TECHNICAL SKILLS:

Technical / Functional Expertise: ArcSight, Splunk, IDS/IPS Network Packet Analysis, SOC, Team Lead, Mobile Technology, IBM WorkLight, Cloud Computing, SaaS, PaaS, IaaS, HP TeamSite Autonomy, Oracle CRM Oracle SOA Suite, Oracle ESB, BPM, UDDI, Web Services, BEA AquaLogic Suite, EMC Storage, Content Management System (Documentum), Cisco Products, Tibco Business Works, WilyTech, Empirix, NetIQ, WebTrends, MicroStrategy Products, Business Intelligence, OLAP, Siebel Analytics, Metastorm, IBM RUP, IBM Z/OS Series, .NET Framework, J2EE, Unix, Perl, EJB,TCP/IP, SNA, OSI, XML, Virtualization, Quality Assurance, Stress Testing, Load Testing, End - To-End Monitoring, Capacity Planning, Traditional Security, Business Continuity and Disaster Recovery (DR), Data Center Operations, Application Security, Encryption and Key Management, PKI, Identity and Access Management, Large & Complex Database Design, Large Data Warehousing Projects, ETL, OLAP, Website Monitoring, Cache Management, Virtualization (VMware Horizon Suite).

PROFESSIONAL EXPERIENCE:

Confidential

Identity Access Management Architect

Responsibilities:

• Assigned to the Chief Information Officer, Enterprise Architecture group supporting an Enterprise Identity & Access Management (IAM) Initiative that enabled Confidential employees and business partners single sign - on (SSO) access to numerous cloud SaaS Applications. Office365, Intune, PIM/PAM, NetSuite, UltiPro, Salesforce, Grovo & Halogen TalentSpace.
• In this capacity, worked directly with clients to gather requirements, document solutions & design, configure the relevant Salesforce application, and ensured successful engagements and project go-lives through disciplined project management practices. Additionally, designed & implemented Identity-as-a-Service (IDaaS) solutions utilizing Service Provider Cloud methodology and platforms (Okta, SailPoint, PingIdentity, Centrify, OneLogin, Microsoft Azure Active Directory) in migrating production applications to a Software-as-a-Service (SaaS) environment by adhering to identity management Industry standard protocols such as ADFS, OAuth2, SAML 2.0, WS-Federation, and OpenID-Connect.
• Developed Identity Governance and Administration (IGA) — This included the ability to provision identities held by the service to target applications, and User-Provisioning
• Developed Access Control — This included user authentication, single sign-on (SSO), and authorization enforcement
• Developed Operational Intelligence — This included logging events and providing reporting on Access Control, Alerts, Remediation and Vulnerability Assessment
• Architect/Implemented a SIEM solution using Splunk Enterprise supporting 24x7x365 Continuous Monitoring operation for a complex Financial environment. Splunk Enterprise, Splunk Enterprise Security, ArcSight, Nessus Security-Center, Tripwire, BurpSuite and DbProtect in operating a full-featured Security Operations Center (SOC)
• Performed Governance, Risk, and Compliance (GRC) tasks encompassing Assessment, Audit, Compliance, Enterprise Risk / Risk Register, Incident Management, Issue & Remediation Tracking, Policy & Exceptions Management, Threat & Vulnerability Management and Vendor Risk

Confidential

Cloud Architect/Information Risk Officer

Responsibilities:

