PROFESSIONAL EXPERIENCE:

Confidential

Identity & Access Management (IAM) Technologist

Responsibilities:

• Establishes and maintains IAM working relationships with all GD Business Units
• Managed & Maintained the Identity Provider (IdP), Cloud Service Providers and third - party vendor relationships
• (MS-Azure, Application Proxies, NetScaler Gateway, ADFS, Okta, Oracle Access Manager/Oracle Identity Manager, etc.)
• Performed Identity and Access Management Data Feed Analysis, Identity Sources, and Identity Relationships by accessing Federation Interfaces across the Enterprise
• Updating existing Access Management and Provisioning workflows
• Executed and track security process related activities including User ID Management
• Managed Identity operations within the Oracle/ADFS/Okta IAM environments
• Operations/Maintenance (Application/Server patching, Upgrades and Certificate Management)
• Performed Troubleshooting and Resolving Access Management and Provisioning workflow (Deep Dives)
• Managed Identity and Access Management support to business and technical teams in the design of standardized products and customized solutions
• Developed roadmaps and participate in the standards process for Identity and Access Management (IAM) solutions across GD Business Units
• Hands-on Technical Architect and expert Developer of a comprehensive IAM system that addresses the challenges of a very complex development and production environment

Confidential

Splunk ITSI/Threat Intelligence Technologist

Responsibilities:

• Assigned to the Confidential Enterprise Technology Implementation Division (ETID) PMO team supporting the Integrated Enterprise Portal (IEP) Splunk expansion program. In this capacity, designed and implemented an Operational Intelligence and Log Analytics Prototype using Splunk IT Service Intelligence (ITSI) module to streamline the Confidential IEP Incident/Problem Management process from Triage (TR) orchestration, Service Restoration (RS) facilitation, Root Cause Analysis (RCA) execution and Predictive Analytics (PA) enablement. Transformed Confidential ETI User Requirements into Splunk ITSI Use Cases. Performed technical impact assessment on IEP technology stack, Enterprise Operations (EOps), IT Operation Command Center (ITOCC) and Incident Management Branch (IMB) to determine Splunk ITSI Integration points with Confidential existing operational entities.
• Created and published numerous Splunk ITSI Log Analytics artifacts describing IEP Services, defining Key Performance Indicators (KPIs), configuring Thresholds, constructing Correlation Searches, performing Deep-Dives, creating ITSI Dashboards/Glass-Tables, setting up Multi KPI Alerts and generating complex operational Reports.
• Installed and configured multiple Threat Intelligence Platforms Anomali, FireEye, LookigGlass, Splunk Core 6.5.3/Splunk ITSI 2.4.0 on Red Hat Enterprise Linux (RHEL) 2.6.32 to monitor the IEP infrastructure components (Apache Web-Server, Red Hat JBoss Enterprise, Oracle 11g R2 Enterprise Edition, Forum Sentry Gateway, MySQL 5.7, IBM WebSphere MQ).

Confidential

Identity Access Management (IAM) Architect

Responsibilities:

• Assigned to the Chief Information Officer, Enterprise Architecture group supporting an Enterprise Identity & Access Management (IAM) Initiative that enabled Confidential employees and business partners single sign-on (SSO) access to numerous cloud SaaS Applications like Office365, NetSuite, UltiPro, Salesforce, Grovo & Halogen TalentSpace.
• In this capacity, worked directly with clients to gather requirements, document solutions & design, configure the relevant Salesforce application, and ensured successful engagements and project go-lives through disciplined project management practices.
• Additionally, designed & implemented Identity-as-a-Service (IDaaS) solutions utilizing Service Provider Cloud methodology and platforms (Okta, SailPoint, PingIdentity, Centrify, OneLogin, Microsoft Azure Active Directory Premium) in migrating production applications to a Software-as-a-Service (SaaS) environment by adhering to identity management Industry standard protocols such as ADFS, OAuth2, SAML 2.0, WS-Federation, and OpenID-Connect.
• Developed Identity Governance and Administration (IGA) — This included the ability to provision identities held by the service to target applications, and User-Provisioning
• Developed Access Control — This included User Authentication, Single Sign-On (SSO), and Authorization Enforcement
• Developed Operational Intelligence — This included logging events and providing reporting on Access Control, Alerts, Remediation and Vulnerability Assessment using Splunk ITSI Module

Confidential

Splunk Architect/Cloud Security Architect/Information Risk Officer

Responsibilities:

