We provide IT Staff Augmentation Services!

Program Leader Resume

3.00/5 (Submit Your Rating)

SUMMARY

  • Seeking technically challenging leadership role in an enterprise that seeks highly motivated, result oriented individual.
  • Exceptional Enterprise Technology and Security Architect and Leader with 18 years of experience designing, building and leading IT solutions. Progressively played various roles as Developer, Technical Lead, Technical Project Manager, Application Architect, Solution Architect and Enterprise Architect.
  • Expert in developing actionable IT strategies based on business objectives, cost management and managing in - house and off-shore technical resources.
  • Highly regarded for innovation, technological competence, setting and achieving goals, conceptual and analytical skills, organizational skills and strong user involvement.
  • Superior communicator capable of influencing diverse groups including senior/executive management, building trust and consensus toward corporate goals and objectives.
  • Good understanding of Finance, Insurance and Managed Care business and related federal regulations and standards (HIPAA, SOX, PCI, DIACAP, etc.).
  • Specialties include:

TECHNICAL SKILLS

  • IT Security Architecture (Gartner, SABSA)
  • Enterprise Architectural Frameworks (TOGAF, Zachman)
  • Threat Risk Modeling, Risk Analysis (STRIDE, DREAD)
  • Security Risk Analysis and Audit (NIST 800-30)
  • Identity and Access Management, Single Sign-On, Federation (NIST 800-63)
  • Privileged Identity Management
  • Web Application Security and Source Code Analysis
  • Penetration Testing
  • Service Oriented Architecture (SOA)
  • Object Oriented Methodology and JEE
  • Project Management (SDLC and Agile)
  • SAML, OAuth, OpenID, XACML, SPML, WS-* including WS-Security, WS-Trust, PKI.
  • Oracle Identity Management, SiteMinder, Confidential Tivoli ITIM, ITAM, RSA Federated Identity Manager, Ping Identity, OpenAM.
  • CyberArk, Venafi, RSA Key Manager.
  • Zed Attack Proxy (ZAP), Wireshark, nmap, tcpdump, Sqlmap, Nessus, Cain & Abel.
  • Java, EJB, POJO, Struts, Servlet, JSP, Portlet, JMS, Web Services/ SOAP, RESTful Services.
  • C#, ASP.NET, WCF, jQuery, WIF.
  • Active Directory, Oracle LDAP, Virtual Directory, Oracle DB
  • Rational Rose, Visio, Jude
  • Microsoft Office Tools, Microsoft Project, Visio, Excel, Power Point, PVCS Tracker, MS Share Point

PROFESSIONAL EXPERIENCE

Confidential

Program Leader

Responsibilities:

  • Lead 3 squads with15 people in different geographic locations. Helped squads migrating into Agile culture.
  • Defined strategy to select targets for Penetration Testing that would reflect security posture in various Business Units.
  • Defined metrics to quantify squads performance in terms of risk identified, risk mitigated through coordination with Asset Owners. Developed communication structure with the help of Governance to mitigate risk identified.
  • Championed use of IAST tool (Contrast) by development teams in pilot environments. Compared results with DAST ( Confidential AppScan).
  • Performed Risk Analysis and worked with Vendors to resolve issues.

Security Architect

Confidential

Responsibilities:

  • Helped Confidential to choose Identity Proofing, Bot-net Protection and Application Security Solutions.
  • Guided the team to adopt NIST 800-63 standard, especially to use Identity Assurance Levels.
  • Provided Framework for Threat Modeling based on STRIDE and Residual Risk Calculation.
  • Applied the Threat Modeling Framework to Registration Services to enumerate threat and provided recommendations to mitigate risks.
  • Worked on Privacy Impact Analysis due to changes to Registration Services.
  • Lead workshops to re-write authentication standard to link information classification, exposure, identity assurance, federation assurance and authenticator assurance levels.
  • Reviewed changes to Enterprise Architecture Capability, Security Technical Reference Model and Road-map documents based on TOGAF that resulted a tactical project to augment registration service with identity proofing, bot-net detection capabilities and strategic projects such as tagging identities with assurance levels.

We'd love your feedback!