• Assigned to the Confidential Mellon Government Security Information Risk Management group supporting their Federal clients Confidential.
• In this capacity, supported NIST/FISMA/FISCAM/RMF/FedRAMP & Cyber Security Framework (CSF) programs encompassing Vulnerability Assessment & Management, Information Security Continuous Monitoring (ISCM) SP 800-137 and Authorization to Operate (ATO) related controls & activities.
• Performed Security Assessment & Authorization (SA&A), Cybersecurity Monitoring, Malware Analysis, Threat Analysis, Network/Host Intrusion Detection, Security Operations Center (SOC), Triage, Containment, Reviewing Nessus Scans, Remediation recommendations for high risk business systems and reporting within the NIST SP-800 61r2, Incident Response Life Cycle. Designed and implemented Identity & Access Management (IAM), Single Sign On (SSO) and SIEM technology solutions using Splunk Enterprise monitoring a Complex GinnieMae Production environments.
• Worked closely with the Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) and the Security Operations Center (SOC) team as an Splunk Architect in implementing a SIEM solution using Splunk Enterprise in a 24x7x365 monitoring a large-scale enterprise environment using numerous security tools such as ArcSight, Nessus, Tripwire, BurpSuite and DbProtect in operating a full-featured Security Operations Center (SOC). Architect/Implemented a SIEM solution using Splunk Enterprise supporting 24x7x365 Continuous Monitoring operation for a complex Financial environment. Splunk Enterprise, Splunk Enterprise Security, RSAM, ArcSight, Nessus Security-Center, Tripwire, BurpSuite and DbProtect in operating a full-featured Security Operations Center (SOC).
• Performed Governance, Risk, and Compliance (GRC) tasks encompassing Assessment, Audit, Compliance, Enterprise Risk / Risk Register, Incident Management, Issue & Remediation Tracking, Policy & Exceptions Management, Threat & Vulnerability Management and Vendor Risk. SME in various network and host-based security applications and tools, such as network and host assessment/scanning tools, network and host based intrusion detection systems, and other security software packages.
• Proficient in the following government regulations and standards: National Institute of Standards and Technology (NIST), NIST SP 800-53 rev3/rev4, Federal Information Security Management Act (FISMA), Federal Information System Controls Audit Manual (FISCAM), Gramm Leach Bliley Act (GLBA), Confidential Handbook, Sarbanes Oxley (Sox) and National Housing Act.

Confidential

Sr. Security Enterprise Architect

Responsibilities:

• Assigned to Office of Chief Information Office (OCIO) at Confidential to support the execution of Technology Office Enterprise IT Architecture and Strategic Infrastructure Group mission in providing enterprise-wide technology planning and oversight; developing and evolving technology architecture; developing and promulgating technology standards; and providing and maintaining the necessary governance, processes and discipline to ensure that Confidential is investing and using information technology wisely.
• In this capacity, Performed Market Research, Prepared Technical/Non-Technical Presentations, Generated White-Papers, and other technical advisory activities in support of Confidential ’s solution architecture and enterprise architecture activities. Contributed and participated in Confidential ’s Technical Proof of Concept (TPOC) projects encompassing FedRAMP, Enterprise Content Management, Mobile Strategy, Business Intelligence in support of Architectural Review Board (ARB) and Engineering Review Board (ERB) and their activities.
• FedRAMP Compliance & Implementation (CSP, 3PAO, Continuous Monitoring, Threat & Risk Assessment, FISMA, NIST SP 800-Series)
• Enterprise Mobility Roadmap (HTML5, CSS3, WebKit, jQuery Mobile, PhoneGap, Responsive Design, IBM Worklight Mobile Platform)
• Emerging Technologies & SOA Roadmap
• Technology Standards and Products Guide (TSPG)
• Content Management System (CMS) & Collaboration (HP Automy TeamSite, SharePoint)
• Business Intelligence Tools Comparative Analysis & Recommendation (ETL, Data Warehousing, Data Marts, OLAP, Dashboards)
• Service Oriented Architecture & Governance (Oracle Fusion Middleware Stack)
• Virtualization using VMware Horizon View (VDI), Hypervisors, Citrix NetScaler, Citrix XenApp

Confidential

Sr. Security Cloud Architect

Responsibilities:

• Assigned to the Confidential, OCIO PMO technical support team implementing a Cloud Service Model by Integrating Infrastructure Services as an eCommerce Software as a Service (SaaS) Transactional solution in supporting the Sales & Marketing, Finance, Legal, Enterprise Operations & Manufacturing department.
• Responsible for Governance, Technical Architecture, Project Management and Systems Integration for the following functional areas: Interface Design, Business Process Monitoring, Human Workflow User Interface, Business Process Management (BPM), Connectors, Transaction Manager, WS-Security, Web-Services, Application Container, Messaging Services, Metadata Repository, Naming and Directory Service and Distributed Computing Architecture.
• Oracle Fusion Middleware 11g, Oracle SOA Suite 11g, Venda Cloud Commerce Platform, MS-Active Directory Federation Services (ADFS), Security Assertion Markup Language (SAML), Single Sign On (SSO), Red Hat Enterprise Linux Server, VMware Private Cloud Solution, Cloud Lifecycle Management, Application Release Automation, Service Level Management, Dashboards and Analytics and Orchestration.