• Assigned to the Bank of New York Mellon Government Security Information Risk Management group supporting their Federal clients HUD/ Government National Mortgage Association (GinnieMae) and Small Business Administration (SBA). In this capacity, supported NIST/FISMA/FISCAM/RMF/FedRAMP & Cyber Security Framework (CSF) programs encompassing Vulnerability Assessment & Management, Information Security Continuous Monitoring (ISCM) SP 800-137 and Authorization to Operate (ATO) related controls & activities.
• Performed Security Assessment & Authorization (SA&A), Cybersecurity Monitoring, Malware Analysis, Threat Analysis, Network/Host Intrusion Detection, Security Operations Center (SOC), Triage, Containment, Reviewing Nessus Scans, Remediation recommendations for high risk business systems and reporting within the NIST SP-800 61r2, Incident Response Life Cycle. Designed and implemented Identity & Access Management (IAM), Single Sign On (SSO) and Log Analytics solutions using Splunk Enterprise, Splunk Enterprise Security and Splunk IT Service Intelligence (ITSI) monitoring Complex GinnieMae Production environments.
• Worked closely with the Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) and the Security Operations Center (SOC) team as an Splunk Architect in implementing a SIEM solution using Splunk Enterprise in a 24x7x365 monitoring a large-scale enterprise environment using numerous security tools such as ArcSight, Nessus, Tripwire, BurpSuite and DbProtect in operating a full-featured Security Operations Center (SOC).

Confidential

Sr. Security Enterprise Architect

Responsibilities:

• Performed Market Research, Prepared Technical/Non-Technical Presentations, Generated White-Papers, and other technical advisory activities in support of EITASIG’s solution architecture and enterprise architecture activities. Contributed and participated in FSA’s Technical Proof of Concept (TPOC) projects encompassing FedRAMP, Enterprise Content Management, Mobile Strategy, Business Intelligence in support of Architectural Review Board (ARB) and Engineering Review Board (ERB) and their activities.
• FedRAMP Compliance & Implementation (CSP, 3PAO, Continuous Monitoring, Threat & Risk Assessment, FISMA, NIST SP 800-Series)
• Enterprise Mobility Roadmap (HTML5, CSS3, WebKit, jQuery Mobile, PhoneGap, Responsive Design, IBM Worklight Mobile Platform)
• Emerging Technologies & SOA Roadmap
• Technology Standards and Products Guide (TSPG)
• Content Management System (CMS) & Collaboration (HP Autonomy TeamSite, SharePoint)
• Business Intelligence Tools Comparative Analysis & Recommendation (ETL, Data Warehousing, Data Marts, OLAP, Dashboards)
• Service Oriented Architecture & Governance (Oracle Fusion Middleware Stack)
• Virtualization using VMware Horizon View (VDI), Hypervisors, Citrix NetScaler, Citrix XenApp

Environment: Informatica PowerCenter 9.5, IBM Data Stage Warehouse Builder, Oracle Warehouse Builder, SAS/Warehouse Administrator, SQL Server Integration Services (SSIS), IBM Cognos, Oracle Hyperion, Information Builders - WebFOCUS, MicroStrategy 9.3.1, SAP Web Intelligence, IBM InfoSphere Information Server (IIS), Oracle Data Integrator, SAS Data Integration Studio, DB2 Universal Database, Oracle 11gR2, SQLServer-2012, Mainframe Legacy (IBM DB2, IDMS, CICS, VSAM, JCL, Cobol), IBM WebSphere Application Server (WAS), HP Autonomy TeamSite 8.4, Tivoli Access Manager (TAM), Tivoli Identity Manager (TIM) and MS-SharePoint.

Confidential

Sr. Security Cloud Architect

Responsibilities:

• Assigned to the Confidential, Confidential OCIO PMO technical support team implementing a Cloud Service Model by Integrating Infrastructure Services as an eCommerce Software as a Service (SaaS) Transactional solution in supporting the Sales & Marketing, Finance, Legal, Enterprise Operations & Manufacturing department. Responsible for Governance, Technical Architecture, Project Management and Systems Integration for the following functional areas: Interface Design, Business Process Monitoring, Human Workflow User Interface, Business Process Management (BPM), Connectors, Transaction Manager, WS-Security, Web-Services, Application Container, Messaging Services, Metadata Repository, Naming and Directory Service and Distributed Computing Architecture.
• JBoss Enterprise Service Bus (ESB), Oracle Fusion Middleware 11g, Oracle SOA Suite 11g, Venda Cloud Commerce Platform, MS-Active Directory Federation Services (ADFS), Security Assertion Markup Language (SAML), Single Sign On (SSO), Red Hat Enterprise Linux Server, VMware Private Cloud Solution, Cloud Lifecycle Management, Application Release Automation, Service Level Management, Dashboards and Analytics and Orchestration.