening.
- Telecommunications Company - Led program to design and deploy private cloud based on heterogeneous technologies (KVM, VMWare, Hyper-V) using multiple providers (OpenStack, vCenter, SCVMM) Developed and implemented cloud governance program including baseline compliance validation, automated implementation through orchestration tools and dynamic reporting.
- Healthcare Provider - Led program recovery efforts to stabilize failing data center migration project and operations around existing Microsoft enterprise infrastructure. Responsible for identity and access management, content data management, platform security, and developing controls and implementing technologies for HIPAA compliance, including DLP and data encryption.
- Global Natural Resources Company - Overall enterprise architect for design, build, and deployment of highly virtualized new data centers based on Cisco UCS, NetApp and VMWare technologies to support global SAP deployment. Responsible for system and environment hardening protocols, threat management and mitigation, and implementation of security information and event management (SIEM) system using Splunk.
- North American Telecommunications Company - Designed and deployed multiple data centers on CiscoUCS platform, virtualized and migrated servers, achieving >95% server virtualization on VMWare platform. Responsible for establishing PCI-DSS compliance for systems and implementing process and tooling to support auditing and management.
- Global Media and Entertainment Company - In support of global messaging transformation, established identity management program to build authoritative source for identities within organization of 350,000 users. Synchronized and consolidated 20 discrete directories into a single Microsoft Active Directory environment leveraging Sun Identity Management System
- Global Media and Entertainment Company - Established federation solution for both internal and external applications based on CA SiteMinder and LDAP directories.
- Global Financial Institution - Overhauled security operations processes for retail banking line of business, focused on surfacing threat indicators in ‘n-tier‘ e-commerce web application infrastructure. Deployed Microsoft System Center tools for automation of security activities, including desired configuration management of end points.
- Global Insurance Company - Designed and deployed highly available, redundant data centers to support a 99.999% application for claims and payment processing. Responsible for design and controls for PCI-DSS compliant systems within data centers.
- State Government - Designed and implemented solution to unify 19 discrete heterogeneous directory services into a single entity using Microsoft Identity Lifecycle Manager and custom development.
- State Government – Designed and implemented identity solution to support consolidation of mail and messaging services into a single, centralized entity based on Thor Xcellerate and Oblix.
Iris Financial Engineering Limited
Information Services Manager
- Responsible for managing applications, systems and network infrastructure operations for North American operations.
- Owned IAM function and all directories, including application provisioning, deprovisioning, and audit support functions.
- Creating single authority for identity based on Novell Directory Services, integrated Microsoft Active Directory using MIIS 2003 for Same Sign-On capability.