Confidential

Sr. Security Specialist

Responsibilities:

• Assigned to the US Confidential, Internal Revenue Service (IRS) and MITS-Cyber Security eAuthentication Single Sign-On (SSO) technical Support team. In this capacity worked closely with IRS eAuthentication group, Computer Associates professional services and PRIME Development organizations in Planning, Engineering, Installing, Configuring and Implementing the CA SiteMinder Web Access Manager (WAM) r12 product within the IRS Production environment.
• Worked closely with the Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) and the Security Operations Center (SOC) team as an Splunk Architect in implementing a SIEM solution using Splunk Enterprise in a 24x7x365 monitoring a large-scale enterprise environment using numerous security tools such as ArcSight, Nessus, Tripwire, BurpSuite and DbProtect in operating a full-featured Security Operations Center (SOC). SME in various network and host-based security applications and tools, such as network and host assessment/scanning tools, network and host based intrusion detection systems, and other security software packages.
• Web Access Manager (CA SiteMinder WAM)
• Policy-Governed Authentication and Authorization
• Administrative Delegation
• Identity Federation (X.509, OTP, RACF, ACF2, SAML & ADFS)
• Single Sign On (SSO)
• Identity and Access Management (IAM)
• CA Identity Manager
• CA SOA Security Manager
• WS-Security
• Non-Web Applications
• Authentication Technologies (X.509, One-Time Password (OTP), RACF, ACF2)
• Policy Decision Point (PDP)
• Oracle Java 2 Enterprise Edition (J2EE)
• Microsoft .NET Architecture
• IBM SNA, ATM & MPLS

Confidential

Sr. Enterprise Architect

Responsibilities:

• Established communication strategies among USDA Legal, Business & Technical entities: Office of General Counsel (OGC), Office of Regulatory and Management Systems (ORMS), Freedom of Information Act (FOIA), Investment Review Board (IRB), Capital Planning, Investment Control (CPIC) and Office of Chief Information Officer (OCIO) to Plan, Design and Implement Litigation Hold - eDiscovery operational requirements.
• Established, Maintained and Managed Key Documents & Procedures in Security Testing & Evaluation (ST&E) process in support of Business Continuity Planning (BCP), Disaster Recovery Planning (DRP) and Continuity of Operations Plan (COOP) initiatives. Performed Business Risks & Impact of Potential Emergencies, Application Availability, Business Continuity, Disaster Recovery & Compliance.
• Established technology and architecture related SOA policies, standards, and guidelines and provided architectural oversight and support to solution delivery teams
• Established and maintained alignment of the Enterprise technology architecture to Agency business strategy, goals and objectives, and the defined architectures of other key Enterprise architecture domains (e.g. Application, Data, Security, etc)
• Developed and maintained future state technology architectures and transition roadmaps which met the enterprise needs as identified during current state architecture analysis and the assessment of gaps and opportunities by creating the CONOPS artifact
• Collaboration with key stakeholders to translate strategic requirements into a future state vision, architectural blueprint and migration roadmap for Agency’s technology infrastructure and platform. In this capacity, Educated, Evangelized and Conducted transfer knowledge sessions regarding technology strategies, architectures and migration plans
• Facilitated the definition of, and adherence to, technical standards and usage guidelines set by OMB Enterprise Architecture Framework (FEAF), FSAM, CSAM, TRM, BRM, DRM, SRM & PRM
• Maintained an ongoing awareness of emerging technologies and industry trends to inform enterprise technology strategy and direction of agency in support Litigation Hold initiative. SOA, Oracle BPM (ADF), Cloud Computing (Private, Community, Public), Software as a Service (SaaS), Enterprise Content Management (ECM), Oracle 11g Stack, Guidance EnCase, Clearwell eDiscovery Platform, IBM, SAN, Technology Bricks, FISMA, Security Architecture, Virtualization, Business Continuity Planning (BCP), Disaster Recovery Planning (DRP), COOP strategies and Business Intelligence.

Confidential

Sr. Security Specialist

Responsibilities:

• Established, Maintained and Managed Key Documents & Procedures in Security Testing & Evaluation process in support of Business Continuity Planning (BCP), Disaster Recovery Planning (DRP) and Continuity of Operations Plan (COOP) initiatives. Performed Business Risks & Impact of Potential Emergencies, Application Availability, Business Continuity, Disaster Recovery & Compliance.
• Business Continuity Management . Policies and Procedures
• Information Classification . Identity & Access Management
• Access Control . Infrastructure & Operations Security
• Incident Response . Privacy & Data Protection
• Network Security Operations . Security Management
• Security Architectures . Vulnerability Management
• Disaster Recovery & Business Continuity . Security Governance and Management
• Risk Management . System Development Life Cycle