SUMMARY

• Highly motivated Cyber Security Professional with 10 years of expertise in Identity access Management, which includes Application Onboarding and Privilege Access Management (PAM), for various Financial Services, Banking and Telecommunication projects.
• Provided expertise in deployment of tools for IAM domain for provisioning, Lifecyle Management, Recertification, RBAC and privileged access management.
• Knowledge and some experience on other Info security and Cyber security domains such as Enterprise Netowrk, Data Protection, Data loss prevention, Application security, Cloud security, Monitoring and Threat intelligence.
• Lead the IAM and Risk teams into managing, implementing and administration of identity process across IAM Domain.
• Expertise in developing documents such as Business Requirement Document (BRD), Functional Requirement Document (FRD), Software requirement specification (SRS), Test plan, Remediation plans, Standard operating procedure (SOP), training documentation and transition planning.
• Coordinated and developed monitoring controls on ACF2, RACF mainframe App2App accounts and Performed KEON remediation of personal accounts.
• Identified policy definitions for privileged accounts on tools such as Breakglass, NPUM, and Power broker using both manual and automated password management techniques.
• In dept knowledge of technology platforms such Mainframe, Windows, Unix, Active Directory, Databases and security platforms such as LDAP, Active directory, OUD, eDir, ACF2, RACF, KEON.
• Developed and supported documentation solution using SharePoint - Wiki and Confluence to help team gear up for a tough remediation timeline.
• Significant experience in preparing graphical depictions of Use Cases including State Diagrams, Activity Diagrams, Sequence Diagrams, Use Case Diagrams, Component-Based Diagrams, Collateral Diagrams, including Business Workflows using UML Methodologies.
• Experience in working with cross-functional groups, different levels of management, implementing Risk Management tactics, Proposal Writing and liaison between system users, company management and development teams.

PROFESSIONAL EXPERIENCE

Confidential

Infosec Architect - IAM

Responsibilities:

• Lead Tool assessment project for IAM domain and identified requirements after intensive study of gaps in existing processes.
• Reviewed proposals from vendors for SailPoint implementation, Application onboarding and built a business case document.
• Reviewed various IAM tools such as SailPoint, Saviynt for identity governance and reviewed tools such as Ping and Okta for single sign on and Multi factor authentication proposals.
• Participated in the implementation of SailPoint and delivered architectural Conceptuals, architecture charter and represented the project in Architecture review board.
• Built and improved patterns for application onboarding, privileged access management and SSO.
• Work with domain leaders in developing long term strategy and road map for the IAM domain.
• Participated in Policy and Standards discussion with domain leads and guided towards the road map expectations.
• Initiated and executed a domain wide uplift program to categorize gaps by work streams and processes.
• Managed requirements sessions to remediate gaps within individual process and implemented best practices.

Tools: SailPoint, NetIQ IDM, NetIQ IG, SSO-NAAM, MFA-NAAF, MS-Office, Visio.

Confidential

Cyber Security Analyst

Responsibilities:

• Worked with management and LOB lead to identify and document enrichment and remediation requirements for Privileged accounts.
• Liaised with business and functional owners during risk engineering and high-level review sessions to drive and execute development plans, meeting deadlines and standards.
• Used QlikView reporting tool to create and support Inventory Reports for CCB. The inventory was developed using multiple feeds from different platforms such as Mainframe, Databases, UNIX and Windows platforms.
• Worked with Teradata and Paymentech teams to gather privileged data and action the remediation plan in war room set up.
• Executed Risk Management, Risk Assessment and impact analysis by understanding business perspectives on many remediation and operational requirements of privileged access across different businesses and platform.
• Conducted several Requirement Gathering Sessions for gaining detailed requirements and finalizing a remediation plan.
• Planned and executed remediation of large amount of accounts across multiple platforms using shared knowledge within the larger team.

Tools: Qlikview, Oracle, SQL Server, DB2, Unix, KEON, Mainframe, ACF2, RACF, Windows, Active Directory, Sharepoint, Confluence, MS Office, PowerPoint, Putty, TOAD, Visio, Adobe.

Confidential

Info Risk Analyst

Responsibilities:

• Liaised with business and functional owners during risk engineering and high-level review sessions to derive and execute action plans, meeting deadlines and standards.
• Used OIA/OIM to automate priority calculation process and remediation calculation process.
• Worked on Info view Business objects to create and support Inventory Reports for individual line of businesses.
• Implemented Risk Management and impact analysis, understanding and business perspectives on many remediation and operational requirements and issues.
• Conducted several RGS (Requirement Gathering Sessions) for gaining detailed requirements and finalizing BRD (Business Requirement Document).
• Worked on Oracle/Mysql databases to understand the migration from legacy tool to new tool.
• Elicited, gathered, analyzed, documented, and communicated requirements for logical data modeling in the system including Narratives, Data Flow Diagrams and Functional Decomposition Diagrams.
• Conducted post-launch review meetings to revisit project strengths and liabilities, and to build out better processes for future projects.
• Involved in preparing a simple and detailed User manual, Standard Operating procedure for the application, for an intended novice users.

Tools: Oracle, SQL, UNIX, OIA/OIM, Active Directory, Business Intelligence, Business Objects, SQL Advantage, Rational RequisitePro, Rational DOORS, COBIT, ISO, MS Office (Word, PowerPoint, Excel, Access), MS Visio, Adobe Photoshop, MS Project, Java, Agile, Scrum Master.

Confidential

Application Risk Analyst

Responsibilities:

• Facilitated meetings extensively with the SMEs (Subject matter experts) and stakeholders to identify ownership of functional ID’s on CISAR Citi ISA Repository.
• Owned the Integration process, to create New Functional ID’s for Access management and access control.
• Finalized all Business Requirements prioritization and attained International Stake Holders and Senior Executive Signoffs for approach, concept, development and delivery calendars for the project.
• Worked on Service now 2.0 for all Identity and Access management systems (IAM) issues to support Production Issues of Web based system.
• Created forms, templates, workflow that used SUN Identity manager and TIBCO for automation.
• Worked as a Product Administrative Analyst for the products for legacy system and raised Tickets and support using Service Now.
• Performed migration of Resolve IT to Service Now.
• Worked with Infrastructure applications that include Active Directory, LDAP and automated entire access entitlement process using SUN IDM and identity manager.
• Created Mockup Screens, conceptual modeling and prototypes of the forms in CMP before integration phase to demonstrate requirements before the form is sent for production for UAT.
• Highly involved into the approvers and resolvers for CMP forms with questionnaire, Rules, coding involve x-paths, HTML, XML mapping with web services using ISW (oracle Financials)and other application Databases.
• Facilitated WSDL Configuration for all applications associated with the project utilizing MS SharePoint web services and Other Application dependent Data and IDM implementation options.
• Coordinated and prioritized outstanding defects, enhancement requests and system requests based on business requirements allowing sufficient time to ensure accuracy and meet deadlines.
• Responsible for ensuring that the project met functional requirements and expected business benefits and was also responsible for all facets of the User Acceptance Testing process.
• Prepared End User Documentation, Proposal Writing, Training Materials, Curriculum and Schedule and Conducted Training classes, including train-the trainer, one-on-one and classroom style training.
• Provided first line Post Implementation Support to users regarding functional issues and engaged all relevant participants in Change Management activities.

Tools: VSR, CMS, ECM, CISAR, Qtips, Service Now 2.0, OIM, OIA, ISW (Oracle Financial), .Net Framework, SharePoint 2013 MS Office (Access, Word, PowerPoint, Excel), LDAP, Active Directories, HTML, RACF, XML, Java Scripts